I’ve been looking over at your project whonix - understanding it’s inner workings. The idea of using VMs to prevent leakage is great but doesn’t quite workout with a live USB system. For this I have an alternative design proposal that is compatible with Whonix’s security protocols.
Starting off, we get a simple minimal linux system on a USB consuming very minimal resources. Then we get either Xen or KVM running on it (still being as minimal as possible, possibly without a DE). Now we get Whonix-Workstation on this minimal system and instead of running Whonix-Gateway with it, we proxy the VM by running tor on the minimal system instead.
By doing this we preserve whonix’s anonymity (the vm doesn’t access real ip) while minimizing resource usage to make it work with a live USB.
Minimal USB System running tor with xen/kvm → Whonix-Workstation’s VM with tor proxied from the minimal system
This will probably make it work with as low as 4 gb ram and would probably be very beneficial (making the system better than tailsOS)
I’ve been thinking more about this…
The current proposal is to install a system and run whonix as normal. I would like to throw in another idea as well.
Tails + Whonix
You run tails on the USB and whonix-workstation in it (using tor from tails rather than from whonix-gateway). Though this will still consume significant amount of resources, I believe it is still better than the current proposal.