Whonix-Host, comes with the hypervisor KVM and both Whonix VMs, Whonix-Gateway and Whonix-Workstation pre-installed by default.
Whonix ISO Live is a Live ISO which comes with a calamares based installer. The user can use Whonix-Gateway and Whonix-Workstation in Live Mode from ISO.
The user has also the option to install Whonix-Host on an internal hard drive or external drive such as a USB drive.
Once installed, what we call Whonix-Host Installed, the user can again choose to boot into persistent mode or into live mode in grub boot menu thanks to grub-live.
That really needs to be emphasized. I can’t install Qubes on half the machines I have tried to on.
Plus the Fedora thing is weird. In addition to mixing and matching with Debian, Qubes’ January 2020 release comes with a May 2019 version of Fedora (Fedora 30) that will hit end of life in just over a month.
Also I find KVM/Apparmor easier to understand than Xen/Selinux which is important so system maintenance mistakes are not made.
So again I think this is a good idea.
No clearnet traffic by default.
I think you should have a boot option or something that by default that allows this. Because I think few people will install an OS where clearnet is not possible in some straight forward way when needed.
The good news is I tried the iso and everything seems to be working as expected. I could not install on my machine wanting EFI, but that is a known issue. Everything I tried outside of known issues seemed to work.
Is there a way a Raspberry Pi image could be built? If there is documentation how to attempt to build such a thing I am happy to be a beta tester.
Raspberry Pi’s seem optimal for something like this. You pop in one micro SD card when you want a machine with end-to-end Whonix protection and pop in a different when you want to go back to a clearnet OS. The Pis are also cheap and easy to replace if for any reason you think someone tampered with your hardware.
Does it have to be Whonix-Host or just Whonix-Gateway?
Whonix-Host RPi theory:
There was never an implementation of Whonix-Workstation RPi.
Only Whonix-Gateway RPi.
Whonix-Workstation RPi: there are no Tor Browser builds for arm64 / RPi.
At the moment the build script does not support that. So for now, no.
Maybe in future hardware producers or any contributors get interested to invest in / work on that. Maybe a fully functional and well working Whonix-Host Intel / amd64 would help with that too.
I highly doubt a Raspberry would be a suitable platform right now for a system that needs at least 4GB RAM (recommended would be 8GB) and a powerful enough processor to run the two Whonix VMs?..
