Whonix 17.2 Released: Secure Linux Distribution for Anonymous Communication

The Whonix project has announced the release of Whonix 17.2, a Linux distribution focused on providing guaranteed anonymity, security, and privacy protection. Based on Debian GNU/Linux, Whonix uses Tor to ensure anonymous communications. The project is distributed under the GPLv3 license. Downloadable virtual machine images are available in OVA format for VirtualBox (2.1 GB with Xfce desktop and 1.4 GB for the console version). The image can also be converted for use with the KVM hypervisor.

Key Features of Whonix

Whonix is unique in its architecture, splitting the system into two separately bootable components:

• Whonix-Gateway: Implements a network gateway for anonymous communications.
• Whonix-Workstation: Provides the desktop environment.

Both components are included in a single bootable image. All network traffic from Whonix-Workstation is routed exclusively through Whonix-Gateway, isolating the workstation from direct interaction with the outside world and only allowing the use of virtual network addresses. This design protects users from real IP address leaks, even if the web browser is compromised or an attacker gains root access to the system. If Whonix-Workstation is breached, the attacker only obtains fake network parameters, as the real IP and DNS settings are hidden behind the gateway, which routes all traffic through Tor.

It is important to note that Whonix components are intended to run as guest systems. There remains a risk of critical 0-day vulnerabilities in virtualization platforms that could potentially provide access to the host system. Therefore, it is not recommended to run Whonix-Workstation and Whonix-Gateway on the same physical computer.

Included Software and Use Cases

Whonix-Workstation comes with the Xfce desktop environment by default and includes applications such as VLC, Tor Browser, Thunderbird with TorBirdy, Pidgin, and more. Whonix-Gateway provides a set of server applications, including Apache httpd, nginx, and IRC servers, which can be used to set up Tor hidden services. Tunneling over Tor is supported for Freenet, i2p, JonDonym, SSH, and VPN connections.

A comparison of Whonix with Tails, Tor Browser, Qubes OS TorVM, and corridor can be found on the project’s website. Users can also use only the Whonix-Gateway to connect their regular systems, including Windows, through it, enabling anonymous internet access for existing workstations.

Main Changes in Whonix 17.2

• Updated builds based on Kicksecure, a hardened distribution that extends Debian with additional security mechanisms and settings (AppArmor isolation, updates via Tor, PAM tally2 module for password protection, increased entropy for RNG, SUID disabled, no open network ports by default, KSPP recommendations, CPU activity leak protection, and more).
• Default connection to the Tor network is now enabled (no need to run the connection wizard on first boot). Users who require a direct connection can use the ACW (Anon Connection Wizard) separately.
• The Whonix-Firewall has migrated from iptables to nftables.
• Improved IPv6 support.
• Continued development of the experimental Whonix-Host live build with an installer, based on Kicksecure, designed to provide a secure host environment for running Whonix-Gateway and Whonix-Workstation virtual machines.
• Updated versions of Tor and Tor Browser.
• Added support for the decentralized P2P network Bisq 2, intended for cryptocurrency exchange and trading.
• Updated templates for Qubes OS.
• Switched from pulseaudio to pipewire.
• Traffic is now routed through Tor using tinyproxy and the SOCKS protocol.
• When running under the KVM hypervisor, the default RAM for Whonix-Gateway is now 1280 MB and for Whonix-Workstation is 2048 MB, matching previous VirtualBox settings.

For more information and downloads, visit the official Whonix website.