The release of the Whonix 16 distribution kit , aimed at providing guaranteed anonymity, security and protection of private information, took place. Whonix boot images are built to run under the control of the KVM hypervisor . Builds for VirtualBox and for use on the Qubes operating system are delayed (while Whonix 16 test builds continue to ship). The developments of the project are distributed under the GPLv3 license.
The distribution is based on Debian GNU / Linux and uses Tor to ensure anonymity. A feature of Whonix is the division of the distribution into two separately installed components – Whonix-Gateway with an implementation of a network gateway for anonymous communications and Whonix-Workstation with a desktop. Both components ship inside a single boot image. Access to the network from the Whonix-Workstation environment is made only through the Whonix-Gateway, which isolates the work environment from direct interaction with the outside world and allows only fictitious network addresses to be used. This approach protects the user from leaking the real IP address in the event of a hacked web browser or even exploiting a vulnerability that gives an attacker root access to the system.
Hacking Whonix-Workstation will only allow an attacker to get bogus network parameters, since the real IP and DNS parameters are hidden outside the network gateway, which routes traffic only through Tor. It should be borne in mind that Whonix components are designed to run in the form of guest systems, i.e. the possibility of exploiting critical 0-day vulnerabilities in virtualization platforms that can provide access to the host system is not excluded. Therefore, it is not recommended to run Whonix-Workstation on the same computer as Whonix-Gateway.
Whonix-Workstation provides a custom Xfce environment by default. The package includes programs such as VLC, Tor Browser (Firefox), Thunderbird + TorBirdy, Pidgin, etc. Whonix-Gateway comes with a set of server applications, including Apache httpd, ngnix, and IRC servers that can be used to run Tor hidden services. Forwarding over Tor tunnels is possible for Freenet, i2p, JonDonym, SSH and VPN. Comparison of Whonix with Tails, Tor Browser, Qubes OS TorVM and corridor can be found on this page . If desired, the user can use only Whonix-Gateway and connect through it their usual systems, including Windows, which makes it possible to provide anonymous logoff for workstations already in use.
Whonix 16 Major changes:
- The distribution package base has been updated from Debian 10 (buster) to Debian 11 (bullseye).
- The repository for installing Tor has been switched from deb.torproject.org to packages.debian.org.
- The binaries-freedom package has been deprecated as electrum is now available from the regular Debian repository.
- The fasttrack repository is enabled by default (fasttrack.debian.net) through which you can install the latest versions of Gitlab, VirtualBox and Matrix.
- File paths have been updated from / usr / lib to / usr / libexec.
- Updated VirtualBox to version 6.1.26 from the Debian repository.