Whonix 17 Released: Secure Linux Distribution for Anonymous Communication

By Ava McKinneyOnline Safety

Whonix 17 Released: A Linux Distribution for Anonymous Communication

The release of Whonix 17, a distribution focused on providing guaranteed anonymity, security, and privacy protection, has been announced. Whonix is based on Debian GNU/Linux and uses the Tor network to ensure user anonymity. The project’s developments are distributed under the GPLv3 license. Downloadable virtual machine images in OVA format are available for VirtualBox (2 GB with Xfce and 1.3 GB for the console version). The image can also be converted for use with the KVM hypervisor.

Key Features of Whonix

Whonix is unique in that it is split into two separately launched components:

  • Whonix-Gateway: Implements a network gateway for anonymous communications.
  • Whonix-Workstation: Provides the desktop environment.

Both components are included within a single bootable image. All network traffic from the Whonix-Workstation environment is routed exclusively through the Whonix-Gateway, isolating the workstation from direct interaction with the outside world and only allowing the use of dummy network addresses. This approach protects users from leaking their real IP address, even if the web browser is compromised or if an attacker gains root access to the system.

If Whonix-Workstation is compromised, the attacker only gains access to fake network parameters, as the real IP and DNS settings are hidden behind the Whonix-Gateway, which routes all traffic through Tor. However, it’s important to note that Whonix components are designed to run as guest systems, so there is still a risk of critical 0-day vulnerabilities in virtualization platforms that could provide access to the host system. Therefore, it is not recommended to run Whonix-Workstation on the same computer as Whonix-Gateway.

Included Software and Capabilities

By default, Whonix-Workstation provides the Xfce desktop environment. The distribution includes applications such as VLC, Tor Browser, Thunderbird with TorBirdy, Pidgin, and more. Whonix-Gateway comes with a set of server applications, including Apache httpd, nginx, and IRC servers, which can be used to set up Tor hidden services. It is also possible to tunnel Freenet, i2p, JonDonym, SSH, and VPN connections over Tor.

A comparison of Whonix with Tails, Tor Browser, Qubes OS TorVM, and corridor can be found on the project’s website. If desired, users can use only the Whonix-Gateway and connect their regular systems (including Windows) through it, enabling anonymous internet access for existing workstations.

Main Changes in Whonix 17

  • The distribution’s package base has been updated from Debian 11 to Debian 12.
  • Tor Browser has been updated to version 12.5.
  • Tor is now provided via packages from the official Debian repository, rather than the external Tor Project repository.
  • The zsh shell is now used by default.
  • Dracut has replaced initramfs-tools for creating initramfs images. Dracut is noted for its ability to automatically detect required modules and operate without separate configuration.
  • Qubes OS template names have been updated: whonix-gw-16 is now whonix-gateway-17, and whonix-ws-16 is now whonix-workstation-17.

Leave a Reply