{{Header}} {{hide_all_banners}}
{{Title|title=
Features, Advantages, Use Cases - {{project_name_long}}
}}
{{#seo:
|description={{project_name_short}} Feature List
|image=Drip-1037807-640.jpg
}}
[[File:Drip-1037807-640.jpg|thumb]]
{{intro|
{{project_name_short}} Feature List. {{project_name_short}} has a lot of features and advantages. This page gives an overview.
}}
= {{project_name_short}} Features =
[[File:Whonix-logo-rectangle.png|thumb|100px|[[Dev/Logo|{{project_name_short}} rectangular logo]]]]
{{project_name_short}} is an operating system focused on [https://www.whonix.org/#security anonymity and security]. It hides the user's IP address / location and uses the [[Why_does_Whonix_use_Tor|Tor network]] to anonymize data traffic. This means the contacted server, network eavesdroppers and operators of the Tor network cannot easily determine which sites are visited or the user's physical location. <ref>
Without advanced, end-to-end, netflow correlation attacks which rely on statistical analysis of data volume and timing.
</ref>

For a comprehensive comparison of {{project_name_short}} with other popular anonymity platforms, see [[Comparison with Others]].

== Platform Flexibility / Virtualizer friendly ==

Most if not every compatible feature of every system that {{project_name_short}} is based on can be used in {{project_name_short}} too. There are no atificial restrictions.

* Based on [https://www.debian.org Debian] GNU/Linux.
* Based on the [https://www.torproject.org Tor] anonymity network.
* Based on [[KVM]].
* Based on [[VirtualBox]].
* Based on [[{{q_project_name_short}}|Qubes]].
* [[Reasons for Freedom Software|Free]], Open Source, Libre, [https://forums.whonix.org/t/lets-call-it-freedom-software-rather-than-free-software-or-open-source/6961 Freedom] Software. This means flexibility for the user, because customization is possible and relatively simple.
* Virtual machine images with [[Virtualization_Platform_Security#Type_1_vs_Type_2_Hypervisors|Type I or 2 hypervisors]]. This means that {{project_name_short}} is flexible enough to be ported to different hypervisors.

== Pre-installed, Pre-configured Applications ==

A number of applications are pre-installed and pre-configured with safe defaults to make them ready for use. Most popular applications are compatible with the {{project_name_short}} design:

* [[Tor Browser]] is included for Internet browsing.
* Web server administration with Apache, ngnix, IRC servers, and more via [[Onion Services|onion services]].
* PGP-encrypted [[E-Mail]] with [[Encrypted_Email_with_Thunderbird|Thunderbird]].
* {{kicksecure_wiki
|wikipage=Keepassxc
|text=Keepassxc
}}
* Instant messengers like [[Chat#Gajim|Gajim]].
* The media player [[Software#Media_Player|VLC]]
* The Xfce [[Software#Terminal|Terminal]] of course
* The [[Electrum|Electrum Bitcoin wallet]] 
* Clients for [[Bitcoin]]
* Clients for [[Monero]]
* Secure data transfer to and from a server with [[File_Transfer|scp]].
* Unobserved administration of servers via [[SSH|SSH]].
* A host of other [[Software|software programs]].

The {{project_name_short}} design permits the "torification" of applications which are not capable of proxy support by themselves. Further, the user is not jeopardized by installing custom applications or personalizing the desktop.

Detailed [[Documentation|documentation]] has been produced by developers and the {{project_name_short}} community. Various issues are explained in depth, including the {{project_name_short}} design, available software, the host of possible configurations, security and privacy considerations, and numerous advanced topics.

