Secure communication on the Internet with Whonix
Workstation
Use the Whonix workstation for anonymous surfing of the Internet. After booting, the system – like the gateway – will start the whonixcheck program to check system parameters. For whonixcheck to complete successfully, the Whonix gateway must be active, because the workstation uses its isolated network to access the Internet. Without a properly working gateway, Whonixcheck exits with an error message.
Like the gateway, the workstation also comes with KDE desktop version 4.14.2 configured for the US keyboard layout. The following steps are already known: Go to System Settings | Input Devices to enable your choice of keyboard layout if needed, then type
sudo apt-get dist-upgrade
to install all the pending updates.
Next, click on the Tor Browser (AnonDist) desktop icon. Whonix opens a dialog for the cryptographically verified installation of the Tor browser: It is missing on the VM because of the fast update cycles. The script always gives you the latest version of the browser; the routine lets you select from multiple versions. The Tor browser is downloaded via the Tor network, which is much slower than using a direct connection (Figure 6).
During the session, you can trace the entire data transfer very conveniently on the Whonix gateway. You can call monitoring by clicking on Arm - Tor Controller. A straightforward ncurses screen displays the transfer rates, as well as various statistical data for the active Internet connection and system resources (Figure 7).
Test
After installing the Tor browser, the Tor Browser (AnonDist) icon is now ready for use on the desktop; otherwise, only two launchers for chat applications can be found on the desktop. Even the submenus lack the usual applications and only show you the software for online applications, such as video and audio players or a PDF viewer.
To verify the security of your Internet access, enter http://www.ip-check.info in the Tor browser address bar. After a detailed examination of the connection parameters, you will see a list of components relevant to safety (Figure 8). To avoid the kind of insecure technologies that websites tend to use, the Tor browser uses the NoScript and HTTPS Everywhere extensions, which stop scripts and unencrypted connections.
Conclusions
You can achieve a high degree of anonymity on the Internet by deploying Whonix on conventional Linux systems. Unlike special external solutions, such as hardened distributions on USB flash drives that only work in read-only mode, Whonix is also suitable for machines running from a hard drive, saving the user the trouble of booting to change to the secure system. Whonix is fully isolated from the host PC so that no data exchange can take place between the Whonix VM and the host – whether wanted or unwanted.
The Whonix developers always keep the Debian derivative up to date. Tough hardware requirements, thanks to VirtualBox, and having to run two VMs are the only shortcomings. For a smooth experience, the computer should have a reasonably recent processor and enough RAM and disk space. If these conditions are fulfilled, Whonix is one of the best ways of establishing an anonymous Internet connection at any time.
Infos
- Whonix for VirtualBox: https://www.whonix.org/wiki/VirtualBox
- VirtualBox download: https://www.virtualbox.org/wiki/Linux_Downloads
- Whonix for KVM: https://www.whonix.org/wiki/KVM#Landing
- Verifying the download: https://www.whonix.org/wiki/VirtualBox/Verify_the_virtual_machine_images_using_the_command_line
- Documentation: https://www.whonix.org/wiki/KVM#Why_Use_KVM_Over_VirtualBox.3F
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.
-
System76 Unveils an Ampere-Powered Thelio Desktop
If you're looking for a new desktop system for developing autonomous driving and software-defined vehicle solutions. System76 has you covered.
-
VirtualBox 7.1.4 Includes Initial Support for Linux kernel 6.12
The latest version of VirtualBox has arrived and it not only adds initial support for kernel 6.12 but another feature that will make using the virtual machine tool much easier.
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.