I’m neither new to Tor nor Linux, but never have I experimented with Whonix, so very recently I downloaded & installed it and I like it so far, however I have a couple of general questions about Whonix use before I get too comfortable in any habits.
Is it safe to use JavaScript, Flash, etc in Whonix? From what I have learned of it so far, it would seem safe, but I just needed to make sure.
When I run the TBB in Whonix, is that Tor over Tor?
Am I correct in saying it is virtually impossible to reveal the true location of a Whonix user?
(Un)safe is a relative term. Those aren’t causing IP revelation risks right after installation, but pose risks for browser fingerprinting and increase attack surface. The Browser Plugins - Whonix page elaborates about this.
No Tor over Tor by default in recent Whonix versions.
[Unless you undo Whonix’s environment, that is…]
[Technically, rinetd listens on 127.0.0.19150 and 9151 (TBB’s default ports) and forwards them to Whonix-Gateway 192.168.0.10 9150 (where a Tor SocksPort is listening) and 9151 (where Control Port Filter Proxy is listening). Tor does not get started by torbrowser-launcher because the TOR_SKIP_LAUNCH environment variable has been set set to 1 in /etc/profile.d/. See also Dev/Dummy_Tor.]
[quote=“Patrick, post:2, topic:234”]1. (Un)safe is a relative term. Those aren’t causing IP revelation risks right after installation, but pose risks for browser fingerprinting and increase attack surface. The Browser Plugins - Whonix page elaborates about this.
No Tor over Tor by default in recent Whonix versions.
[Unless you undo Whonix’s environment, that is…]
[Technically, rinetd listens on 127.0.0.19150 and 9151 (TBB’s default ports) and forwards them to Whonix-Gateway 192.168.0.10 9150 (where a Tor SocksPort is listening) and 9151 (where Control Port Filter Proxy is listening). Tor does not get started by torbrowser-launcher because the TOR_SKIP_LAUNCH environment variable has been set set to 1 in /etc/profile.d/. See also Dev/Dummy_Tor.]