== Security, Privacy and Anonymity Protection ==
<div style="column-count:2;-moz-column-count:2;-webkit-column-count:2">
* By using {{project_name_short}}, the user can anonymously use Java / Javascript.
* A second, extra firewall is installed and protects {{project_name_workstation_long}} by default.
* Full [[Protocol-Leak-Protection_and_Fingerprinting-Protection|IP/DNS protocol leak protection]] means the user's anonymity is extra protected.
* [[Hide Tor from your Internet Service Provider|The user can hide their Tor use and their {{project_name_short}} use effectively from most network observers - even from their internet service providers]]. <ref name=optional />
* [[Qubes/Disposables|{{project_name_workstation_short}}]] is available as a Disposable (loses all data after shutdown) in [[Qubes|{{q_project_name_long}}]].
* [[Live Mode]] is available in [[Non-Qubes-Whonix|{{non_q_project_name_short}}]].
* Installed software is hidden from network observers even from internet service providers
* Optional [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorifyHOWTO/IsolatingProxy isolating proxy].
* {{project_name_short}} prevents anyone from learning the user's IP address.
* {{project_name_short}} prevents anyone from learning the user's physical location.
* {{project_name_short}} prevents targeted malicious upgrades because all upgrades are downloaded over Tor.
* [[Bridges|Private obfuscated bridges support is offered]].
* Simplification of Tor and (meek-lite) bridge connections via [[Anon_Connection_Wizard|Anon Connection Wizard]].
* {{project_name_short}} protects user privacy.
* [[Protocol-Leak-Protection and Fingerprinting-Protection|Protocol Leak Protection and Fingerprinting Protection]].
* [[Sdwdate|Secure and distributed time synchronization mechanism]].
* [https://theinvisiblethings.blogspot.com/2008/09/three-approaches-to-computer-security.html Security by isolation].
* [[Stream Isolation]] prevents identity correlation through circuit sharing.
* [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy Transparent Proxy].
* Whitelist Tor traffic with [[Corridor|corridor]].
* [[File:Kicksecure-icon-logo.png|30px]] {{Kicksecure_link
|
|{{Kicksecure}}
}} Hardened.
* [https://www.whonix.org/#security Numerous security and anonymity features].
* [[Keystroke_Deanonymization|Keystrokes]] can be used to track users. To prevent this, {{project_name_short}} comes with [[Keystroke_Deanonymization#Kloak|kloak]] installed by default.
* [[vanguards|Protect against guard discovery and related traffic analysis attacks]]
* Prevent [https://dl.acm.org/doi/10.1145/1180405.1180410 de-anonymization of Tor onion services] through [https://github.com/Kicksecure/tirdad Tirdad kernel module for random ISN generation].
* [[Dev/Entropy|Better encryption thanks to preinstalled random number generators.]]
* [https://github.com/Kicksecure/security-misc security-misc] (misc security settings)
** Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).
** Protect Linux user accounts against brute force attacks
** [[Dev/Strong Linux User Account Isolation|Strong Linux User Account Isolation]]
** [[Dev/Strong_Linux_User_Account_Isolation#Console_Lockdown|Console Lockdown]] disables legacy login methods for improved security hardening.
* [https://github.com/Whonix/anon-apps-config anonymity, privacy and security settings pre-configuration]
</div>

== Tor Network / Torification / The Everything Tor OS ==

* [[Reliable_IP_Hiding|Reliable IP Hiding]]
* Fail Closed Mechanism: Application's traffic is either sent over Tor or completely blocked.
* Application unspecific: This applies to all applications and even [[Other Operating Systems]] connected to Whonix-Gateway.
* Most applications in {{project_name_short}} can be routed to the internet over the Tor anonymity network instead of clearnet access. This process is called <code>torification</code> or <code>torify</code>.
* '''Not only pre-installed but also [[Install Software|custom / user installed]] applications can be "torified"'''. There are [[Reasons_for_Freedom_Software#No_Intentional_User_Freedom_Restrictions|no intentional user freedom restrictions]].
** Full [[Protocol-Leak-Protection_and_Fingerprinting-Protection|IP/DNS protocol leak protection]].
** Depends on which internet protocols the application requires to function.
** Most applications do not require any awareness of being run inside {{project_name_short}} for functional connectivity. This is called [[Stream_Isolation#Transparent_Proxy|<code>transparent proxying</code>]]. (See [[Stream_Isolation#Transparent_Proxy|this chapter]].)
*** It is difficult to know for users which application uses which internet protocol (<code>TCP</code>, <code>UDP</code>, <code>ICMP</code>). In doubt,
**** [[Please_Use_Search_Engines_And_See_Documentation_First|Please use Search Engines and see Documentation First]],
**** Ask the developers of the application,
**** [[Install_Software|Try it out]].
*** Main supported protocol: <code>TCP</code>
*** <code>.onion</code> domain reachablity: Yes.
*** <code>UDP</code>: [[Tunnel_UDP_over_Tor|Tunnel <code>UDP</code> over Tor]]. <ref name=optional />
*** <code>ICMP</code>: Same as above.
*** [[Hosting Location Hidden Services]].
*** <code>.onion</code> services (server) support: Yes, see [[Onion Services]].
*** Ephemeral <code>.onion</code> services (server) support (for applications such as [[ZeroNet]], [[OnionShare]], [[Bisq]]): Yes, if an [[onion-grater]] profile was made available.
*** [[File_Sharing|Filesharing and Torrenting]].
*** Some server are blocking connections from the Tor network. ([https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor inexhaustive list])
* Can torify [[Other Operating Systems|other operating systems]].
* Can torify Windows.
* [[Bridges|Circumvents censorship]].
* [[Alternative_DNS_Resolver#Recursive_Authenticated_DNSSEC_over_Tor|DNSSEC over Tor]]. <ref name=optional>Via optional configuration.</ref>
* Tor enforcement.
* [[Vanguards]] protect against guard discovery. <ref>As well as related traffic analysis attacks.</ref>

