No Way!

Specific groups, such as journalists, lawyers, whistleblowers, and political activists, are often the focus of intelligence agencies and other authorities. Business owners and researchers also can attract unwanted attention and find themselves the targets of attack. To communicate in an encrypted and anonymous way over the Internet and protect themselves from intrusion attempts and sniffer software, these groups often rely on special technological protections.

To shut out unauthorized eavesdroppers, the Whonix project now offers an interesting approach – but not just for these target groups: A specially hardened and isolated system with a connection to the Internet through the Tor network runs on a virtual machine (VM), allowing for encrypted and hard-to-trace communication.

Quartet

Whonix for Linux comes in four packages. In addition to a prepared gateway for VirtualBox weighing in at approximately 1.8GB, the developers supply a complete work environment based on Debian "Stable" with a size of around 2.1GB, which also runs as a separate system in VirtualBox. The two packages are completely preconfigured in OVA format and available for download [1]. Although this solution is aimed at newcomers with little network knowledge, the developers describe it as still in the test phase.

Whonix runs completely in a VirtualBox machine, which means you need it in place on your system. Most distributions have VirtualBox in their repositories, so the installation is typically just a matter of a few mouse clicks. Alternatively, you can download the software directly from Oracle [2], which is also where you will find the appropriate instructions for installing.

Your computer must have a CPU that supports the VT-x or AMD-V hardware virtualization extensions. Additionally, it needs at least 4GB of RAM, because you need to run two VMs for Whonix in addition to the host operating system. To check whether your computer supports the appropriate technology, run:

$ egrep '(vmx|svm)' /proc/cpuinfo
flags : fpu [...] ds_cpl vmx est [...] dtherm arat
[...]

If the command returns an empty result, the PC is too old, or you need to enable hardware virtualization in the computer BIOS.

Whonix also creates two virtual disks, each 100GB, in the VMs; they initially occupy a total of around 10GB of the drive. Because VirtualBox dynamically allocates mass storage, the virtual disks will only grow if disk utilization increases, so you do not need to provide 200GB of mass storage capacity for the two Whonix components. However, the free disk space should be more than 20GB total.

In two other stable packages, Whonix uses KVM technology embedded in the Linux kernel to run in a VM under KVM/Qemu. A gateway and a workstation of about the same size as that for VirtualBox are available, too [3], and can be controlled by graphical front ends such as Microsoft's Virtual Machine Manager, much like VirtualBox.

For both solutions, the download area also offers matching OpenPGP signatures and keys with which you can check the data integrity of downloaded packages. The developers provide a how-to for beginners [4].

Operations

Whonix relies on preset firewall rules to direct all traffic via the Tor connection configured in the gateway, and the Whonix workstation acts as the user interface downstream of the gateway. The workstation uses a network that is isolated from the host system to connect to the Internet.

The gateway has two virtual network interfaces – the project's attempt to achieve maximum security for the user. Among other things, this design keeps unauthorized users from sniffing IP addresses or the websites you have visited. Additionally, the VM is decoupled from the host system to prevent damage to it, should an attacker compromise it with malware unnoticed by the user.

The system thus prevents DNS and IP protocol leaks and effectively prevents an identity correlation using stream isolation, a technique that allows an attacker to draw conclusions about the identity of a user when identical transmission paths are used for various applications on the Tor network.

To maintain the high level of security, you should also be cautious when working with the host running the VMs. A compromise by malicious software can also affect VMs under certain circumstances, so it is advisable to install Whonix on a fresh host system.

Installation

To set up the two Whonix machines, start VirtualBox, and integrate the gateway and the workstation one after another from the File | Import Appliance menu. In the dialog that follows, select the corresponding OVA file in the file manager and click Next. Once the appliance settings appear, you can click Import (Figure 1). VirtualBox now integrates the appropriate package and prepares the VM for use.

Figure 1: The installation of two Whonix modules is quick in VirtualBox.

Please note that VirtualBox does not support some Linux security features possible in Debian, such as the Grsecurity kernel extensions. A KVM/Qemu-based VM with an existing Grsecurity extension under Debian is generally safer than a standard system with VirtualBox. However, KVM/Qemu requires detailed knowledge of the Linux system for the installation and configuration. For detailed instructions on activating KVM and installing the Whonix components, see the wiki on the project site [5].