I’m curious if whonix actually provides any value rather than just running tor locally?

Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?

  • ghost_laptop
    link
    fedilink
    arrow-up
    13
    ·
    3 years ago

    I guess since they weren’t caught there’s nothing to report about it so we probably wouldn’t know… so I assume yes. Also Whonix works in perfect combination with QubesOS, so at that level of opsec is fucking hella hard to caught someone, IMO.

    • redbookOP
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      Qubes is good and the approach that it has is in my view the best approach to security, security by compartmentalizing and is the same security tactic that certain three letter agencies use to stop leaks from happening.

      Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn’t built with security in mind.

      And also Qubes isn’t a silver bullet at all - it uses the xen hypervisor which has had vulnerabilities in the past https://www.cvedetails.com/vulnerability-list.php?vendor_id=6276&product_id=0&version_id=0&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=296&sha=7354f1cd84d744aba90e37868d68b6095ad317f5

      Plus the hardware compatibility makes it almost impossible to use on the majority of devices.

      • AgreeableLandscape
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        3 years ago

        Qubes is good for security between computing contexts on the machine itself (though, not perfect as you mentioned), but by itself isn’t meant to anonymize you on the internet.

        Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn’t built with security in mind.

        Is Linux not designed for security? I’d have assumed it’s one of the more mature kernels security wise due to its prevalence in servers.

        Either way, I guess you can use BSD in the containers if that’s a real concern. Though, this is why I wish there was a viable desktop microkernel OS. Such an OS might even be able to replace the need for a hypervisor like in Qubes, if it has built-in compartmentalization for userspace programs.

        • redbookOP
          link
          fedilink
          arrow-up
          2
          ·
          3 years ago

          Yeah I think that BSD is the most secure operating system to-date and these are the guys that created ssh, the service that is used by most people in the world for connecting to theirs servers. So the folks that develop BSD really know what they are doing when it comes to security.

          I’ve not actually tried openBSD myself, but I can already tell you that having that setup correctly so that you have containers that use openBSD instead of linux will be a pain in the ass for compatibility and is likely going to be extremely difficult to setup correctly on qubes. But in my view is likely the most secure you can get with Qubes OS.

          • AgreeableLandscape
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            3 years ago

            For people who don’t want to or aren’t knowledgeable enough to go through all that trouble, what would you think about just having multiple bootable partitions (presumably with BSD ideally), each independently encrypted with a different password? That way in theory if a single OS instance is compromised, it can’t access the information on any of the other instances since ideally only the currently booted partition is decrypted. You can probably pull it off with some GRUB fu.

    • nVZWmCa67Tq0SQkXPR
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      The only problem with Qubes + Whonix combination is well it’s not newbie friendly at all.

      • ghost_laptop
        link
        fedilink
        arrow-up
        5
        ·
        3 years ago

        It shouldn’t be, using Qubes+Whonix is for people who have the need for a super secure system, from starters you have a hardware barrier that would prevent a lot of people from using it. I mean, you can use it just because yes but I don’t think there’s much benefit.

        • AgreeableLandscape
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          3 years ago

          from starters you have a hardware barrier that would prevent a lot of people from using it

          What hardware barrier? I was under the assumption that you just need virtualization support in your CPU (which almost every consumer model also have nowadays), as well as simply more RAM for storing the parallel running operating systems.

          • ghost_laptop
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            You need a CRAZY amount of RAM, not just more RAM. At least having 128GB RAM as a bare minimum is not something I’d ever seen in my third world country, even for people with moderately good PCs. The price for that amount of RAM where I live is 972.96USD.

            • AgreeableLandscape
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              3 years ago

              I’m assuming this is because Qubes OS allocates RAM independently for each VM, regardless of how much the VM is actually using? Does Xen not have the ability to use a pool of RAM and just overlap the empty space? I was under the assumption that enterprise level hypervisors could do that. Even if you have five VMs, if four of them are idle, in theory only a little more than one OS’s worth of RAM should actually be filled with active data.

              • ghost_laptop
                link
                fedilink
                arrow-up
                2
                ·
                3 years ago

                Qubes does not only use compartmentalization for stuff like browsing, if I remember correctly your /home folder is also a separate VM and I think there was something similar to this happening too, so I assume there’s always at least like 3 or 4 VMs running. Either way AFAIK you still need that amount, regardless of if there’s an alternative, which makes it non usable for poor people.

                • AgreeableLandscape
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  3 years ago

                  Fair enough. I said this in another comment already, but for this reason I really wish there was a viable desktop OS that uses a microkernel, since such an OS can be much more easily designed do secure compartmentalization without the need for VMs or duplicate parallel processes in general. A micorkernel OS still has more computational overhead than one monolithic kernel, but would be much more resource frugal than multiple VMs.

        • nVZWmCa67Tq0SQkXPR
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          Yeah it depends on your threat model but even if you have the right hardware, it would still be pretty hard if you are a newbie who say, has recently switched to Linux.

          • AgreeableLandscape
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            3 years ago

            Furthermore, Linux knowledge will only help you to an extent with Qubes. You should ideally also be familiar with Xen configuration and administration, a much more niche skillset.

    • relejek
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      3 years ago

      This. When the safety tool/system is so good that you don’t realise if it is working or not. I think a better question would be “whether anyone was compromised while* using it?”

      Edit: a word.

  • PandaCoderPL
    link
    fedilink
    arrow-up
    4
    ·
    3 years ago

    I’m curious if whonix actually provides any value rather than just running tor locally?

    It’s definitely more resistant to any exploits because Whonix Workstation doesn’t know your real IP address.

    Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?

    If someone got saved from being identified then you probably will not hear about it anywhere but there were cases where Whonix would save someone from being identified if they only used it. As an example see Buster Hernandez’s case (more details here: https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez). He was running Tor locally (because he was using Tails) and he got caught.