Anonymity with Whonix
Recently I came across a YouTube video that was talking about ways to be anonymous on the Internet. It had some good points and had a something I had never heard of before. It is called Whonix. Whonix is normally built on Debian Linux and uses the Tor network. Unlike the Tor browser, this has two virtual machines that connect to Tor with one and then you do all the surfing from the other. The setup is easy and I will go through this as through as possible. Below is how Whonix is describe on their website.
Whonix ™ is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacy. Based on Tor, Debian GNU/Linux and the principle of security by isolation, Whonix ™ realistically addresses common attack vectors while maintaining usability. Online anonymity and censorship circumvention is attainable via fail-safe, automatic and desktop-wide use of the Tor network, meaning all connections are forced through Tor or blocked. The Tor network helps to protect from traffic analysis by bouncing communications around a distributed network of relays run by global volunteers…
You can install Whonix on several platforms and operating systems. I am not going into each one but the link below will take you to their Wiki page that has more info.
One thing you will have to think of is the amount of processing power and memory this setup will take. The virtuals both are setup for 4 virtual processors with 768 megs for the Gateway and 4 gigs for the Workstation. So you will have to put this on a machine that can handle this along with the overhead it takes to run the host operating system. I will list the specs of the machine I used below:
- Model: Acer E5 laptop
- Processor: Intel i7 6700-HQ 2.6GHz
- Graphics Card: NVIDIA 940M
- Memory: 12G DDR3
- Hard Drive: 480G SSD
- Software: Windows 10, Virtualbox 6.0.14
There are several ways that you can set this up for use. I chose to use the virtual appliances that you can download. The download took a while but once that was complete, the OVA file was ready for install. I first tried it in VMWare Workstation 15 but it kept erroring when I tried to import. I did some research and found that Workstation was listed as experimental so I installed Virtual box, which is recommended. I simply double clicked on the virtual appliance file and it began to import into Virtual box. It installed the Whonix Gateway and workstation instance that you will use to surf. Once that is complete, you need to power in the VMs to change the passwords, update the system, and learn how to use it. The default username is user and the password is changeme. The easiest way in my opinion is to use the bash cli to accomplish this. Open a terminal and use the following commands to accomplish the tasks.
- As user type passwd
- This will prompt you to change the password
- Change root password
- Type sudo su –
- It will prompt for the user password to access root
- Then type passwd to change the root password.
- Update the OS
- Exit back to user and type sudo apt-get update
- Once that is finished type sudo apt-get upgrade –y
- Check Whonix version
- Type cat /etc/whonix_version
- At this time the version is 15. Anything older and you will need to updated.
- The previous OS update should have taken care of this. You may have to check your Whonix repo.
- Type cat /etc/whonix_version
I try to keep this as simple as possible. So don’t get offended and I know there other ways to do this as well. This is just how I put it. If you want more in depth info you can go to the CLI page at the Whonix website by clicking. Here You will have to do this on both virtuals to make sure they are current.
Now you can begin to check out the function. To make this work correctly you start the gateway and then start the workstation. Below is a pic from Whonix how it is supposed to pass traffic.
There are a few things to look at. These tools are in the system tab of the start menu. The swdate-gui will give you a little globe in the task bar that will let you know you are connected to the Tor network.
This will start up automatically but you may want to restart it if it is not connected or if you need to get a new connection address from Tor. Other tools are there like WhonixCheck and Whonix Repo. Below is a pic of the tools that are in the system tab of the start menu.
You can now open up the web browser and check to see what your IP is. Outside of connecting to the Tor network there is the things you have to do to stay anonymous. Things like not signing into accounts, and other things that can point back to you. One of the things I had never thought of is maximizing my browser. This then can be used to track you by you resolution/screen size. It is crazy what is used to track you across the Internet. I know that this type of thing can be used to do questionable thing but I hope that isn’t the case. I can see where this may need to be used to get around censorship or other imposed limitations. I did this because I love tech and this seemed like a really cool way to use the Tor network.
Finally, you can go to the Whonix web site and read what they say about learning the system, and being a first time user. This link will take you to the first time user page. HERE I hope this helped or at least sparked an interest in this project. Go and visit their website and look if this is something you can use. If you have any question please let me know.