Hello everyone, this is my first post here so please help me if you can:) So I’m planning to set Qubes and Whonix up but I’m not sure about a couple of things. I read online that it’s more secure to use separate physical computers for the virtual machines. Is this true and if so, can I do so?
While it is possible to use physical isolation with Qubes-Whonix its not necessary. It would be more of a benefit if you were using Non-Qubes-Whonix.
See this paper by Qubes founder Joanna Rutkowska.
If your interested in learning more about physical isolation with Whonix:
You should take a look at the Qubes website. It should answer some questions i’m sure you have.
Thank you for your reply, can I ask please since I’m still learning, what would be more secure against attacks such as “phoning home” viruses? A single physical computer with Qubes/Whonix, two physical computers with Qubes/Whonix or two physical computers without Qubes/Whonix? Thank you again.
If the Whonix-Workstation was compromised an adversary would have access to all your data However, all network traffic would still be forced over Tor by Whonix-Gateway including any efforts by a “phone home virus”.
There would be some advantage in physical isolation but only if you’re an advanced user that can troubleshoot any problems that might come up.
Keep in mind you should not decide on which Whonix Variant to use based on one specific attack vector. Qubes-Whonix provides the best combination of security And usability. But if you are interested in physical isolation Qubes-Whonix style it would be a good idea to first use Qubes-Whonix without physical isolation for a while first.
There is a saying. “You have to learn the trade before you learnt the tricks of the trade” applies here.
Could you check your email please?