CIO

Whonix: An OS for the era of Anonymous and Wikileaks

Whonix is an operating system that uses a novel virtual machine setup to help preserve a user's anonymity while using the Internet
Image: http://www.flickr.com/photos/thinkanonymous/ (Creative Commons)

Image: http://www.flickr.com/photos/thinkanonymous/ (Creative Commons)

Anonymity is an increasingly scarce commodity. Google's latest Transparency Report revealed government requests for data about users of its online services are increasing. It's not hard to find examples of threats to privacy — either intentional or unintentional.

However, for almost as long as there have been concerns about protecting privacy on the Internet, there have been tools available to do the job. In many cases these tools, such as GPG and Tor, are available for free. But it is one thing to have access to these tools, and another to cobble them together into an effective solution that preserves your identity from prying eyes.

Whonix is a project to build an operating system that will offer the maximum privacy and anonymity possible straight out of the box. Its creator, 'Adrelanos', says the aim is to make it as hard as possible for privacy-conscious users to make missteps when it comes to remaining anonymous. "It also provides loads of documentation and possibilities for interested users to make it even more secure," he says.

Linux distro spotlight: Mageia
Linux distro spotlight: OS4 OpenDesktop
OpenStack: Building a more open Cloud
UNSW project spotlights text mining, language analysis
Hadoop: How open source can whittle Big Data down to size

Adrelanos says the project began because he wanted to run more than just a basic browser over the Tor network. At the time, online guides to remaining anonymous could often be contradictory.

"Running applications directly on a user's operating system was implicitly assumed," Adrelanos says. "Some people would argue for using proxy settings or a socksifier. Other argued that applications might not honour proxy settings or that there could be bugs in the socksifier, or even protocol leaks."

The guides on the topic were often partial and not updated to take new developments into account. "One guide had this precaution and another included different precautions, but none really included all important considerations," Adrelanos says.

The guides were also complicated and made a lot of assumptions or missed out important details. ("The left questions open like: How do I run the Tor Browser bundle behind a transparent Tor proxy while preventing Tor over Tor?" Adrelanos says)

"Starting fresh with a wiki page on the official Tor homepage looked like a good idea to me, to allow others to check if I badly messed up or to let others improve the guide so everyone profits."

"In the beginning the [Whonix] project wasn't even called project," he says. "It was called a guide named TorBOX and was a simple wiki page in the Torproject.org wiki." The original guide was created in January 2012.

"This guide became more and more sophisticated and because manually following the steps in it took a lot of time, shell scripts to make it easier were created by Anonymous. As building it became more time consuming and more complicated, and as more people became interested, the first binary builds were created by Anonymous."

Whonix itself is a virtualised operating system based on Debian GNU/Linux and uses VirtualBox for the hots VMs. It uses a dual VM design: The primary VM (Whonix-Workstation), which runs end-user applications, and a gateway (Whonix-Gateway) through which all network requests from the workstation VM are channelled, and which uses the Tor network.

"The Whonix-Workstation has, on purpose, no ability to find out its own real IP address," Adrelanos says. "This is because it has no direct network connection and can only connect to Tor on the Whonix-Gateway. The main goal is to stay anonymous. To hide the IP [address]."

"Technically 'IP hiding' is impossible." he adds. "It can only be replaced with another IP, and the Tor network was the best tool I found for this purpose. So the question was, how do I hide the IP from applications, if I am unable for technical and/or time reasons to check and/or modify all the applications in a very detailed manner?

"The transparent Tor proxy, where the applications have no way to find out the real IP address and can only find out their Tor exit node IP address, looked like the best approach."

In addition, a whole computing environment dedicated to anonymity is less likely to be confused with a user's standard computing environment, Adrelanos says, preventing inadvertent privacy breaches.

Page Break

While Whonix utilises Tor, it can offer advantages over a purely Tor-based approach, particularly when it comes to the dangers of applications or browser plug-ins, such as Flash and Java, leaking IP addresses. Because of the sandbox setup, applications running on Whonix-Workstation can at worst only leak the IP addresses of the internal (virtual) network.

Because it's a project that focused on anonymity and privacy, it is hard to get a picture of its user base; however, there have been approximately 14,000 downloads of Whonix-Gateway 0.45 directly from the project's Sourceforge homepage. (This number doesn't reflect those who built the project from source code or downloaded from mirrors.) "This is not a bad number, because the Tor network in total has 500,000 users," Adrelanos says.

As for who is using it, that is, naturally, even harder to know, Adrelanos says: "Use cases have included journalists, admins of hidden services [sites whose address is obfuscated by the Tor network], businesspeople, activists, hackers (however that word is defined and understood), people who want to protect themselves from hackers (or crackers), users who just want to protect their privacy..."

The task list for the project is "endless," Adrelanos says. He plans to improve pretty much every aspect of Whonix, including increasing privacy and making it more resistant to more sophisticated attacks, adding multi-language support (both for the OS itself and the website), improving the documentation, working on an encrypted USB installer, adding an updater for the OS, and working on a graphical gateway.

There's no funding and very few contributors (of the three or so people who started the project, Adrelanos is currently the only active developer), but Adrelanos says progress "will remain steady". (Though he adds "there are no promises about what gets finished and what gets done, and what may never get done...")

He's keen for more contributors to join the project and says it's easy to get involved (Whonix has a page explaining how people can get involved.) Even contributing to the technical side is not that difficult, Adrelanos says. "Whonix mainly consists of application configuration files and Linux shell scripts. No real programming (in C or assembler) is involved yet. I believe developing something like Tor, Firefox, drivers, a compiler etc. is much more difficult than developing Whonix."

Project: Whonix
Version: 0.45
Licence: GPLv3
Homepage: http://sourceforge.net/p/whonix