Why is the the gateway image almost as big as the workstation-image?

Why is the Whonix-Gateway (1.2GB) almost as big as Whonix-Workstation (1.3 GB)? The gateway is just a gateway, but the workstation-image is a whole desktop setup.

Edit by Patrick:

In past, Gateway image was smaller because it was terminal only. But for some time now Gateway also includes a desktop to make configuration and other stuff easier. You could reduce the ram to use the Gateway terminal only though.

Don’t that make the gateway vulnerable to attacks, because you have a much larger codebase?

Apart from trusting more Debian developers [how many?] (which we must do for workstation anyway)… No.

You can have a billion lines of code on your hd. Nevertheless, a feature rich scientific calculator with a billion lines of code won’t result in a remotely exploitable vulnerability, because the calculator has no attack surface from the network. The calculator may have local vulnerabilities, such as when you copy specially crafted lines into it, an exploit may be triggered. But that’s not what users are doing on the gateway. I haven’t heard a server was easier exploitable because it was running a GUI - it depends on the attack surface.

Thanks for the answer! I haven’t (yet) installed Whonix so my next question(s) maybe seem a bit odd, but what GUI configurations for Tor (I suspect that there are more apps, but can’t come up with someone to suggest) are so superior that install a whole desktop environment seems worthwhile? You end-users commonly go into the gateway disk and make configurations?


It’s a work in progress.

See also:

Features to come:

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]