Nowadays, Whonix is a topic of great importance and relevance in today's world. With the advancement of technology and the speed with which news spreads, it is essential to be aware of the latest news and trends related to Whonix. Whether Whonix is a person, an event, a date or a topic of general interest, it is crucial to stay informed in order to make informed decisions and stay up to date in an ever-changing world. In this article, we will explore different aspects and perspectives related to Whonix, providing relevant and useful information for the reader interested in this topic.
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
Developer | Whonix Developers |
---|---|
OS family | Linux (Unix-like) |
Working state | Active |
Source model | Open source |
Initial release | 29 February 2012 |
Latest release | 17[1] / July 20, 2023 |
Repository | https://gitlab.com/whonix |
Marketing target | Personal Computing, Servers (onion service hosting) |
Platforms | x86, arm64 (RPi 3) |
Kernel type | Monolithic (Linux) |
License | Mainly the GNU GPL v3 and various other free software licenses |
Official website |
Whonix (/huːnɪks/, HOO-niks)[2] is a Linux distribution, based on Kicksecure OS, claimed to be security hardened by its developers.[3][4]
The operating system consists of two virtual machines, a workstation and a Tor gateway running Debian. [5][6][7]
The initial concept was announced by Patrick Schleizer under the pseudonym Proper, and later changed to Adrelanos in 2012 before revealing his identity in 2014.[8][9] His idea was to leverage a virtual machine acting as a transparent proxy to route all Internet traffic through the Tor network. This would have allowed one to mask one's IP address, prevent DNS leaks and avoid having to configure proxy settings for individual applications (or ones who do not support them).[10]
TorBOX was at its beginning only a guide released on the Tor Project website, which also provided some shell scripts.[11] Other contributors provided more information as TorBOX became more popular.[10][12]
As the project's complexity grew, leak tests became increasingly necessary. Some contributors developed utilities to automate many steps and improve user-friendliness. Nonetheless, maintaining the build instructions for TorBOX while simultaneously updating the shell scripts became too much of a burden for the developers, who decided to drop the manual creation instructions, migrating them and focusing exclusively on the shell scripts.[13]
Even then, complexity was still growing due to additional features or changes in line with security research. On March 25, 2012, with the release of TorBOX's 0.1.3,[14] the programmers agreed to completely automate the build process and improve codability with a change in the developing process, brought by a new website with better capabilities than the old project's wiki.[13]
The TorBOX/aos wiki listed seven released versions.[15] With the advent of the third release, Patrick Schleizer, acting under his pseudonym Proper, released his GPG public-key containing his contact information,[16]
The sixth version saw the first rename of the developer Proper to Adrelanos.[17] However, the former username was maintained on the Tor Website until the seventh and final version.[18]
Development of TorBOX continued until version 0.2.1, release July 16, 2012. The project was renamed the following day.[19]
Andrew Lewman, the Tor Project Executive Director at the time,[20][21] privately advised Adrelanos to rename the project, stating that even if TorBOX mentioned on its website about being unaffiliated with the Tor Project, it was still being mistaken by some people. Adrelanos renamed the project aos, acronym of "anonymous operating system".[22]
The choice of the name aos was quickly regretted and described as "suboptimal" by adrelanos. He noted that search engines did not return relevant results due to the name being shared with many other acronyms. A secondary reason was the project's name being non-capitalized, which would have made it incompatible with the grammatical convention of capitalizing a word at the beginning of a sentence.[23]
No new releases were made under the name aos.