related:

* [[Whonix_against_Real_Attacks|Whonix Track Record against Real Cyber Attacks]]
* [[Dev/Leak_Tests|leak tests]]

== Tunnels ==

This tunnels chapter and the tunnels sub chapters are for advanced users who have knowledge and experience with tunneling.

=== Tunnel and Chaining Support ===

* Connect to a [[Tunnels/Connecting_to_a_proxy_before_Tor|Proxy]], [[Tunnels/Connecting_to_a_VPN_before_Tor|VPN]] or [[Tunnels/Connecting_to_SSH_before_Tor|SSH]] before Tor.
* Connect to Tor before a [[Tunnels/Connecting_to_Tor_before_a_proxy|Proxy]], [[Tunnels/Connecting_to_Tor_before_a_VPN|VPN]] or [[Tunnels/Connecting_to_Tor_before_SSH|SSH]].
* [[Tunnel_UDP_over_Tor|Tunnel UDP over Tor]]. <ref name=optional />
* [[#Tunnel Support|VPN / tunnel support]].

=== Tunnel Other Anonymizing Networks ===

* Tunnel [[Freenet]] through Tor.
* Tunnel [[GNUnet]] through Tor.
* Tunnel [[I2P]] through Tor.
* Tunnel [[ZeroNet]] through Tor.

=== General Tunnel Support: TOR, SSH, VPN, Proxy ===

Various tunneling permutations are possible and functional in {{project_name_short}}. Connections can be routed through a VPN, SSH, or proxy before Tor, after Tor, or both.

<div class="info-box">
<div class="mw-collapsible mw-collapsed">
<div class="fontsize19">Show more</div>
<div class="mw-collapsible-content">

'''Table:''' ''{{project_name_short}} Tunnel Options''

{| class="wikitable"
|-
! scope="col"| '''Tunnel Configuration'''
! scope="col"| '''Description'''
|-
! scope="row"| Tunnel Tor through a Proxy, VPN or SSH
| [[Tunnels/Connecting to a VPN before Tor | How to Connect to a VPN Before Tor: <code>User</code> &rarr; <code>VPN</code> &rarr; <code>Tor</code> &rarr; <code>Internet</code>]] <br /> [[Tunnels/Connecting to a proxy before Tor | How to Connect to a Proxy Before Tor: <code>User</code> &rarr; <code>Proxy</code> &rarr; <code>Tor</code> &rarr; <code>Internet</code>]] <br /> [[Tunnels/Connecting to SSH before Tor | How to Connect to SSH Before Tor: <code>User</code> &rarr; <code>SSH</code> &rarr; <code>Tor</code> &rarr; <code>Internet</code>]]
|-
! scope="row"| Tunnel Proxy / Proxychains / SSH / VPN through Tor
| [[Tunnels/Connecting to Tor before a VPN| How to Connect to Tor Before a VPN: <code>User</code> &rarr; <code>Tor</code> &rarr; <code>VPN</code> &rarr; <code>Internet</code>]] <br /> [[Tunnels/Connecting to Tor before a proxy | How to Connect to Tor Before a Proxy: <code>User</code> &rarr; <code>Tor</code> &rarr; <code>Proxy</code> &rarr; <code>Internet</code>]] <br /> [[Tunnels/Connecting to Tor before SSH | How to Connect to Tor Before SSH: <code>User</code> &rarr; <code>Tor</code> &rarr; <code>SSH</code> &rarr; <code>Internet</code>]]
|-
! scope="row"| Combine Pre- and Post-Tor Tunnels
| <code>User</code> &rarr; <code> Proxy / SSH / VPN</code> &rarr; <code>Tor</code> &rarr; <code>Proxy / SSH / VPN</code> &rarr; <code>Internet</code>
|-
! scope="row"| Combine Tor with other Protocols
| Tor can also be [[Other Anonymizing Networks|replaced with another anonymizing protocol]]. Note that only some combinations and networks will work in {{project_name_short}}, such as I2P and JonDonym. <ref>This work is partially complete, but features will remain unfinished for the foreseeable future.</ref>
|}

