I’m new to whonix and I read that I shouldn’t use tor over tor as it can cause undefined/unstudied behavior such as odd cases like hitting the same tor node in different circuits. Is using the tor browser on whonix using tor over tor?
If I curl a site from the command line I get a different tor IP than my tor browser, so I’m under the impression they are using different exit nodes. But I’m not sure how this is handled by whonix. I already searched the forums and wiki and came up empty handed. Any insights would be wonderful.
@Ego:
Thanks I was able to find this bit I must have skimmed over.
[quote=wiki]The regular Tor Browser Bundle and Tor Browser in Whonix slightly
differ. The environment Tor Browser is running in has been adjusted by
Whonix to work behind the Whonix-Gateway. The network and browser fingerprint however, is the same.
[/quote]
Based on this, I gathered that the tor browser has been modified such that it is NOT running tor over tor.
Thank you, this was very enlightening into how whonix attempts to prevent identity correlation! It looks like I will have to setup a few programs (whois, etc) manually to avoid correlations to me.
Minor detail: Tor Browser has not been modified at all. Instead, Whonix intercepts Tor Browser’s traffic and routes it appropriately over Tor (once). You can download stock Tor Browser from torproject.org and use it with Whonix unmodified.