In a revealing interview with SafetyDetectives, Patrick Schleizer, the founder and lead developer at Whonix, shares the origins and evolution of his project. What began as a simple documentation on the Tor Project wiki in 2012 to improve Tor’s use as a Transparent Proxy transformed into a robust Linux distribution project dedicated to online anonymity. Today, Whonix assists whistleblowers, activists, and privacy-concerned users by providing secure and anonymous online communications. Schleizer delves into Whonix’s defense mechanisms against threats like browser fingerprinting, malware, and cybersecurity attacks, while highlighting its user-customizable features and addressing challenges in its mainstream adoption.
Can you tell me about your journey and your current at Whonix?
Whonix didn’t originate as a software project; it initially began as a step-by-step documentation process on the Tor Project wiki site in 2012. At that time, the goal was to simplify instructions on how to use Tor as a Transparent Proxy—essentially, to securely and reliably anonymize all internet connections instead of just with Tor Browser. I published my work publicly in the spirit of Open Source / Freedom Software, a concept which I’ve always been passionate about, so others could contribute to it for purposes of security review and improvements. Fortunately, this did happen. This work eventually evolved into a script, which then transformed into a downloadable application, and ultimately matured into a complete Linux distribution project.
Currently, at Whonix, we’re continually working on enhancing the security and privacy features of the system and collaborating with researchers and other contributors. We’re focusing on staying ahead of the latest advancements in security and privacy, working with the community, and iterating on our design and development process to ensure that Whonix remains a reliable option for users seeking anonymity online.
Can you briefly describe what Whonix is and its primary use-cases?
Whonix is used by individuals who wish to browse the internet anonymously. It helps in protecting the user’s privacy and hiding their IP address by routing internet traffic through the Tor network.
It is mainly for people who require secure, anonymous communications, such as whistleblowers and activists, who use Whonix to communicate without risking exposure or interception. It allows secure and anonymous usage of email, instant messaging, and other forms of online communication.
Individuals requiring high levels of privacy for online transactions, such as cryptocurrency users, might use Whonix to enhance the anonymity and security of their transactions.
What precautions does Whonix take against browser fingerprinting?
Whonix takes precautions to mitigate the risks associated with browser fingerprinting primarily through its use of the Tor Browser, which is bundled with Whonix and is specially designed to reduce the risks of fingerprinting and other forms of tracking.
Whonix VMs provide a unified and uniform computing environment shared by thousands of users so even in the event of Tor Browser being exploited, no unique identifying info about the program set or data on this system could be used to expose a user.
Whonix features “sdwdate” (secure distributed web date) to anonymize system time. Sdwdate fetches the time from a diverse set of onion webservers and calculates a time consensus, helping to mitigate the risks associated with a unique or identifiable system time, a potential vector for deanonymization attacks. This assists in providing an additional layer of anonymity by reducing the chance that a user’s actual time could be used as part of a deanonymization attack.
The feature, known as kloak (keystroke and mouse anonymization tool), is designed to obfuscate the timing between key presses and key releases, making it difficult to profile users based on their typing and clicking patterns.
How is Whonix hardened against malware and other cybersecurity threats?
Whonix implements several strategies and features to harden the system against malware and other cybersecurity threats. Here are some of the ways in which Whonix enhances security:
- Kernel hardening measures are implemented to reduce the risk of kernel-level exploits.
- Whonix utilizes AppArmor to enforce security profiles for applications, limiting the capabilities of applications and reducing the
risk of exploitation. - Whonix includes security-hardened applications, like the Tor Browser, to protect against various web-based threats.
- Whonix is based on Debian, which regularly receives security updates. Users are encouraged to keep their system up-to-date to protect against known vulnerabilities.
- Users are educated about maintaining privacy and security, such as not downloading software from untrusted sources and being cautious about phishing attacks.
- Whonix uses a two-VM (Virtual Machine) architecture, consisting of the Whonix-Gateway and the Whonix-Workstation, to isolate network traffic and application processing. This isolation helps prevent malware from discovering the user’s real IP address and protects other parts of the system if one component is compromised.
- Malware running in a VM is contained there and cannot access other VMs or the host except if there is VM escape vulnerability, are rare and not features of common off-she-shelf malware, which highers the bar for adversaries.
How can users customize Whonix to meet specific privacy or security needs?
Users can adjust the security level in the Tor Browser, disabling or enabling specific features like JavaScript, to meet their privacy and security needs. Users can modify the firewall rules on the Whonix-Gateway to tighten or loosen network controls based on their requirements. Users can install additional software packages that suit their needs. For instance, they may install encryption tools, secure communication tools, or additional security software from the Debian repositories.
Users with scripting or programming knowledge can develop custom scripts to automate tasks or enhance functionality based on their needs.
By being based on Debian, Whonix has the perk of compatibility and readily working with almost anything that can be done with Debian Linux.
What are the challenges in adopting Whonix for mainstream use?
There are many challenges. Usability issues many of which are inherited from plain Linux in general. There is no Whonix Windows Installer yet. Usage of any Linux based operating system is more difficult than what users are already accustomed to.
Many websites directly or indirectly ban IP addresses originating from the Tor network.
Many users may be indifferent or unaware of the importance of online privacy and security, and thus, may not see the value in using a specialized system like Whonix.
Funding issues. It is challenging to find business model that is both sustainable and ethical for Open Source / Freedom Software projects that could support one or multiple full-time developers and anything else that is required to maintain a tool let alone operating system for mainstream use.