[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Whonix in Virtualbox - connect android phone?


#1

Hi,
I am using Whonix in Virtualbox in ubuntu.

Did someone managed to connect android phone? I want to connect to tor network
with android phone, over wifi or usb cable. I tried to install hostapd but it was
not installed sucessfuly in virtual machine.

Should I enable another network adapter in Virtualbox settings, which type?


#2

Good day,

please don’t change anything about the network settings in VBox.

Furthermore, to use the internet connection of your phone with Whonix, you just connect it with your host, via WiFi. It gets threated like any other connection.

Have a nice day,

Ego


#3

Ego:

Furthermore, to use the internet connection of your phone with Whonix, you just connect it with your host, via WiFi. It gets threated like any other connection.

I don’t understand. One can torify its android smartphone through a
Whonix-Gateway running in VirtualBox?

As far I understand that was the question.

If that is so, I am not understanding the exact steps of “just connect
it with your host, via WiFi”.


#4

^Just to confirm, yes that is my question.

I tried to connect it via wifi, following this guide:


but no luck. I used this guide in my linux pc and it is ok, but in whonix-virtualbox is not working.
So, I am looking for some solution to connect android either via wifi or usb.


#5

Good day,

I see, my reading of the question was that the connection of the phone was supposed to be used to connect with the Gateway to allow it to connect to Tor.

So, you want to connect your phone with your PC and use Whonix to hand over a torrified connection to the phone? As far as I can tell, that doesn’t work. Physical isolation of this kind has never been tested and should actually fail thanks to the fact that Android uses proprietary solutions when using the connection of a PC, which seem to be hardly compatible with the current solutions used for “handing” over the torrified connection between systems laid out here: https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation#Introduction.

Another problem here would be that, at time of writing, physical isolation via Whonix is mainly using ethernet, while other connection types are untested.

Have a nice day,

Ego


#6

One thing that could work, but that would be difficult… A physically isolated Whonix-Gateway. That provides WiFi as eth1. Not sure anyone has created that yet, but seems entirely doable with linux sysadmin skills. We usually recommend against this for security purposes, because a compromised (android or otherwise) device may also jump onto another (open) WiFi network and connect in the clear. Or accidentally connects there. Also DHCP is an issue, as documented here:
https://www.whonix.org/wiki/Other_Operating_Systems#Whonix-Android-Workstation


#7

OK, I look through that pages.

I would use this connection only in my place and here there are no open (without password) spots.

What about connecting thorough USB, anyone tried that?
I am looking to find some apps for reverse tethering to test it. Dont know if it will work in virtual machine.


#8

Good day,

Like said before, physical isolation at this point has only been tested using ethernet.

“Reverse tethering” would simply be “creating a hotspot” using your installation of Linux, as explained here: http://www.howtogeek.com/116409/how-to-turn-your-ubuntu-laptop-into-a-wireless-access-point/. This however, will hardly work with Whonix, as, like mentioned before, there currently is no known way of using a connection provided by Whonix any other way than via Ethernet. This sadly includes USB based approaches as well.

Have a nice day,

Ego


#9

As a variation on what Patrick suggested, you could connect phone to your linux box via usb, then connect the linux box to a physical whonix-gw. (unsupported - very much DIY).

Your hardware (phone) will already be exposed to the internet. What would a VM do for you? extra firewall / proxy?


#10

In what way would my phone already be exposed to the internet? I will turn off wirelless and data transfer, gps.

I managed to connect my android phone through VM when it is not torified. I used usb tether.
After I torified it wont connect.

This is usb connection and tether app

Can someone help, what IP adresses should I put in tether app?


#11

One of the reasons for using Whonix-Workstation in a VM and not on bare-metal is to provide an abstraction layer between your apps and your hardware. Compare that to routing your (compromised) phone through a VM (not to mention IMEI + who knows what unique identifiers).

How? What VM? How test connection?

How torrify? What errors?


#12

I will not use all apps on android, only some apps for messaging, and I need them behind tor.
I think that web apps on android cant see IMEI, I will have to check that. Phone app can, but that is not internet and I will not use phone app while connected to tor, only internet.

I used virtualbox and checked IP, android phone was connected inside VB, as I said when I turned connection to whoinix GW, it wont connect, it doesnt report errors except reverse tethering app said -cant connect.
In whonix WS tor is working, but not in connected android phone. I need help with this IPs to try manual connection if someone can help? what IP to put in “desired IP” and “gateway IP”. I tried to copy IPs from left side but no luck. Like I said I dont have much knowledge, trying to learn and fix this problem so if someone can help me out with connection and to solve it.


#13
  1. I’m assuming non-Whonix VM (ie Debian)? Were you able to access the internet on your phone using your VM’s network connection? Don’t involve Whonix until you can do this. You need to find other support sources for this step (ie not Whonix-related).

  2. Once #1 is done, Whonix-Gateway can transparently torrify all traffic. Just connect your non-Whonix VM to Gateway using these steps: https://www.whonix.org/wiki/Other_Operating_Systems

BTW, these are general instructions because I have no idea what you’ve done or what you’ve tried. (no idea what those screenshots are either). Kinda looks like you’re tethering phone to VM and not reverse-tethering (based on subnets).


#14

It is reverse tethering, like I said I connected android and access web, I checked my isp IP is in my android phone.

Maybe someone else can help?


#15

Screenshot on the left is from my virtualbox linuxmint WS connected to whonix GW,
right is from android app - not from my own phone, didnt have time to install Screenshot app.

When I connected to non-tor VM, I used automatic settings. But automatic settings dont work with tor VM.