Adrelanos posted a request for suggestions on the tor-talk mailing list. His original idea was a name which would have made the purpose of the anonymous operating system clear and at the same time avoided confusion or trademark issues.[24] Nick Mathewson, Tor Project's co-founder, debated the idea of having a self-explanatory name, stating that Tor was "doing okay" even without having a particularly descriptive name.[25]
While many suggestions were sent, Adrelanos concluded the post announcing the new name, Whonix, and publishing a signed message with his final decision on the project's website.[26][27] He reasoned that the name was unused and would have provided more results in search engines. Whonix is a compound of two words: who ("what person/s") and nix (a German word that means "nothing").[22]
Whonix 0.3.0, never released, was based on Ubuntu.[28] While Ubuntu was praised from a technical perspective, potential trademark issues would have complicated the distribution along the potential revocation of the license from Canonical. Complying with the terms requested by a rebranding[29] would have required work which was beyond the capability of the Whonix developers.[30] Moreover, the release of Ubuntu 12.10 was heavily criticized for the closer integration with the Amazon ecosystem and other privacy issues.[31][32][33][34]
The Whonix project recognized the privacy issues which would have caused a problem with the use of Ubuntu, and recommended against using it even on the host machine.[35]
The first release under the new name of Whonix happened with version 0.4.4, the first one since TorBOX 0.2.1.[36] It was rebased on Debian, which is described by the project as being "a good compromise of security and usability".[37]
The second release, Whonix 0.4.5 was the first to be announced by adrelanos on the tor-talk mailing list.[38]
In August 2014, a user called WhonixQubes announced on the qubes-users mailing list the first successful integration of Qubes OS version R2-rc2 and Whonix 8.2. Joanna Rutkowska, founder of Qubes OS, publicly stated her praise about the efforts.[39]
In June 2015, Rutkowska announced the reception of funding from the Open Technology Fund to further sponsor the porting work of Whonix to Qubes OS. The proposal to OTF was made initially in September 2014, after Rutkowska was approached by Michael Carbone, an employee of Access Now[40] and member of the Qubes OS team[41] who helped with the process.[42]
At the same time, Patrick Schleizer wrote about wanting to personally focus on the development of Qubes-Whonix.[43]
With the release of Qubes OS R3.0 in October 2015,[44] Whonix templates officially became available.[45]
In August 2020, the Tor Project announced on their edited blog post stating that they can no longer endorse Whonix due to their concerns with patterns of "tolerance for sexism, racism, and other bigotry within the Whonix community" and discouraged the users from getting involved with them.[46]
The standard version of Whonix can be used on many different platforms as host-machines, such as Windows, macOS, GNU/Linux and Qubes OS. It is downloadable in formats compatible with the most common hypervisors like VirtualBox, QEMU, KVM and Xen.[47] Whonix is reported to have experimental compatibility with VMware and Hyper-V, though not officially supported.[48][49]
The VirtualBox packages for both the Workstation and Gateway are distributed with the xfce desktop environment or in a headless "CLI" version.[50] They can be seamlessly combined.[51]
Whonix can be configured directly from the Qubes OS' installation menu since version R3.0.[45] Since at least Qubes OS R4.0 it can also be installed at a later time using the management software Salt from dom0.[52]
This section needs additional citations for verification. (August 2020) |
This section may need to be rewritten to comply with Wikipedia's quality standards, as this section uses lots of "Fancy" talk, and it may be difficult to for the average reader to understand. (January 2023) |
An "advanced" configuration uses two physically separate computers, with the Gateway running on the hardware of one of the computers, and the Workstation running in a VM hosted on the second. This protects against attacks on hypervisors at the cost of flexibility. Supported hardware platforms include the Raspberry Pi 3[53] and unofficial community efforts on the PowerPC workstation hardware, Talos, from Raptor Computing.[54]
On first startup, each VM checks to ensure that the software is up-to-date. On every boot, the date and time are set using the sdwdate secure time daemon that works over Tor's TCP protocol.[55]
The Gateway VM is responsible for running Tor, and has two virtual network interfaces. One of these is connected to the outside Internet via NAT on the VM host, and is used to communicate with Tor relays. The other is connected to a virtual LAN that runs entirely inside the host.
The Workstation VM runs user applications. It is connected only to the internal virtual LAN, and can directly communicate only with the Gateway, which forces all traffic coming from the Workstation to pass through the Tor network. The Workstation VM can "see" only IP addresses on the Internal LAN, which are the same in every Whonix installation.
User applications therefore have no knowledge of the user's "real" IP address, nor do they have access to any information about the physical hardware. In order to obtain such information, an application would have to find a way to "break out" of the VM, or to subvert the Gateway (perhaps through a bug in Tor or the Gateway's Linux kernel).
The Whonix wiki includes a collection of operational security guides for tips on preserving anonymity while online. Additionally, a number of original content guides on which security tools to use, and how to use such tools, have been added over time. This includes how to access the I2P[56] and Freenet[57] networks over Tor.
Anonymity is a complex problem with many issues beyond IP address masking that are necessary to protect user privacy. Whonix focuses on these areas to provide a comprehensive solution. Some features include: