upcoming usability improvements that will hurt, TLS downloads, abolishing torrent downloads

Originally published at: News - Whonix Forum
Whonix website, especially downloading and getting started is so super secure that mortal users give up on it. Even friends of mine, who graduated from university and working as engineers are incapable of getting Whonix installed.

My mission to make everyone happy with implementing geeky feature requests like “optional torrent downloads” has failed. Stuff like this really gets small groups of geeks happy, but overall it over complicates the download process.

Whonix downloads were hosted on http mirrors that were are run by volunteers. This came with various issues. All Whonix downloads are now downloadable directly from whonix.org. The download tables have been updated accordingly. So Whonix apt repository might be downloaded over TLS by default in next Whonix version 13.

During the transition, torrent download files were not migrated. There will be no Whonix torrent downloads in foreseeable future. It all adds up to the release maintenance effort that is primarily done by me. I have concluded that the ratio on the negative side with people confused by the big download table and the metal and time effort to have working torrents files is bigger than the positive side of having “optional torrent downloads” implemented.

For the foreseeable future, until funding and man power is not drastically increased, no “geeky” feature requests will be implemented. Also contributions for “geeky” features that add up to my maintenance effort will be rejected. Please briefly explain how your feature would benefit the larger community rather than exotic use cases. The way to contribute should be to relive work load from me rather than adding stuff that adds up work on my plate.

See the following video, which strengthen what I slowly learned during the last months. I recommend watching it. Worth the hour.

Aral Balkan: Superheroes & Villains in Design

Greatly simplified the VirtualBox wiki page.

Further simplifications suggestions welcomed.

It can be further simplified on the Windows platform, once the Windows installer and gui is ready.

Good day,

just watched the video, very interesting in deed. The question is though, wether applying his ideas to Whonix is possible without sacrificing to much. A lot of the features which make Whonix what it is sadly are bound to have a certain complexity in them. So the question is, wether we can hide that, without sacrificing to much. For example, switching between the GW and WS is both time consuming and needlessly complex for most users. However, both of them beeing independent is one of the key advantage of Whonix compared to other solutions. My personal solution would be something along the lines of giving people remote access to the GW’s settings via the WS without the need of continuously “tabbing” arround. This would in turn also benefit performance, as the GW could then run in “non GUI mode” for everyone, as having a GUI wouldn’t be necessary anymore. Then again, the question is, how to implement this and wether it could lead to security risks.

Furthermore, going with his “metaphor” of “ticket machines”, the thing is that the second ticket machine brings more issues to the table then security, simply by not allowing anyone who doesn’t own a creditcard with a magnetic stripe to use it, which in my book would be quite a design flaw and actually a point for the first, seemingly more complex implementation. In our case, this would be comparing the “standard issue” TBB installed under Windows, something anyone can use, to Whonix. Whonix may seem more complex, but that may actually be for a reason.

In conclusion, with things like the simple GUI (which, while at the moment “not fancy” is in my books the best tradeoff of usability and not limiting advanced users) and the, hopefully soon finished installer, Whonix will already be easier for beginners. Improving and simplyfing the download process will help even more, however I feel like design problems need to be attaked at their deep roots. Maybe designing a custom desktop for beginners which makes entry easier might be a way to go, while including an “Advanced” button which shows more skilled users the “standard KDE UI”.

Have a nice day,


1 Like

Seems like we posted almost at the same time.

Right. Some complexity is indeed difficult to hide. But have a look into Qubes. Whonix-Gateway (sys-whonix) is there more like an “app”. Apart from the connection wizard, you don’t see it apart from in the start menu and in Qubes VM Manager (QVMM). It’s because in Qubes, all VMs are using “seamless window”.

("Seamless window as the VirtualBox feature. [Which VMware calls “unity”.])

Qubes already simplifies upgrading several TemplateBased VMs since you only have to upgrade the TemplateVM. [Ok, well, introducing TemplateVMs introduces new kind of complexity.]

One day, centralized upgrades will come so one can upgrade all templates at once.

