How safe is it to use unsafe programs inside whonix?


Ok, so I’m new to whonix. So, here’s what I understand, and please correct me if I’m wrong. Whonix makes it almost impossible for any program to connect to the internet not through tor, or to know my real IP. Moreoever, whonix is configured with various security measures and recommends using a specific set of programs which have been checked (and perhaps configured) to be safe.

However, my question is, how dangerous is to use any unsafe program inside whonix, like e.g. any file sharing program, instant messenger, email client, web browser or whatever. Let’s take the worst scenario - the program I run is a spyware that will just try to give all the info it can get about my machine. Why should I be too troubled by it? It can’t know my real IP or anything outside the VM, it can’t connect to the internet not through tor. So, in the worst case scenario, someone will know everything about my whonix VM, but he just won’t know my real IP (and therefore who I am). So, unless there’s anything about the content itself inside the VM that I wish to hide, and unless there’s any stream isolation I’m interested in to people can’t connect my identities/activities, there shouldn’t be a real problem with it. Am I right?

If so, I’d even take it a step further: what if I run any VM (non-whonix, say even Windows) and use whonix-gateway as my gateway. Wouldn’t the same apply here? Wouldn’t it be safe? I can’t see why not…


It’s a good question.

We have this page https://www.whonix.org/wiki/Install_Software but I guess it could be improved.

Basically, there are security risks and privacy risks.

Security: if the application is malicious or unsafe and getting compromised, a skilled attacker could compromise your whole system and deanonymize you.



Thanks for the answer, and sorry for my late reply.

I’ve gone through the info and links you referred me to. Then indeed all contain valuable info. Bottom line - it seems to only strengthen my estimation that, given the limitations I stated, it would be indeed safe to use unsafe programs inside whonix, or even, for that matter, to use Windows with whonix-gateway as its internet gateway. The risks that remain are then, essentially, having all 3 tor nodes being compromised, or having some serious bugs in whonix and/or by virtualization software and/or my host/os that will let the virtual workstation (that connects through whonix-gateway) machine somehow leak my real IP or real DNS. However, I got the impression that such risks are very unlikely, and please correct me if I’m wrong.