Whonix
 |
|
| Developer | Whonix Developers |
|---|---|
| OS family | Unix-like |
| Working state | Active |
| Source model | Open source |
| Initial release | 29 February 2012 |
| Latest release | 13.0.0.1.4 / December 23, 2016 |
| Marketing target | Personal Computing |
| Platforms | x86 |
| Kernel type | Monolithic (Linux) |
| License | Mainly the GNU GPL and various other free software licenses |
| Official website | www |
Whonix is a Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway", running Debian GNU/Linux. All communications are forced through the Tor network to accomplish this.
Whonix is distributed as two virtual machine images: a "Gateway" and a "Workstation". These images are installed on a user-provided host operating system. Each VM image contains a customized GNU/Linux instance based on Debian. Updates are distributed via Tor using Debian's apt-get package manager.
The supported virtualization engines are VirtualBox, Qubes-OS and Linux KVM.
On startup, each VM runs a check to ensure that the software is up to date, and that the date and time are set correctly.
The Gateway VM is responsible for running Tor, and has two virtual network interfaces. One of these is connected to the outside Internet via NAT on the VM host, and is used to communicate with Tor relays. The other is connected to a virtual LAN that runs entirely inside the host.
The Workstation VM runs user applications. It is connected only to the internal virtual LAN, and can directly communicate only with the Gateway, which forces all traffic coming from the Workstation to pass through the Tor network. The Workstation VM can "see" only IP addresses on the Internal LAN, which are the same in every Whonix installation.
User applications therefore have no knowledge of the user's "real" IP address, nor do they have access to any information about the physical hardware. In order to obtain such information, an application would have to find a way "break out" of VirtualBox, or to subvert the Gateway (perhaps through a bug in Tor or the Gateway's Linux kernel).
...
Wikipedia