For further reading on this topic, see:

* [[Whonix_versus_Proxies|Tor vs. Proxies, Proxy Chains]]
* [[Tunnels/Examples|Free VPN Tunnel Setup Examples]]
* Experts only: [[Chaining_Anonymizing_Gateways|Chaining Anonymizing Gateways]]

</div>
</div>
</div>

= Use Cases =

== Anonymous Browsing ==

* Use [[Browser_Plugins#Introduction|plug-ins]] [[Tips_on_Remaining_Anonymous#Study:_Anonymity_and_Pseudonymity_are_not_the_same|pseudononymously]].
* Anonymous [[Tor_Browser|Internet Browsing]].

== Anonymous Communications, Hosting Hidden Servers and Publishing ==
<div style="column-count:2;-moz-column-count:2;-webkit-column-count:2">
* Anonymous [[Software#Publishing|publishing]].
* Anonymous [[E-Mail|Email]] with Mozilla Thunderbird.
* Anonymous [[Chat|chat]].
* Anonymous IRC.
* Anonymous [[VoIP]].
* Anonymous file sharing and chat with [[OnionShare|OnionShare]].
* [[Hosting Location Hidden Services|Host location / IP hidden servers]].
* [[Chat#Tox|qTox]] and other encrypted communications. <ref name=optional />
* Send anonymous emails without registration.
</div>

= {{project_name_short}} Soft Features =

'''Table:''' ''Primary {{project_name_short}} Advantages''

