The latest release of the Whonix 18.1 distribution kit, designed to ensure anonymity, security, and protection of private information, is now available. This distribution is based on Debian GNU/Linux and utilizes Tor to guarantee anonymity. The project’s developments are distributed under the GPLv3 license.
For download, images of virtual machines have been prepared in ova format for VirtualBox (2.6 GB with LXQt and 1.6 GB console) and qcow2 for the KVM hypervisor (3.8 GB with LXQt and 2.2 GB console). The images can be found at this link for VirtualBox and this link for KVM.
Whonix divides its distribution into two components – Whonix-Gateway, which acts as a network gateway for anonymous communications, and Whonix-Workstation, which provides a desktop environment. These components are delivered within a single boot image and run in separate virtual machines. The network access from the Whonix-Workstation environment is only allowed through the Whonix-Gateway, isolating the work environment and allowing the use of fictitious network addresses. This setup ensures the protection of the user’s real IP address in case of a security breach.
In the event of a breach in Whonix-Workstation, the attacker would only obtain fictitious network parameters, as the real IP and DNS details are hidden outside the network gateway in the Whonix-Gateway, which routes traffic exclusively through Tor. However, it’s essential to note that Whonix components are meant to run as guest systems, and the possibility of exploiting virtualization vulnerabilities that could compromise the host system should be considered. Therefore, it’s recommended not to run Whonix-Workstation on the same computer as Whonix-Gateway.
Whonix-Workstation comes with the LXQt user environment by default and includes programs such as VLC and Tor Browser. Whonix-Gateway features server applications like Apache httpd, ngnix, and IRC servers, which can be used to set up Tor hidden services. Users can also forward tunnels over Tor for services like Freenet, i2p, JonDonym, SSH, and VPN. Additionally, users can connect their regular systems, including Windows, through the Whonix-Gateway for anonymous access to their existing workstations.