Just insalled Whonix, have a few questions please

1)What operating system should I run Whonix on? I know Qubes is the obvious choice, but my computer is not fast enough for that, it does not even meet minimum requirements. Does any Linux O/S work or is there some more secure than others? By secure, I am just looking to stay anonymous.

2)I noticed that a lot of people set up their own Whonix builds. I do not know much about Linux or computers at all. Do I have to set up my own build or can I just install the default gateway/workstation and not mess with it in order to stay anonymous? I just know that Linux is unforgiving and anything you type into the console will do exactly what you tell it. So if you mess up, you can punch holes in your own setup and I am not looking to do trial and error.

3)Is it true that most USA ISP’s flag you if you use TOR? Reason I ask is because I read that Whonix Torrifies everything. So does that mean that if I go on the internet with Whonix, my account automatically gets flagged?

Thank you.


Welcome to Whonix.

1) This link will answer your first question.

Short answer: Install Debian. Take some time to harden the host OS if you can.

The only thing I don’t like about Debian is installed services are turned on by default. That is not the case in most other Linux distros.

https://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html Why are all services activated upon installation?

That’s just an approach to the problem of being, on one side, security conscious and on the other side user friendly. Unlike OpenBSD, which disables all services unless activated by the administrator, Debian GNU/Linux will activate all installed services unless deactivated (see Disabling daemon services, Section 3.5.1 for more information). After all you installed the service, didn’t you?

There has been much discussion on Debian mailing lists (both at debian-devel and at debian-security) regarding which is the better approach for a standard installation. However, as of this writing (March 2002), there still isn’t a consensus.

PS Don’t install that malicious malware posing as an OS - otherwise known as Windows.

2) After setting up Debian on your host, use the link below and just follow the directions to get up and running.

Most people just download and verify the Whonix Workstation and Gateway images and import them straight into VirtualBox (usually), or KVM (less often). Easy, quick, and the default set-up will work straight out of the gate.

Make sure you follow the post-install documentation and check out the Whonix security guides for better security.

Staying anonymous is not a just a software or hardware solution. It relies on hardening your system and following guides in documentation to not shoot yourself in the foot. E.g. search for the “Do Not” Whonix guide for example.

3) I think it’s fair to say that every country has turned into (or is turning into) a police state. So, pretty well all Tor use makes you interesting, no matter the location.

Automated systems are already in place with intelligence mobs to flag all encrypted communications e.g. Tor, encrypted emails and so on to set it aside for future cryptanalysis. That is no conspiracy theory, but conspiracy fact.

Basically the shadow state’s motto is Nancy Reaganesque:

“Just say no to crypto!”

If Tor use is dangerous or deemed suspicious, use a bridge - but that is also an imperfect solution. You could try other solutions like User → VPN → Tor (see the guides), but that can harm your anonymity and security (it’s unclear).

As an aside…

Now let me put on my tin foil hat for a second. This view is not endorsed by Whonix yada yada.

The difference re: Tor use is some states will lock you up just for using it, while other states probably just routinely hack your ass surreptitiously or run network analysis with end-to-end traffic & timing confirming statistically that it’s you over at mylittlepony.com, even with HTTPS.

7.5 billion people and only a little over 2 million using Tor daily. Not good numbers.

If I was Dr Evil working for the totalitarian state in my windowless underground chamber, I would simply flag all Tor use at the network level and hack each endpoint with my cant-be-stopped toolset paid for by your tax dollars. You know, the one doing the rounds right now, after they got their own asses hacked.

I’m sure that mass targeted attacks on the entire Tor user population will be confirmed in the coming years. Probably with improvements in automated attacks.

What can I say, I’m an optimist. :wink:

If your activities are critical and risk being locked up for whatever reason, then being a stationary target isn’t advisable. That kind of situation would require TAILS. Then, it’s incumbent on the state to prove that you were whistleblower X on random computer Y at time Z. Much harder.

Right, you get already flagged noways if you go to opposition view websites or this page or a lot others. Asking about getting flagged gets you flagged. So don’t worry about being flagged and make sure everyone is getting flagged so the flag is getting useless.

1 Like