This community needs to start using Whonix, especially if you are a vendor

This community needs to know more about Whonix and start using it, especially vendors who want to protect their anonymity. https://www.whonix.org/

I see a lot of mentions and tutorials based on TAILS here. Don't get me wrong, TAILS is great, it's definitely much better than just using Tor Browser on your own personal computer. But Tails depends on Tor browser for anonymity, and you have to be careful to make sure you don't accidentally use a program that connects to clearnet.

The biggest flaw of TAILS and Tor Browser is that they are simply based on Firefox, and Firefox (like any other browser) suffers from vulnerabilities. Sure the Firefox developers are amazing and they patch anything they find and anything that any responsible hacker reports to them, but there certainly are many open vulnerabilities in Firefox that are yet to be discovered by the wider community.

LE has infinite resources. They have some of the best software developers and mathematicians and cryptography experts working for them, especially at the NSA (and the FBI to a lesser extent). Firefox and Tor Browser are all open source and there is now a lot of evidence that LE has access to at least one (and probably many more) 0-day vulnerabilities (vulnerabilities that only they know about) in Firefox and can exploit them at will if they want to.

If they know of vulnerabilities in the core of Firefox, they can find your real IP address very easily. This is how they attacked Playpen users and have charged 135 people just in the US right now with it. As far as we know, they are reserving such tactics for CP operators for the time being. But they can easily deploy them against darknet drugs vendors and users in future.

Whonix provides a second layer of protection. It's not bullet-proof (nothing is) and if the NSA is really after you, they will still get you. But at least, they will need something more than just a 0-day Firefox vulnerability.

Whonix is a virtual machine image based on Debian Linux and Tor. The easiest way to use it is using Virtualbox (which is free and open source). There are other ways of using it as well (KVM, Cubes) but they are for the more tech savvy people. Virtualbox is much easier for most people and still provides decent protection. The design is really simple. You install Virtualbox on your host OS. You then import two virtual machine images, one called Whonix Gateway, the other called Whonix Workstation. All tor traffic goes through Whonix Gateway, and you run nothing else on it, it just acts as a gateway. Once Whonix Gateway is running and connected to tor, you start Whonix Workstation. It's just a normal Debian Linux with a KDE desktop and it comes with GPG and other tools you need. Anything you run while inside Whonix Workstation automatically uses Tor, so no chance of exposing yourself to the clearnet by accident.

Whonix also uses the Tor Browser, but importantly, if there is a vulnerability in Firefox and Tor Browser, just exploiting it won't reveal your real IP address. The attacker has to exploit Firefox, break out of its jail, then exploit Virtualbox and break out of it as well to get to your host OS and find your real IP. As I said, I'm sure the NSA can do that, but it is significantly more difficult to exploit.

Whonix is probably also the only "safe" way of running Javascript and other plugins in the Tor Browser and not having your anonymity compromised. I still wouldn't do it, but technically, it's safe to do.

I feel like this community needs to know more about Whonix, and if you are a vendor and care about not getting busted, you should seriously consider it. I'm only making this post (from a throwaway account) because I care about this community's well-being.

TAILS does have one great advantage over Whonix, it is amnesic, it leaves no trace on your hard disk. If you are a bit tech savvy, you can achieve something similar with Whonix. First of all, install a normal Linux distro of choice (say Ubuntu) onto a USB stick. Make sure you get a high speed USB 3.0 stick that's at least 32GB. There are various guides online on how to install Ubuntu onto a USB stick to I won't go into it. Then, boot into that USB stick and install Virtualbox there. Then download Whonix Gateway and Whonix Workstation and import them. Then run Whonix all off the USB stick. This gives you the best of both words: everything is contained in a USB stick with no traces left on your hard disk, AND you get the multi-level protection that Whonix offers.

If you're doing anything serious on the dark web, take security seriously. If you are using Tor browser or TAILS, you are just one 0-day exploit from revealing your real IP. Whonix using Virtualbox is not that difficult to use, if you invest an hour or two you'll get the hang of it. It will greatly amplify your security and make it much harder for an attacker to get to your real IP address.

tl;dr: LE can exploit Tor browser and TAILS and get your real IP address. If you want addedd protection, use Whonix. It's just a couple of Virtualbox images, easy to use.


Comments


[15 Points] noonehear:

TL;DR. Run Windows NT 4.0.


[13 Points] None:

I stopped reading when you failed to mention Qubes OS and running a WhoNix image there and instead said to use VirtualBox.


[5 Points] __youdisgustme__:

qubes-whonix > whonix > tails, for long-term security purposes.

tails is about the info left on your device, whonix is about preventing de-anonymization entirely. and qubes adds another layer of defense onto that


[4 Points] None:

[deleted]


[3 Points] YourMomRox:

Wasn't the exploit they used to catch those CP people flash based?

Like they all had flash enabled in ther tor browsers?


[3 Points] LedLevee:

The fact that you should NOT do this on Windows/Mac should be stated much more clearly AND VERY BOLDLY.

Windows and Mac are known to spy on their users. Windows and Mac are constantly in contact with computers that use their software, not only the OS itself, but also things like MS Office.

It is very feasible for them to do things like take a screenshot of your computer any time an image is loaded, very easily. I don't want to state this as a fact, but I did read something about unnecessary contact with Windows servers in Windows 10 any time an image was loaded or certain sites were loaded. Do your own research, but I'd be very careful! The point of using a VM is totally gone then.

So do NOT use this method on Mac/Win!


[1 Points] hloud07:

Completely agree


[1 Points] None:

[deleted]


[1 Points] UDGHT:

!remindme 1week


[1 Points] HornyHebrew:

But whonix uses the same things lel


[1 Points] hushd_:

But Tails depends on Tor browser for anonymity, and you have to be careful to make sure you don't accidentally use a program that connects to clearnet.

Are you sure about that? I thought everything connects over tor in tails. For example also the bitcoin client or the E-Mail client. If that's not the case why don't they do it like this?


[1 Points] Throwaway97372616:

/u/zieng9a wouldn't a trusted VPN prevent your IP from being compromised?


[1 Points] SirFoxx:

Whonix with Qubes


[1 Points] DatMaxFreak:

If you're using TAILS it's impossible to "accidentally" access the clearnet. All traffic within TAILS is forced through TOR using basically the same mechanism as WHONIX uses. Just because TAILS uses the TOR browser, does not mean that TAILS relies on the browser itself to access TOR. TOR runs as service on the underlying OS.


[1 Points] snooduser:

is it necessary for someone who might make an order every few months or so?


[1 Points] StreetMasterFlash:

Relatively new to DNM's, I use PGP + Tor etc, I don't buy huge amounts or anything, should I be worried for not using all of these different opsecs?