{| class="wikitable"
|-
! scope="col"| '''{{project_name_short}} Feature'''
! scope="col"| '''Security and/or Anonymity Advantage'''
|-
! scope="row"| Best Possible [[Protocol-Leak-Protection and Fingerprinting-Protection|Protocol Leak Protection and Fingerprinting Protection]]
| Java, JavaScript, <ref>There is no functional JavaScript difference when it is enabled in {{project_name_short}} Tor Browser versus the standard Tor Browser (TB).</ref> <ref>Of course, using JavaScript in the {{project_name_short}} Tor Browser protects against IP address leaks, but browser fingerprinting risks still apply. For more information, see [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorifyHOWTO/WebBrowsers Web-browser]!</ref> Flash, browser plugins <ref>Plugins are still not recommended, as they may decrease anonymity (for example, flash cookies) and they often have security vulnerabilities. Most popular plugins are closed source. Although deprecated, the [[Browser_Plugins#Plugin_Warnings|browser plugins warnings]] section is still valid.</ref> and mis-configured applications cannot leak the user's real external IP address. <ref>See [[Whonix against Real Attacks|Security in the Real World]].</ref>
|-
! scope="row"| Build Simplicity
| Building {{project_name_short}} from source is easy; see [[Dev/Build Documentation|Build Documentation]].
|-
! scope="row"| Combine Anonymizing Networks
| [[Other_Anonymizing_Networks|Other anonymizing networks]] like Freenet, GNUnet, I2P, JonDonym and ZeroNet can be used.
|-
! scope="row"| Fully Featured
| A host of [[Features#{{project_name_short}} Features|Features]] are available.
|-
! scope="row"| Highly Configurable
| Numerous optional configurations, additional features and add-ons are available.
|-
! scope="row"| Open Source
| Only free software is used. <ref>https://en.wikipedia.org/wiki/Free_software</ref>
|-
! scope="row"| Private Obfuscated [[Bridges]]
| Bridges can be added to the Tor configuration file.
|-
! scope="row"| Process Separation
| Tor <ref>https://www.torproject.org</ref> and Tor Browser <ref>https://www.torproject.org/download/</ref> are not running inside the same virtual machine which means an exploit in the browser cannot affect the integrity of the Tor process. <ref>[[Deprecated/Vidalia|Vidalia]] is now deprecated; [[Tor Controller|arm]] is installed as the alternative.</ref>
|-
! scope="row"| Protection Against IP Address / Location Discovery
| Exploits using malware <ref>https://en.wikipedia.org/wiki/Malware</ref> with root rights inside {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>) are foiled. However, users should avoid testing this protective feature. <ref>If {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>) is rooted, the adversary cannot find out the user's real IP address / location. The reason is {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>) can only connect through the {{project_name_gateway_long}} (<code>{{project_name_gateway_vm}}</code>). More skill is required to compromise {{project_name_short}}, see [[Comparison with Others#Attacks|Attack Comparison Matrix]] and [[Design]].</ref>
|-
! scope="row"| Protection Against De-anonymization Attacks
| No IP address or DNS leaks are possible. <ref>{{project_name_short}} does not automatically protect against other possible leaks like username, time zone and so on. Users should read the [[Documentation]] to learn how to mitigate these threats. Additionally, {{project_name_short}} [[Protocol-Leak-Protection and Fingerprinting-Protection|Protocol Leak Protection and Fingerprinting Protection]] mitigates many possible fingerprinting attacks by using common, non-identifying defaults. For example, the username is set to <i>user</i>, the timezone is set to UTC etc.</ref>
|-
! scope="row"| Safe Hosting of [[Onion Services]]
| Even if someone hacks the user's hidden server software (lighttpd, thttpd, apache, etc.), they cannot steal the onion service key. <ref>The key is stored on the {{project_name_gateway_short}} (<code>{{project_name_gateway_vm}}</code>). Once a clean {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>) is used, no one can impersonate the onion service anymore.</ref> <ref>The {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>) is where the browser, IRC client and other user applications are run. The {{project_name_gateway_short}} (<code>{{project_name_gateway_vm}}</code>) is where Tor and the firewall are run.</ref>
|-
! scope="row"| Software Flexibility
| Installation of any software package is possible. <ref>The program must be able to run on Debian GNU/Linux or [[Other Operating Systems]] which are used. See also [[Install Software|Software installation on {{project_name_workstation_short}} (<code>{{project_name_workstation_vm}}</code>)]] for further details.</ref> <ref>ICMP, ping, VoIP calls over UDP and so on.</ref> <ref>Skype works over TCP, but it is not recommended because it is proprietary, closed source software and there is no control over the encryption keys. Skype authorities can compromise a user at any moment. A secure encryption / authentication design looks different. For example GPG and OTR are secure, because the user has control over the keys, not the server. See [[Voip#Skype|VoIP Skype section]] for further details.</ref> <ref>[[Tunnel UDP over Tor]]</ref>
|-
! scope="row"| Tor Data Persistence
| A major {{project_name_short}} advantage over Live CDs is that Tor's data directory is still available after reboot due to persistent storage. Tor requires persistent storage to save its Entry Guards. <ref>https://support.torproject.org/#about_entry-guards</ref>
|-
! scope="row"| Tor Enforcement
| All applications are automatically routed via Tor, including those which do not support proxy settings. <ref>For application warnings, see [[Documentation]].</ref> <ref>UDP is not natively supported by Tor and will therefore also not work in {{project_name_short}} (unless a [[Tunnel_UDP_over_Tor|VPN]] is used).</ref> <ref>Services that need to listen on publicly reachable ports (open / forwarded ports) are also not supported. However, users may run [[Onion Services]] which are reachable via Tor or tor2web ([https://gitlab.torproject.org/legacy/trac/-/wikis/doc/tor2web care is required]).</ref> <ref>[https://gitlab.torproject.org/legacy/trac/-/issues/7830 UDP is not supported by Tor]</ref>
|-
! scope="row"| Torify Windows
| {{project_name_gateway_short}} (<code>{{project_name_gateway_vm}}</code>) can also torify Windows. <ref>See [[Other Operating Systems]].</ref>
|-
! scope="row" | Tunnel Chaining
| It is possible to combine {{project_name_short}} with VPNs, SSH and other proxies. <ref>Users should read the [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN Tor plus VPN/proxies Warning] before proceeding. </ref> Every permutation is possible; VPNs / SSH / other proxies can be combined and used pre- and/or post-Tor tunnels.
|}

= License =

{{JonDos}} The "{{project_name_short}} Features" section of this wiki page contains content sourced from the JonDonym documentation [https://web.archive.org/web/20200123130536/http://anonymous-proxy-servers.net/en/help/about.html Features] page.

= Footnotes =

{{reflist|close=1}}

{{Footer}}

[[Category:Documentation]]