Camouflaged operating system – Whonix
Anonymous Traveler
The Whonix desktop operating system lets you use the web without revealing your identity.
Many Internet users want to protect their privacy on the Internet, without disclosing personal information unnecessarily. The special Linux distribution Whonix [1], which incorporates The Onion Router (Tor) network, lets you do so for free.
If you want to try out Whonix, your best bet is to install it on a virtual machine (VM). Although physical hardware would work just as well – and you don't even need particularly new or powerful hardware – you would need two machines, because Whonix consistently separates the Internet physically from the computer on which you work, either with the use of two VMs or two separate physical systems. It is easy to set up and use Whonix: You only need to import two VMs, and a wizard then connects them to the Tor network.
The Architecture
Two VMs or two computers form the basis of the Whonix Linux distribution. One machine used as the connection gateway to the Tor network [2] is known as the Whonix-Gateway on the Whonix network. The other machine accommodates the applications with which you work. To begin, you set up the gateway, and it then sets up the connection to the Internet instead of connecting directly to the Internet; the wizard can also connect the gateway via a proxy server.
Because the workstation is on a separate network, Whonix keeps it from being contaminated by viruses or other malware and keeps your IP address from becoming public. The Whonix-Workstation can only access the Internet via the Tor router installed on the Whonix-Gateway.
Installation and Setup
Qubes, KVM, and VirtualBox can virtualize the environment; unfortunately, VMware vSphere and Qemu cannot. The easiest way to install the two VMs, both available as OVA files, is in VirtualBox. To do so, you only need to import an appliance (Figure 1) by setting up the gateway in the first step and the workstation in the second step.
After the installing the environment, a setup wizard helps adapt the two machines to your requirements, where you can change such settings as the number of processors for the VM or the size of available memory. When first set up, Whonix launches a setup wizard that creates the connection to the Tor network (Figure 2). Also, you can define here whether Whonix should update automatically in the future.
In the course of the setup, you can also decide which repository to use. If you will be deploying Whonix in a production environment, the best choice is the Whonix Stable Repository. Alternatively, you can choose the Whonix Testers Repository or the Whonix Developers Repository.
After all the options are set up, the connection to the Tor network is opened automatically. If necessary, Whonix also downloads updates in the background. To access the latest versions, it is advisable to update the repositories first. On Whonix, you can do this by typing:
apt-get update apt-get upgrade
The gateway needs to be running for you to use Whonix; you can iconize the window without worry because there's nothing to configure.
Clicking the WhonixCheck icon makes sure everything is working and that the gateway is up to date and connected to the Tor network. If several workstations are connected to the Whonix-Gateway, the traffic can be monitored with the Arm-Tor Controller desktop shortcut. When launched, the tool shows statistics about current uploads and downloads (Figure 3).
Whonix integrates a firewall that can be set up with the Global Firewall Settings desktop shortcut. The settings are password protected – the default password is changeme – and configuration changes are by finalized by clicking on the Reload Firewall desktop shortcut.
With the Whonix Setup
icon, you can launch the wizard for connecting to the Tor network, which is necessary, for example, if you want to use a different Internet gateway for the connection. It is also possible to connect the gateway to a proxy server through the wizard.
Working with Whonix
Once the gateway is running, everything else happens on the Whonix-Workstation, which is also imported into VirtualBox as a VM, just like the gateway. To work without interruption, you will want to assign the workstation more virtual CPUs and more memory. The default username is user and the password, again, is changeme. The Tor browser downloads automatically when you first start the workstation and proceeds to install itself (Figure 4).
After launching the browser, you can see the successful connection to Tor at top right. Also, you can see that the "No Script" extension is installed, which prevents scripts running on Internet pages without permission.
In addition to your own workstation opening connections to the Internet via the Whonix-Gateway, any computer or virtual machine can use this gateway for the same purpose. For this to happen, the gateway has two network adapters. One of the adapters communicates with the public Internet, and the other adapter is for private communication with the connected workstations. Through this network interface, multiple VMs or multiple physical computers can connect to the Internet via the Whonix-Gateway without problem.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.
-
Plasma Desktop Will Soon Ask for Donations
The next iteration of Plasma has reached the soft feature freeze for the 6.2 version and includes a feature that could be divisive.
-
Linux Market Share Hits New High
For the first time, the Linux market share has reached a new high for desktops, and the trend looks like it will continue.
-
LibreOffice 24.8 Delivers New Features
LibreOffice is often considered the de facto standard office suite for the Linux operating system.
-
Deepin 23 Offers Wayland Support and New AI Tool
Deepin has been considered one of the most beautiful desktop operating systems for a long time and the arrival of version 23 has bolstered that reputation.
-
CachyOS Adds Support for System76's COSMIC Desktop
The August 2024 release of CachyOS includes support for the COSMIC desktop as well as some important bits for video.
-
Linux Foundation Adopts OMI to Foster Ethical LLMs
The Open Model Initiative hopes to create community LLMs that rival proprietary models but avoid restrictive licensing that limits usage.
-
Ubuntu 24.10 to Include the Latest Linux Kernel
Ubuntu users have grown accustomed to their favorite distribution shipping with a kernel that's not quite as up-to-date as other distros but that changes with 24.10.