Whonix 16 Released: Linux Distribution for Anonymous Communication

The release of Whonix 16, a distribution focused on providing guaranteed anonymity, security, and privacy protection, has been announced. Whonix 16 images are available for running under the KVM hypervisor. Builds for VirtualBox and for use in the Qubes OS environment are delayed (test builds of Whonix 16 are still being provided). The project is distributed under the GPLv3 license.

Whonix is based on Debian GNU/Linux and uses Tor to ensure anonymity. A key feature of Whonix is its division into two separately installed components: Whonix-Gateway, which implements a network gateway for anonymous communications, and Whonix-Workstation, which provides the desktop environment. Both components are included within a single image. Network access from the Whonix-Workstation environment is only possible through the Whonix-Gateway, isolating the workstation from direct interaction with the outside world and allowing only virtual network addresses. This approach protects users from leaking their real IP address in the event of a web browser compromise, even if an attacker gains root access to the system.

If Whonix-Workstation is compromised, the attacker only gains access to virtual network parameters, as the real IP and DNS settings are hidden behind the network gateway, which routes all traffic exclusively through Tor. However, it is important to note that Whonix components are designed to run as guest systems, meaning that critical 0-day vulnerabilities in virtualization platforms could potentially provide access to the host system. Therefore, it is not recommended to run Whonix-Workstation on the same computer as Whonix-Gateway.

By default, Whonix-Workstation provides the Xfce user environment. The distribution includes applications such as VLC, Tor Browser (Firefox), Thunderbird with TorBirdy, Pidgin, and more. Whonix-Gateway includes a set of server applications, including Apache httpd, nginx, and IRC servers, which can be used to set up Tor hidden services. It is also possible to tunnel Freenet, i2p, JonDonym, SSH, and VPN connections over Tor. A comparison of Whonix with Tails, Tor Browser, Qubes OS TorVM, and corridor can be found on this page. If desired, users can use only Whonix-Gateway and connect their regular systems, including Windows, through it, enabling anonymous internet access for existing workstations.

Main Changes in Whonix 16

• The distribution’s package base has been updated from Debian 10 (buster) to Debian 11 (bullseye).
• The repository for installing Tor has switched from deb.torproject.org to packages.debian.org.
• The binaries-freedom package is now deprecated, as Electrum is now available from the official Debian repository.
• The fasttrack repository (fasttrack.debian.net) is now enabled by default, allowing installation of the latest versions of Gitlab, VirtualBox, and Matrix.
• File paths have been updated from /usr/lib to /usr/libexec.
• VirtualBox has been updated to version 6.1.26 from the Debian repository.

For more information, visit the official Whonix website.