Still. Right. We may not be able to hide some complexity short term. But in the example of the torrent, I think the decision was right. The added complexity and favor for geeks really was not worth a much simpler download link that others can use.

Since the super-secure-but-not-able-to-use state of the download page lead to users using TBB rather than Whonix, it’s a situation where using the razor blade is useful.

cool , its a relief for the table complexity. but i wonder if that will satisfy users of torrents.

( u r not using whonix while surfing the net because vimeo videos doesnt work inside whonix. got u :yum:)


i wonder if that will satisfy users of torrents.

It will not.

When you come to whonix site you just get scared with all those line links at the front page, so many unnecessary informations, complete chaos and not knowing what to click and WHERE are install instructions… and after you start clicking then you discover ‘expand’ universe of hidden instructions. This is not a site for average people not even for advanced users. I have been trying to get into whonix several times and I quit right after downloading. Why? This is a chaotic site. Make regular web site, make simple front page, give people download AND INSTRUCTIONS on front page. When you have big ‘download’ button many think that download will start immediately so nobody dare to click there but later when they click on ‘download’ they discover that they will be tortured through several pages with that special “expand” hell. Do I want to click on ‘expand’ or will I leave that info to someone else. Yes there are also download links below ‘download’ button on the front page but that’s the chaos I am talking about.

There is some truth to this. Just took a look at front page again after a year. It’s quite intimidating and geeky. Modern websites have 2 buttons on the front page: “What is Whonix?” and “Get Whonix”. with a huge background of smiling, lovely people…

It’s called UX (user-experience) by some or “dumbing-down” by others. I prefer having all the info right in front of me instead of having the same info spread out over 20 pages, but I can understand many users wanting a more aesthetic? appearance. I see Tails OS has a wizard that walks downloaders through a multi-step question process… This hides a lot of unnecessary info. Unfortunately, I’m not a web designer… @tbb how about you? What Whonix needs is more contributors…

We have an existing thread for the home page redesign.

Your problems are your problems. Not the community’s. Don’t make them ours. Please keep the two separate, and distinguish the two. Get out of the kitchen, if you have to.

That may seem harsh, but this is the community, not Patrick’s personal space.

The problem is, and I agree that walking the discrepancy is not black and white, is that as the maintainer responsible to the community, what moves you forward moves the community forward. And vice versa.

So I take your point.

“Please briefly explain how your feature would benefit the larger community” makes sense. “The way to contribute should be to relive work load from me rather than adding stuff that adds up work on my plate.” not so much. Advancing the community is what matters, not the other way around. And by definition, enhancing or advancing functionality only comes with additional work.

You are a nice guy. That is VERY evident. As a result, you probably don’t make clear often enough that “there are only so many hours in a day”, and as a result, “you must prioritize your time.” You should probably say that more often.

To your point, also … let’s remember that by definition this beastie is ‘geeky’ (which is a very unfortunate term, these days). Especially in today’s context of PDA’s, tablets, and Macs. By definition, one wants virtualbox, while the very concept of a virtual machine is ‘geeky’. Which is to say ‘complex’, or ‘complicated’ - equivalent terms, yet terms that don’t seem to carry the same disparaging connotation with them.

– the world is a complicated place, and complex functionality is, well, complex. If you don’t put (time) into it, you won’t get out of it.

– if the functionality matters to you, you will put the time into it that it requires. And it is for such that whonix really matters. Don’t lose sight of that. It is not ‘for everybody’, nor should it attempt to be. (Arguably, it shouldn’t be necessary - but necessity has deemed that it is. But that’s another story for another time.)

– so for your engineering friends, I would guess that they had ‘better’ / other ‘more important’ things to do with their time, than try to figure out whonix. If ‘other’ things are really that much more important to them than whonix, are they the community that whonix is trying to serve?

So make sure to only accept to be addressed any -additional- 'geeky’ness that whonix brings, not all such necessary to merely get to the point of being able to specifically install whonix itself.

Correspondingly, when the world makes OS and virtualbox installation ‘easier’, whonix will also benefit. Let the rest of the world worry about its own ‘easiness’, and whonix its own.

