The Whonix 16 distribution kit has been released, aimed at providing guaranteed anonymity, security and protection of private information. Whonix boot images are built to run under the KVM hypervisor. Builds for VirtualBox and for use in the Qubes operating system are on hold (while Whonix 16 test builds continue to ship). The developments of the project are distributed under the GPLv3 license.
The distribution is based on Debian GNU/Linux and uses Tor for anonymity. A feature of Whonix is ββthe division of the distribution kit into two separately installed components - Whonix-Gateway with the implementation of a network gateway for anonymous communications and Whonix-Workstation with a desktop. Both components are shipped within the same boot image. Access to the network from the Whonix-Workstation environment is performed only through the Whonix-Gateway, which isolates the working environment from direct interaction with the outside world and allows the use of only fictitious network addresses. This approach helps protect the user from leaking the real IP address in the event of a web browser being hacked and even when exploiting a vulnerability that gives an attacker root access to the system.
Hacking the Whonix-Workstation will only allow the attacker to obtain bogus network parameters, since the real IP and DNS parameters are hidden behind the border of the network gateway, which directs traffic only through Tor. At the same time, it should be taken into account that Whonix components are designed to be launched as guest systems, i.e. the possibility of exploiting critical 0-day vulnerabilities in virtualization platforms that can provide access to the host system is not ruled out. Because of this, it is not recommended to run Whonix-Workstation on the same computer as Whonix-Gateway.
Whonix-Workstation provides the Xfce user environment by default. The package includes such programs as VLC, Tor Browser (Firefox), Thunderbird+TorBirdy, Pidgin, etc. In the Whonix-Gateway distribution, you can find a set of server applications, including Apache httpd, ngnix, and IRC servers, that can be used to run Tor hidden services. Forwarding over Tor tunnels for Freenet, i2p, JonDonym, SSH and VPN is possible. A comparison of Whonix with Tails, Tor Browser, Qubes OS TorVM and corridor can be found on this page. If desired, the user can get by with Whonix-Gateway only and connect his usual systems, including Windows, through it, which makes it possible to provide an anonymous exit for workstations already in use.
Major changes:
- The distribution's package base has been updated from Debian 10 (buster) to Debian 11 (bullseye).
- Tor installation repository switched from deb.torproject.org to packages.debian.org.
- The binaries-freedom package has been deprecated, as electrum is now available from the regular Debian repository.
- The fasttrack repository (fasttrack.debian.net) is enabled by default through which you can install the latest versions of Gitlab, VirtualBox and Matrix.
- Filepaths updated from /usr/lib to /usr/libexec.
- VirtualBox has been updated to version 6.1.26 from the Debian repository.
Source: opennet.ru