[tor-talk] Tor as a network filter

WhonixQubes whonixqubes at riseup.net
Sun Feb 8 10:07:08 UTC 2015


On 2015-02-08 9:29 am, spencerone at openmailbox.org wrote:
> Is there any risk to this [Whonix on a VM] like with Tails, or is
> Whonix built to function this way?


Hi!

Whonix is optimized to run as virtual machines.

It does also run on physical machines, but is optimized for VMs.

Whonix is currently based on Debian.


There are two VMs that come with Whonix.

Whonix-Workstation and Whonix-Gateway

The Whonix-Workstation is where your user applications run. You can 
alternatively use other OS desktop environments than the 
Whonix-Workstation. But this one is optimized for ensuring proper Tor 
anonymity.

The Whonix-Gateway is where the Tor service runs and all internet 
traffic from your other desktop VMs gets forced/filtered through the Tor 
connection.

This TwoVM configuration of a separate Gateway and separate Workstation 
makes it so that the Tor connection cannot be bypassed. For example, by 
malware or misconfigured apps that might otherwise leak your IP address 
or MAC address if it could break out of the VM and Tor isolation.


Hope that helps!

WhonixQubes


More information about the tor-talk mailing list