Also, recognize, by definition, whonix will always be geeky, for lack of manpower. The whonixcheck and timesync boxes that come up at boot are inherently geeky. It is the nature of the beastie.If the manpower were present, they would be spiffier, but it’s not, and they’re not. 's OK.

So let’s not beat up on whonix (too much) for being geeky - by definition it is inherently so, and is the nature of the beast. It is what it is. What reality forces it to be. Never mind that whonix is a necessity born of invention. (And don’t decry that it hasn’t had decades of manpower applied to it that many other things have, to make it absolutely touchless and ‘pretty’. It will get there, at exactly the rate of the growth of the community that needs it, and are willing to apply resources to it.)

So don’t sweat, too much, being geeky. It can’t be anything but. To what extent may be addressable, as you point out with torrent downloads. Do what can be (whonix specifically and uniquely) done, but let’s not lose sight that it will always be geeky.

WOW. I’d like a shot of whatever you’re drinking… Can’t tell if you’re just trolling - that’s a really long post.

I’m no fan of authority or cults of personality, but the numbers speak for themselves:

Let’s take a look at this community.

Now maybe you’ll reconsider:

Actually, his problems are our problems, if we want Whonix development to continue. (unless you can take over Patrick’s responsibilities @rAntOCauDgb)

True! - a brief moment of sobriety.

It’s also true that complex things can be made simpler and/or more approachable instead of becoming more complex.

Some people are just romantics - they believe freedom should be ‘for everybody’.

Definitely not a troll, and not trolling.

And, apologies, I can see how the – points would be misconstrued.

They were addressed (as though) to, the user or potential user of whonix, such as the example engineers of the OP. Most definitely they were not intended to be a commentary on ANY poster here or whonix community participant. I deeply apologize for any offense and not being more clear about that.

Which I specifically note, with “The problem is, and I agree that walking the discrepancy is not black and white, is that as the maintainer responsible to the community, what moves you forward moves the community forward. And vice versa.”, and, “So I take your point.”

Which does not undermine my first point that there is no 1:1 correlation between individual and community problems. They are different beasties. And the latter does not directly follow the former.

Agree, but this is also chicken and egg. e.g. The OP well notes improved maintenance simplicity (== less work), AND improved user experience, simply by eliminated torrent downloads. Note that even the act of making things simpler is, in itself, work. However, inherently, additional functionality means additional work. And, theoretically, an expanded community. But the community can’t grow to serve a larger audience if non-core work isn’t executed … so this is chicen and egg.

Not what I meant. By that argument, and I agree with it … whonix shouldn’t be necessary - freedom should already be inherent for everybody. But it isn’t, proprietary and commercial interests are inherently at play, and those interests are directly opposed to the public’s. Such privacy, security, confidentiality, freedom from bullying or abuse, seem to go by the wayside, sadly, with proprietary and commercial participation.

What I meant was …

Some people will be entirely served by ‘normal’ software such as arrives on their pre-installed laptop.

Others will be entirely served by such with their installation of the tor browser bundle.

Others will need whonix.

Inherently as you go up (down?) that chain, the community being served gets smaller and smaller, yet requires more and more work. With fewer users, and fewer resources, things get rougher around the edges and less refined. (Any stick will do for a campfire, some work is needed to build a log cabin and fewer than everybody has the skills, more work for a kitchen table, and even more work for a fine dining table. The skills and effort required increases with each refinement, while the candidate consuming population gets smaller and smaller, as does the workforce capable of production. So prices go up. Yet this is FOSS. And, so, chicken and egg.)

So, I agree, freedom should be for everybody. And I wish it were already absolutely so for everyone all the time. But it isn’t. Whonix shouldn’t be necessary. Yet it is.

But that doesn’t mean that everyone ‘needs’ encryption, or whonix, all the time. Some will be entirely served by TBB. Therefore, the community being server by whonix is inherently smaller than ‘everyone’, and by definition, whonix is going to be ‘rough’ around the edges, inherently so. It is what is is, and has to be. Let’s not beat ourselves up for the unavoidable geekiness that it is, while, as you say, doing what we reasonably can, to reduce what can be, reasonably.

