Hello,
Is it safe to use my host web browser, email, etc. at the same time with Whonix? For example, I want to send an email from my regular account, but at the same time I want to use IRC in Whonix. Actually, I was thinking about using various host services like web browser at the same time as Whonix in KVM. My work is such that I need to use both at the same time.
I use a Linux host with Whonix in KVM.
Thanks
There are 2 main risks with making anonymous & non-anonymous connections at the same time.
Read this first: Tips on Remaining Anonymous
Especially this and this.
Correlation risk: This is true even when using separate machines to make anonymous & non-anonymous connections. We are all creatures of habit - every morning you connect to certain services on your host and certain services through Tor. When you go on vacation, you might be conspicuously absent on both. Over time, it becomes easier to make the link. Also, when you do this on a single machine and your connection drops, you’ll be disconnected from everything at the same time.
User Error: Browsers look alike. Very easy to confuse one for the other. Some tips to lessen this risk:
- Use separate monitors or virtual desktops to reduce confusion.
- Use different background images or colors on each.
- Use Qubes and assign different border colors to your windows.
- Disable clipboard sharing to prevent accidental copy/paste.
Dear entr0py
Thank you very much for your reply. It’s very useful and thorough. I’d tried to read as much as possible of the Whonix documentation, but the links you posted were all new to me. I’m really grateful. I understand the risks the wiki articles mention and the fact that we need to be extremely careful when communicating over Tor network. Even using Whonix alone with TBB poses risks if we are not aware what we are doing - using it with non-anonymous host system doubles the threat.
Unfortunately, I have to use both clearnet on my host and TBB, chat, mail and other services on Whonix. That won’t be all the time - in most cases it won’t - but sometimes it will for extended periods of time.
I’m glad that there is no obstacles in technical terms like IP leaks or something that would lead to leaking my Whonix work to my regular work and vice versa. The two connections will be two totally different things/identities, and I won’t be visiting the same websites, email servers, chat rooms etc.
Also, I plan to use different workspaces on desktop.
I have only one question at the end. I really like Whonix and am thinking about using it as my main OS. Do you think using Tor network all the time - so basically switching to Tor for good - could be a good or a bad idea.
Thank you very much for your time and effort.
In most cases there will be no practical way to know and prevent this. Explained under Tips on Remaining Anonymous, google analytics etc.
Thanks Patrick - now it clicked!
I guess I’ll do some research on the Qubes OS with Whonix combination, something that entr0py suggested. That option sounds much more secure to me than using regular Linux distribution + Whonix in VM.
Thanks again
Sadly, I have trouble finding pages I know exist. Friendlier wiki is on the way.
Yes, AFA(we)K - not directly.
Things to think about:
Would it be more suspicious where you live if you only generated encrypted or Tor traffic?
Do you intend to disappear from the “grid” completely? Or will you continue to use the internet for inherently non-anonymous and/or privacy-violating services: social media / google / apple / microsoft accounts, emails to people that link back to you, conventional banking, skype, etc. All of these things can be used over Tor but to avoid the risks discussed earlier you would still want to separate anonymous & non-anonymous activities even when everything is routed over Tor. If you normally log into your bank over https, what advantages do you gain by making the connection over Tor? Are you trying to hide the fact that you use Internet Banking from your ISP / Gov’t?
Will you connect to non-https sites? If you trust your ISP more than an anonymous Tor exit node, it might be safer not to use Tor.
What is your threshhold for frustration? Sometimes Tor relays are fast, sometimes they are slow. Do you want to stream HD videos? Many sites block Tor exit nodes or require captchas. (Try linuxquestions.org - I give you 1 in 5 chance of getting through). If you do a lot of internet shopping, nearly all sites require using a non-proxy IP address.
Besides the speed, nearly all of Tor’s limitations can be dealt with if you have the time & energy to invest in learning how to use tunnels. You’ll also want to practice compartmentalization of identities as well as software/hardware.
Thanks entr0py
I thought that if I switched to Tor traffic completely it would actually be less suspicious. This way, I’d be on Tor all the time and if someone asked why, I could just say that I want to be more secure and anonymous online because of work. Using Tor network from time to time could be more suspicious than being on Tor all the time, at least that’s how I see things. But then, If I only use it from time to time… Tough one really.
No. I don’t plan to disappear. Just to make all my traffic more secure. (Maybe I’m just too paranoid)
Exactly. I just plan to carry on with all my previous activities as before. I wouldn’t change that.
Yes, of course. That’s why I asked if it’s possible to use non-anonymous services together with the anonymous ones at the same time without being compromised. I was thinking about technical aspects of the thing, but now I see that there is much more to it than IP leaks, like social life etc. Some food for thought definitely…
No advantages at all I think, and no, I definitely don’t want to hide the fact that I use internet banking from my ISP / Gov’t. That would be pointless, wouldn’t it? I might even get in trouble if my bank suspects I’m trying to do something wrong.
Yes, many sites I regularly visit are not https.
Yes, I’ve experienced this slowness. Sometimes it can be really frustrating.
Been there too. It was impossible to open Twitter and Facebook accounts because they asked for my phone number (What kind of anonymity would that be if I had given them my phone number) Also, many sites simply refused to let me in - they didn’t even bother with captchas.
No, I won’t give it up. I’ll keep learning and practicing. Actually, I want to learn as much as possible. I do have enough time and hopefully energy to learn about all the things you mention, but I lack knowledge obviously. The wiki (although you might disagree with me a little 
) is great and I learned a lot from it. And I only scratched it!
Again, thank you very much for you time to answer my questions and show me the sides of using the system that I didn’t think of.
EDIT: I just realised that I only mentioned the wiki as being useful for learning. Apologies to all contributors to the Whonix forum. The forum is just as great.