When I turn off the Whonix-Workstation™ Firewall, am I still safe?

When I turn off the Whonix-Workstation™ Firewall, am I still anonymous?
I followed the Anbox installation guide on the Whonix website and under “Anbox Configuration” it says that I must “Disabling Whonix-Workstation™ Firewall” because “Otherwise there would be no network access”.
Doesn’t that mean that applications inside Anbox will be able to bypass the Tor network connection and see my real IP?
Or am I just misunderstanding how the firewall works?

In Whonix design: Even if both firewalls in Whonix-Workstation and on Whonix-Gateway are disabled/failing to load, Whonix is still leak-proof. Still no clearnet leaks possible. Whonix-Workstation still won’t be able to connect to clearnet. Whonix-Workstation still won’t be able to bypass the Tor network. Applications inside Whonix-Workstation still have no way to determine the real external IP address. References:


For reference, the wiki page which this is about:

1 Like

If it was possible to connect to clearnet from Whonix-Workstation, then we would ought to add an ominous warning. But this isn’t the case. And from a reputation protection viewpoint, it would be a bad idea to host such documentation anyhow.

Documentation updated just now to clarify this question.

2 Likes