Since my original release of Qubes + Whonix back in late August 2014, some interesting developments have happened that I’m excited to share with everyone!
Qubes + Whonix Primary Sources:
The primary sources of Qubes + Whonix information are located at:
- User Documentation: whonix.org/wiki/Qubes
- Dedicated Forum: whonix.org/forum/Qubes
Qubes + Whonix Summary:
First a summary of what Qubes + Whonix is about…
The Whonix OS (whonix.org), based on Debian, like Tails or TorVM, torifies all of your internet traffic at an OS level, preventing remote leaks of unique identifiers, such as your IP address, MAC address, hardware serials, etc, designed with hardcore anonymous threat models in mind.
The Qubes OS (qubes-os.org) is a security focused, user friendly virtualization platform, based on Xen, which offers hardcore isolation of your system level resources and VM desktops, even helping to prevent serious endpoint attacks, such as kernel compromises, BadUSB, Evil Maid, etc.
Qubes + Whonix is the beautiful marriage of these two hardcore security and anonymity focused platforms, for the aim of integrating the best in endpoint security and internet torification. Qubes + Whonix runs as dual VMs, inside of Qubes, isolating the Whonix-Workstation (user desktop applications) and the Whonix-Gateway (Tor networking proxy), all within one single host machine.
Inside Host: Whonix-Workstation –> Whonix-Gateway –> Torified Internet
You can even establish multiple Whonix-Workstations and Whonix-Gateways for multiple independent and isolated Tor identity environments.
Qubes + Whonix News:
Now on to the news…
Whonix 9 Availability:
Whonix 9 was recently released which brought several system level improvements over the prior Whonix 8.2, and helped us further streamline our Qubes + Whonix implementation.
Qubes + Whonix 9 is now supported and available with step-by-step install guides here:
New Whonix Source Code Install Guide:
In addition to our step-by-step install guide for importing the Whonix binary images, we now offer a new step-by-step guide for installing from Whonix source code.
This is a great option for those who would prefer not to trust binary VM images or who would like to customize their build of Whonix.
New Whonix Qubes Forum:
At the personal request of Patrick Schleizer (Whonix founder), I have become the official maintainer of Qubes + Whonix for the Whonix community.
Along with this, we have recently launched a new dedicated forum space for Qubes + Whonix community, support, and development. It is being hosted as part of the Whonix forums at:
Over the past few weeks, several people from around the world have begun learning about, installing onto their computers, and getting excited about the advantages of the newly combined Qubes + Whonix platform.
Feel free to come join us and help improve the Qubes + Whonix platform!
New ProxyVM + AppVM Development:
My initial port of Whonix to Qubes was only achieved mere weeks ago in late August 2014. The initial focus then was just on getting it up and running. It was a barebones implementation which included a number of compromises. The primary compromise being that I utilized a dual Standalone HVM (HardwareVM) architecture in Qubes for the Whonix-Gateway and Whonix-Workstation.
I’m happy to annouce that we have an awesome contributor/developer, nicknamed “nrgaway”, who got inspired after seeing my initial Qubes + Whonix release and is now actively working to take the architecture of Qubes + Whonix to the next level.
The optimal Qubes architecture for Whonix is not to use dual HVMs, but, rather to utilize the native Qubes ProxyVM + AppVM configuration.
Our new hero, nrgaway, is actively working on implementing Qubes + Whonix as a native ProxyVM + AppVM configuration. The Whonix-Workstation will be the desktop AppVM that connects through the Whonix-Gateway as a torifying ProxyVM inside of the ultra secure Qubes virtualization platform.
The big benefits of this new ProxyVM + AppVM architecture will likely be:
- - Easy and fast GUI-based setup of new Whonix VMs from pre-configured templates
- - Native integration with Qubes user friendly desktop features, like:
- - Native Qubes application isolated desktop windows
- - Application shortcut menus in launcher
- - Dynamically resizable application windows
- - Secure VM-to-VM file move/copy user interface
- - Easy GUI-based start/stop of Whonix VMs
We are supporting and cheering nrgaway on in his continued awesome work to develop this next paradigm shift for Qubes + Whonix that all of us will greatly benefit from!
You can follow along and join us in furthering this exciting development work in the Whonix Qubes forum here…
ProxyVM + AppVM Development thread:
Genuine Interest in Offical Qubes OS Integration:
Joanna Rutkowska (Qubes founder) has much appreciated our Qubes + Whonix work.
As recently annouced with their Qubes R2 final release, the Qubes team is now officially working with an esteemed board member of the Tor Project, privacy expert, Mr. Caspar Bowden, to further the adoption and optimization of Qubes as a strong platform for privacy services and applications.
And, along these same lines, Joanna has expressed interest to me for wanting to integrate Whonix and TorVM as super simple clickable user experiences, pre-installed and pre-configured, into the official Qubes OS distro, for easy OS level torification.
Our above mentioned ProxyVM + AppVM development work with nrgaway will likely be a big leap forward in further realizing this vision of Joanna’s for official integration of Whonix into the official Qubes user friendly GUI installer.
So there you have it…
- Qubes + Whonix 9 is now available.
- A new step-by-step source code install guide, along with binay images.
- A new dedicated community forum for the Qubes + Whonix platform.
- A new paradigm of ProxyVM + AppVM architecture is being developed.
- Hardcore Whonix torification may be coming to a Qubes installer near you.
Very exciting times for Qubes + Whonix as a super secure Tor platform! Join us!