Whonix 17.2 Released: Enhanced Privacy and Anonymity on Tor
A new version of the Whonix distribution, 17.2, has been released, designed to ensure anonymity and protect personal data. Based on Debian GNU/Linux, Whonix utilizes the Tor network to provide anonymous internet connectivity. The project is distributed under the GPLv3 license, and virtual machine images for VirtualBox and KVM are available for download.
Whonix comprises two components: Whonix-Gateway and Whonix-Workstation. The former acts as a network gateway, routing traffic through Tor, while the latter provides the working environment. This configuration prevents the user’s real IP address from leaking, even if the system is compromised.
When using Whonix-Workstation, an attacker will only be able to obtain fictitious network parameters, as the real IP and DNS are concealed behind the Whonix-Gateway. However, it is worth noting that running both Whonix components on the same computer is not recommended due to potential virtualization vulnerabilities.
Whonix-Workstation employs the Xfce environment and comes pre-installed with applications such as VLC, Tor Browser, Thunderbird+TorBirdy, and Pidgin. Whonix-Gateway includes server applications for creating Tor hidden services. It is possible to connect to other anonymous networks, such as Freenet and i2p, through Tor. A comparison of Whonix with other distributions can be found here. Users can connect their regular systems through Whonix-Gateway to ensure anonymity.
The main changes in Whonix 17.2 include:
- updated Kicksecure
- connect to public Tor network by default / avoid Anon Connection Wizard (ACW) popup at first boot
- Whonix-Firewall
- ported from iptables to nftables
- Improved code quality. (shellcheck, styling, clarity, refactoring, nounset, removed code duplication) (Thanks to Ben Grande!)
- towards IPv6 support
- towards Whonix-Host Operating System Live ISO, Whonix-Host Installer
- towards Bisq 2 support
- updated Tor
- updated Tor Browser
- Qubes-Whonix
- improved port from pulseaudio to pipewire for audio support – #36 by apparatius
- use Qubes UpdatesProxy tinyproxy with socks instead of transparent torification
- KVM
- Increase Whonix-Gateway RAM to
1280MB and Whonix-Workstation RAM to2048MB to be on par with Whonix for VirtualBox for simplified maintenance effort - KVM image building and signing is now done by Patrick
- Increase Whonix-Gateway RAM to
