Comprehensive Guide to Installing and Using a Safer Anonymous OS

i wasn’t sure which forum this belonged in.

today, “A Beginner Friendly Comprehensive Guide to Installing and Using a Safer Anonymous Operating System” v. 0.6 has gone online at

i plan on having a user editable version for people to amend at another url in the very near future.

the guide is based heavily around whonix. it deals with the following procedures:

  1. installing a debian host on an encrypted partition/drive.
  2. installing whonix
  3. using tor browser in whonix
  4. using keepassx in whonix
  5. using the irc in whonix
  6. using pidgin with otr in whonix
  7. using icedove with enigmail in whonix.

in order to make it as beginner friendly as possible, there are screen shots at almost every step.

1 Like

I haven’t had the time to look at your work thoroughly but at first glance it seems like a great presentation.

thanks. :slight_smile: i expect to have a wiki editable by the public up over the next week. i’ll post the link here when that is ready to go.

I’ll move this to development just because it’s way too useful to be “off topic” :slight_smile:

Wow. I’ve known for a while that, while we have a wiki page for individual topics, whonix needed a “getting started” to use after download/install. You’ve written most of that and a lot more.

My only suggestion is to divide it into sections for better readability, and so users who are already running whonix on their desktop (or want to run on their desktop but haven’t installed VB) can jump to the middle and start from there.

Hmm. It’s funny. I was just wondering about the possibility of having a disk image that could dd’ed onto a usb stick. A prebuilt image of what you’ve done in the guide: Simply dd this and you have a (minimal?)host+virtualbox+whonix ready to go. I’m not sure what the technical limitations of that are.

thanks, jason. by dividing it into sections, do you mean create new pages for each? i was debating doing that, just due to the page load times. as for your idea with dd, it’s very doable. a different set of instructions would have to be made, however, to go through copying the contents of a dd created image onto a luks encrypted disk. could knock a few steps out.

additionally, i have an open wiki installed over at http://yuxv6qujajqvmypv.onion/ as of today.

no registration needed to do any edits. i currently have image uploads disabled since i have yet to come across a good extension or hack that would prevent users from overwriting old images. i’m using the “approved revs” extension as a mild prevention against vandalism.

A table of contents with anchor links to jump to sections would help with navigation. (Let’s say I have whonix installed the “normal” way, but want to use your advice on setting it up). It’s not a big deal though.

I’ve opened up a new thread about the USB image idea:

i see. that is actually there. the clickable contents appeared after the introduction. i used the wiki tag to move the table of contents to the beginning of the page. so, it should be easier to find now. thanks for the feedback.

new chapter added to guide on using immutable drives with whonix to mitigate against malware,

Immutable drives doesn’t prevent malware in the sense, it just rollabacks to the original state of the disk image when the guest is powered off. meanwhile all changes when a guest is active are stored in a temporary diff snapshot file on you drive.

correct. it doesn’t prevent it. it mitigates the effects of malware after malware compromise to prevent it from being a persistent install that survives reboot.

Ok, THIS thread was enough for me to finally register and chime in (and I may as well, Whonix is important to me, it looks like it’s going to be my primary OS for a long time to come so I’m sure I’ll participate in these forums elsewhere!):

THANK YOU tempest for an amazing guide. I am going to follow it and install it on a 4GB USB 2.0 drive and see what happens, and how well it runs. Not right away, it’s a bit of daunting task, but I’m definitely going to get round to it in the coming days / week or two so that I have something amazing for travelling and doing Whonix on other people’s computers.

It’s really wonderful and mature and smart and wise of the security geek community to realise that USER-FRIENDLY is a step towards security for all. What’s the point in security and privacy if no one can even use the tools (and adopt them, and make them a larger anonymity set in which to hide, not to mention look less suspicious)?

thanks, peregrin.

i’ve added a beta version of a new guide that addresses whonix 10. in addition to that, i added steps for manual downloading, verifying and installing the debian installer iso for windows, os x and ubuntu. i removed the section which used unetbootin for downloading and creating a debian install disk, since there was no encryption used in that process and, thus, it was ripe for potential mitm attacks. my main concern is chapter 1b, which deals with os x. i don’t have access to os x driven machines often. the steps worked for me, but i wanted to see if anyone else ran into issues with it before going live. if anyone wants to give it a test drive and provide feedback, it’s up at http://yuxv6qujajqvmypv.onion/betadownload.html

a new web driven format for the guide will go online with the final version. the wiki was abandoned due to nobody really taking advantage of it and it creating a heavy load on server resources when activity was high. it will be straight html and separated into navigable chapters.

how’s the beta getting along, tempest? it might be worth updating http://yuxv6qujajqvmypv.onion/ as “please wait a week or two” is a bit out of date :slight_smile:

any thoughts on a similar doc for whonix+qubes on live usb?

Hey tempest.
i just tried out your new guide. im having ALOT of trouble with steps 24 onwards. my computer dosnt want to load that public key. i have typed it in 100 times. and it just keeps saying it fails. what can i do to fix this problem?
would help me out a heap.
must apprciated :slight_smile:

hey tempest.
sorry for some more bad news but ive been trying step 10+ on MAC Debian CD signing key dosnt seem to work aswell.
sorry to be the bearer of bad news.

perardua, good point. added a new update notice.

mikeMN443, can you please post the exact command you are using where you run into the errors?

New link is apparently:

Under what license is this? @tempest

100% public domain.

also, there is an onion link. http://yuxv6qujajqvmypv.onion

additional note, guide is a bit outdated at the moment due to debian migration to thunderbird and pointing to 8.7 netinst iso. the apparmor profile for thunderbird is an issue. update will be coming shortly. dirty fix at the moment is to disable or delete the apparmor profile.

1 Like

I see that the guide isn’t available right now. Is there another recommended guide on this topic or a way to access the most recent guide for Whonix 13?