Whoinix is an Operating System designed especially for Security, with your privacy and anonymity being a core focus of its development.
To do this it communicate all your traffic across the Tor network. This makes it a much safer alternative than other systems as it is far less likely to suffer from DNS leakage (which can result in the user’s real IP being tracked).
It is also designed to be run from a virtual environment which allows you to run it while still being able to access and use your main computer, removing the hassle associated with live USB focused systems such as Tails.
Whonix comes in two parts. The first part is what the user actually interacts with, such as to browse the web. It is completely isolated and cannot connect to networks outside of Tor. This is called the Workstation.
The second part is The Gateway, this only runs Tor, and is used to connect the Workstation to the wider network by routing the traffic across Tor. Without the gateway the workstation will be unable to connect (which will be demonstrated later).
Convinced? Time to install.
Head over to the Whonix Download Page.
Simply select your operating system and proceed as prompted. I’d recommend you use Linux, especially if you want to take your security seriously, for that reason this tutorial will assume you’re using Linux from here on. However you may still find this tutorial of some use even on other systems.
Firstly, click the links to install the .ova files for Whonix. You need to install BOTH the Gateway and the Workstation.
Whonix is designed to be best run within a virtual machine. To do this we need to install virtual box which will allow us to run the operating system within a virtual environment while still using our main OS.
You can simply enter into the terminal:
sudo apt-get install virtualbox-ext-pack
(This is the extension pack which contains extra useful stuff like encryption, alternatively you can just download the basic ‘virtualbox’)
You’ll then need to select okay to the installer and agree to the terms
Once you’ve installed it, go ahead and run it. Simples.
Now this is where the .ova files we installed earlier come in, select File>Import Appliance and click ‘Open appliance’ to select your OVA file.
You should then see something like this:
Repeat this step for both the gateway and the workstation. Then turn on both the virtual machines by double-clicking on each of them.
The machine will then begin the usual Linux boot sequence.
And take you through several setup screens, make sure to select to click “Yes I want to enable Tor” when prompted.
Once both systems are installed you’ll find yourself with two similiar-looking systems. The Workstation is what you’ll use for your browsing, while the gateway is used to connect you by routing that traffic over Tor.
Now that we’re all installed it’s time to check the system, this may run automatically but if not, simply click the ‘Whonix Check’ icon on the desktop. You want to see all green lights here but as I’ve only just installed the system you can see I have a red warning telling me to update the system.
Simply open the ‘konsole’ and type:
sudo apt-get update && sudo apt-get upgrade
Entering the password ‘changeme’ when prompted along with press ‘y’ to confirm the installation.
Before closing the terminal it would be a good idea to change your password from the default. This is no major security improvement but I’d recommend doing so regardless. Simply enter:
And enter your new password as prompted
Once, again. You’ll need to repeat this step for both the gateway and the workstation.
You should now have a fully working system, to ensure you’re connection is working. Launch the Tor browser from the desktop and navigate to https://check.torproject.org/
Remember when I said it wouldn’t be able to connect without the gateway? make sure you have both machines turned on while doing this, if the gateway is switched off, the workstation will be disconnected.
Anyway, If everything is working correctly- you should now be greeted with the below screen.
Congratulations! You’re now free to browse anonymously and start accessing .onions with Whonix.