Running Android Apps inside Whonix-Workstation - Proof of concept


It may be the easiest way to get a functional asynchronous IM app that has E2E encryption.

gpg --recv-key 37D2C98789D8311948394E3E41E7044E1DBA2E89

scurl-download FDroid.apk https://f-droid.org/FDroid.apk
scurl-download FDroid.apk.asc https://f-droid.org/FDroid.apk.asc
gpg -v FDroid.apk.asc

sudo apt-get install anbox adb

adb install FDroid.apk

An Adnroid x86 image turns out to be needed at a certain location
scurl-download android_amd64.img https://build.anbox.io/android-images/2018/07/19/android_amd64.img

scurl-download android.img.sha256sum https://build.anbox.io/android-images/2018/07/19/android_amd64.img.sha256sum

Not signed but hashed. Server uses Let’s Encrypt which is better than nothing.

sha256sum android_amd64.img
cat android_amd64.img.sha256sum

sudo mv /home/user/android_amd64.img /var/lib/anbox/android.img

sudo modprobe ashmem_linux
sudo modprobe binder_linux
sudo service anbox-container-manager start

anbox launch --package=org.anbox.appmgr --component=org.anbox.appmgr.AppViewActivity

Process stumbles at adb apk install step. Anbox doesn’t appear under the adb devices list. Launching it manually, a window opens and then it crashes.

Other problems:
FDroid apk signing key still uses SHA1 despite a SHATTERED 2 attack published recently. Someone needs to let them know. They already had a forum topic about it two years ago but it never went anywhere.

Some related bug reports.




1 Like

A post was split to a new topic: Why Should Whonix should support or be interested in Android ?

I used chromium in Whonix workstation when I needed to run a certain app. Can be installed with apt. Worked well. Sure, not ideal, but I didn’t see any better option to use that app, and that was neccessary.

How does chromium help to run android apps?

Not a general solution for android apps. Specifically for those that have a chrome app version.


1 Like


I’m not a technical user so there is not much I can do to contribute to topics such as this. However, if there is anything I can do to help, please let me know.


I tried using anbox in combination with Debian, but I downloaded it via snap. I’m not sure how recent the anbox package in the Debian repositories actually is, but I had the same quoted error multiple times.

If you search for the quoted part, a lot of topics will come up, but I can’t remember how I solved it myself back then.

I think if you start anbox in a certain way or a certain component of it directly from the command line, it should be more verbose and tell you what exactly makes it crash or return something that will lead you to a fix after searching for the reported error.

May I ask a question?

I estimated the RAM usage of a minimalist graphical base Linux OS to maybe be around 200-300 MB, the Whonix-Gateway could be run with 256 MB in CLI mode and the Whonix-Workstation itself with a minimum of 768 MB in graphical mode.

Since I’m not familiar with virtualization and Whonix in detail, what would be your estimated absolute minimum RAM requirement for a working base Linux installation in combination with Whonix-Gateway and Whonix-Workstation with an anbox installation?

I’m guessing a gig of RAM is enough. Anbox doesn’t do emulation so it’s not resource intensive.


Funny thing, I tried installing anbox in Whonix-Workstation (both with snap and apt) lately and it always failed, though I don’t remember exactly why.
The only time it worked was with snap on Xubuntu 18.04 (torified by the Gateway).