Whonix VirtualBox - Point Release

This is a point release.

(Same as Whonix VirtualBox - Release Candidate - Testers Wanted!)


Alternatively, in-place release upgrade is possible.

Notable Changes:

Full difference of all changes:


This release would not have been possible without the numerous supporters of Whonix!

Please Donate!


Two things I noticed:

  1. Tor browser does not show the “NoScript” button anymore. We can’t enable specific scripts on a site while on the “Safest” mode as was possible in the past (very useful feature I’d say).

  2. Clicking on the File Manager icon and trying to access an encrypted usb prompts a window for the password (so far so good) but when password is entered, nothing happens. No errors and the USB doesn’t get decrypted or mounted. I successfully accessed it through the terminal (using cryptsetup and mount). This feature was working on Whonix 14 if cryptsetup is installed by user. I’d guess it has something to do with permissions of File Manager.

Not Whonix decision as per: Frequently Asked Questions - Whonix ™ FAQ

I’m running the same version of Tor Browser in Whonix 15 and 14 (8.5.5). In Whonix 14 it’s visible, in Whonix 15 it isn’t. Not something to do with


No. add Tor Browser first startup popup to ask whether security slider should be set to safest explains very verbose what it does. When user clicks “no” it does exactly nothing. This can be verified by running the torbrowser script in verbose mode. bash -x torbrowser as it shows any command that is run.

Frequently Asked Questions - Whonix ™ FAQ references a ton of tickets. NoScript menu was really removed by Tor Browser developers.

I see, I overlooked it. That’s a pity. Reducing security level isn’t parellel to enabling scripts, especially when you want to allow some that are absolutely neccessary for a site to function and block some third party scripts that aren’t. If it’s considered safe to drag the button back using the “Customize” option I guess it’s not a big issue then.

I hope this is in the right place; in the Workstation iptables ruleset, filter table, output chain, there appears to be a duplicate rule

-A OUTPUT -p udp -d --dport 53 -j ACCEPT
it appears twice; since iptables parses in order, is it supposed to be there?
best viewed with command: sudo iptables -v -n -L
just wanted to let you guys know

That shouldn’t have adverse effects (overlooking negligible performance reduction) and is there for simplicity of the firewall script.

1 Like

Excellent, thanks for the clarification;
As an aside I think the rules used in both the Gateway and Workstation are really superb. I use many of them on my host machine