Design Proposal for Live Mode

Development
1

I’ve been looking over at your project whonix - understanding it’s inner workings. The idea of using VMs to prevent leakage is great but doesn’t quite workout with a live USB system. For this I have an alternative design proposal that is compatible with Whonix’s security protocols.

Starting off, we get a simple minimal linux system on a USB consuming very minimal resources. Then we get either Xen or KVM running on it (still being as minimal as possible, possibly without a DE). Now we get Whonix-Workstation on this minimal system and instead of running Whonix-Gateway with it, we proxy the VM by running tor on the minimal system instead.

By doing this we preserve whonix’s anonymity (the vm doesn’t access real ip) while minimizing resource usage to make it work with a live USB.

TL;DR

Minimal USB System running tor with xen/kvm → Whonix-Workstation’s VM with tor proxied from the minimal system

This will probably make it work with as low as 4 gb ram and would probably be very beneficial (making the system better than tailsOS)

I’ve been thinking more about this…
The current proposal is to install a system and run whonix as normal. I would like to throw in another idea as well.
Tails + Whonix
You run tails on the USB and whonix-workstation in it (using tor from tails rather than from whonix-gateway). Though this will still consume significant amount of resources, I believe it is still better than the current proposal.

2

Tails + Whonix

GitHub - aforensics/HiddenVM: HiddenVM — Use any desktop OS without leaving a trace. (project merging these two together, allowing you to use VirtualBox on Tails - and by extension, Whonix)

I can’t find this right now, but Tails had a draft to do exactly what your first idea was: a vm to do all the application work, and the host Tails would do all the networking. (it was scrapped because it was just too much work and projects like Whonix exist)

Closest you can get to this idea right now is using HiddenVM + Whonix + Tails

3

I’m aware of the hidden VM design but I believe we should provide an official ISO for whonix live just like tails. No matter the configuration, I believe, having a official package is the way to actually get people to use it. Right now, People are skeptical of whonix because they can’t run VMs or run a spyware OS like Windows or Mac so a live USB system would be an incredible offering for these normies.

4

For reference:

The design:

Also lots of discussion in forums, issue tracker.

The design is complete enough to be actionable. What’s required and most welcome is implementation, patches welcome.

Meanwhile:

5

Amazing. Whonix Host Operating System ISO was exactly what I was looking for. Will follow up on the development. There’s just this one thing that is not cleared in my mind. Why do you need to run whonix-gateway? Can’t you just proxy the workstation from Tor proxy running on the host to save resources? Wouldn’t it have the same effects on the workstation?

6

Certainly possible. We used to call that OneVM (ignore page title UniStation). Historical reasons against it:

  • Much more difficult to develop, deploy and test for the many different host operating systems.
  • Difficult to develop a download version. Could be only an installer, which had to comply with the differences in different host operating systems.
  • Guest VM can see MAC address of host?

Noways disadvantages:

  • Harder to implement from where development is now. “Just” adding a host ISO instead of a full re-design from dual VM design to a OneVM design.
  • Higher maintenance effort to keep current dual VM installation method.
  • Similar to Arguments for keeping VirtualBox Support.

Most important next steps I’d like help with:

  • build script generating ISO
  • legacy BIOS boot support
  • EFI boot support
  • SecureBoot compatibility (for compatibility/usability, not for security)

related: