Why cant whonix connect to some onions when tails can?

I have run into this problem many times: I cant connect to an onion address i bookmarked earlier. I then login to tails and can connect to the same exact address. I reset the gateway and workstation, i reset the swdate clock, i confirm that other onions work just fine in whonix, but some onions wont work, and simultaneously i can access those onions in tails. What is wrong with whonix that it fails at connecting?

Onion v2 support is being deprecated and what you’re seeing may depend on the different Tor versions each project has installed. Otherwise it’s a problem of visiting an unstable site.

1 Like

It’s highly unlikely that Whonix would introduce a website specific reachability issue. There wasn’t ever any similar bug.

A clock too much wrong (slower or faster than 30 minutes) on Whonix-Gateway could be an issue but otherwise no.

Whonix source code sanely doesn’t reference any Tor onion services by name for its Tor / firewall implementation. Doesn’t have any lists of onions. That wouldn’t make sense. Whonix doesn’t “know” which onions are accessed. There is no way to by mistake block some onions and others not.

Whonix uses vanguards.

You could try to reproduce this on the host operating system. System Tor + vanguards.

Unless there is a good example of lets say

  • the Tor Project onion always accessible and Facebook onion never accessible inside Whonix
  • the Tor Project onion always accessible and Facebook onion always accessible on host Tor Browser or Tails

reported by multiple users, I don’t think I will be able to investigate this.

Try this:
Tor - Whonix

Thats unfortunate because it is a real problem that i have to fight with every single day. I am trying to access an onion right now on whonix and it will just load and load and load, but if i go into tails it will load right away. I dont see how setting up Tor on my host is going to prove anything, this is a problem with whonix sending malformed packets or something when it comes to accessing onions.

Show me source code doing that or package analyzer capturing that. Otherwise highly unlikely.

Likely reproduces same issue without Whonix being involved.

Note: Tor on host from deb.torproject.org to have similar version.

Tails at time of writing doesn’t use Tor entry guards (Tor Entry Guards - Whonix) (which is a default Tor feature) / vanguards.