And not beat ourselves up for the geekiness inherent to getting to the point of being ready to download / install whonix. That is the problem of others, not whonix.

Good day,

No, wrong. YOU get out of the “kitchen”. Whonix is GPL, so if you want a new feature, fork it, but don’t act like Patrick (the lead developer) has any obligation to add whatever feature you want. If you can do it, do it and stop being rude, if you can’t politely ask for the feature to be added and wait. Don’t tell the lead developer that his way of development is not something the community has to tolerate if you can’t do it better and actually just create more work for everyone.

This is still Patrick’s project. You want to see it done better, do it, Whonix is free for a reason.

Do you even read what you type and understand what Patrick wrote? How can you advance the community if adding a feature one specific small group wants takes massive amounts of time and resources while keeping developments most will benefit from down? The answer is not. At all.

Or, you know, people could reflect on their behavior by themselves like proper adults and responsible humans…

Yes. So were PCs. So were phones. So was the internet. Today everyone uses them. Why? Maybe because some smart people noticed that adding features most people won’t/can’t use shouldn’t be the main priority but rather accessibility?

Or, I don’t know, we could use the very effective and functioning base we have and simplify it, to reach and thus help more and more people.

Right. So were smartphones, tablets, TVs, radios.

Yes. Our community consist of more then just “geeks”. Journalists, activists, whistleblowers, those guys need security and they need it NOW. Without any complex preptime or having to learn a massive manual. And they don’t just need it for fun. They sometimes need it to escape censorship and human rights violations.

That already happened. We call it Qubes. Ever heard of it? It is great, just not enough.

Really? They seem quite straight forward to me and anyone I showed them.

Going after that logic, I could just say there is not enough manpower to try to understand and fulfill every weirdly written “geeky wish”, something you defended over focusing on simplification not a few lines ago.

Of course not. @entr0py never really claimed that. Like I’ve written before, it’s of course not really a community problem as the community (which does include you) may fork Whonix at any point in time. If you don’t, then it’s something you’ll have to swallow.

Oh yes, taking down two URLs was a massive amount of work…

No. Where do you get that from? Why should a blogger in an oppressive country have extensive needs other than the maximum security, something Whonix offers over the TBB? The answer is, he doesn’t.

ARE YOU EVEN READING WHAT YOU WRITE! It’s just as much, maybe even less the problem of Whonix, a GPL piece of software, you may fork at any point in time, if you feel that a feature you want isn’t added because the project leader wants to focus on a group of people other than you. Threads and feature requests like “whonix, torrents, and being a good tor citizen” serve almost no one other than the one who created the thread, and just eat up massive amounts of the limited time and resources available. How many “community members” in the past four months in which this thread exists were geeky enough to even be remotely interested in what was written there? I’d say few. Yet it still costs hours of work, which could’ve been spent otherwise, to even read through the thing. This creates problems and I’m very certain you know that.


Because your two posts here are reading not so much like a professional troll post, nor like the product of someone who is genuinely trying to argument properly for another point of view, but rather like the posts of a man/woman who doesn’t want to accept that he/she is a part of the problem, even though he/she quite obviously is.

Have a nice day,



Let’s take a look at this community.

That link is not so representative. I am mainly managing that
repository. But there are other repositories and other tasks. Better
lists of contributors would be the following.

1 Like

From whonixcheck Whonix 14 ideas - #5 by anon36816226

It’s not so much about what the current userbase is but what the idealized goal for the userbase is. And that is towards less technical, more users. I am convinced this makes Whonix more sustainable long term.

I need to disagree,
The current Userbase is not here by accident , and its not a surprise that there are not that many non technical users .
I could go on a rant about why the non-technical Users aren’t going to do any good but i wont , as It’s your Project and I respect anyway you take with it. As long as we dont scratch the I2P idea I’m ok with it :wink:

Still up to date. If you have a chance, please watch this video: Aral Balkan: Superheroes & Villains in Design on Vimeo