I’m curious if whonix actually provides any value rather than just running tor locally?
Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?
I guess since they weren’t caught there’s nothing to report about it so we probably wouldn’t know… so I assume yes. Also Whonix works in perfect combination with QubesOS, so at that level of opsec is fucking hella hard to caught someone, IMO.
Qubes is good and the approach that it has is in my view the best approach to security, security by compartmentalizing and is the same security tactic that certain three letter agencies use to stop leaks from happening.
Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn’t built with security in mind.
And also Qubes isn’t a silver bullet at all - it uses the xen hypervisor which has had vulnerabilities in the past https://www.cvedetails.com/vulnerability-list.php?vendor_id=6276&product_id=0&version_id=0&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=296&sha=7354f1cd84d744aba90e37868d68b6095ad317f5
Plus the hardware compatibility makes it almost impossible to use on the majority of devices.
Qubes is good for security between computing contexts on the machine itself (though, not perfect as you mentioned), but by itself isn’t meant to anonymize you on the internet.
Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn’t built with security in mind.
Is Linux not designed for security? I’d have assumed it’s one of the more mature security wise due to its prevalence in servers.
Either way, I guess you can use BSD in the containers if that’s a real concern. Though, this is why I wish there was a viable desktop microkernel OS. Such an OS might even be able to replace the need for a hypervisor like in Qubes, if it has built-in compartmentalization for userspace programs.
Yeah I think that BSD is the most secure operating system to-date and these are the guys that created ssh, the service that is used by most people in the world for connecting to theirs servers. So the folks that develop BSD really know what they are doing when it comes to security.
I’ve not actually tried openBSD myself, but I can already tell you that having that setup correctly so that you have containers that use openBSD instead of linux will be a pain in the ass for compatibility and is likely going to be extremely difficult to setup correctly on qubes. But in my view is likely the most secure you can get with Qubes OS.
For people who don’t want to or aren’t knowledgeable enough to go through all that trouble, what would you think about just having multiple bootable partitions (presumably with BSD ideally), each independently encrypted with a different password? That way in theory if a single OS instance is compromised, it can’t access the information on any of the other instances since ideally only the currently booted partition is decrypted. You can probably pull it off with some GRUB fu.
The only problem with Qubes + Whonix combination is well it’s not newbie friendly at all.
It shouldn’t be, using Qubes+Whonix is for people who have the need for a super secure system, from starters you have a hardware barrier that would prevent a lot of people from using it. I mean, you can use it just because yes but I don’t think there’s much benefit.
Yeah it depends on your threat model but even if you have the right hardware, it would still be pretty hard if you are a newbie who say, has recently switched to Linux.
Furthermore, Linux knowledge will only help you to an extent with Qubes. You should ideally also be familiar with Xen configuration and administration, a much more niche skillset.
from starters you have a hardware barrier that would prevent a lot of people from using it
What hardware barrier? I was under the assumption that you just need virtualization support in your CPU (which almost every consumer model also have nowadays), as well as simply more RAM for storing the parallel running operating systems.
You need a CRAZY amount of RAM, not just more RAM. At least having 128GB RAM as a bare minimum is not something I’d ever seen in my third world country, even for people with moderately good PCs. The price for that amount of RAM where I live is 972.96USD.
I’m assuming this is because Qubes OS allocates RAM independently for each VM, regardless of how much the VM is actually using? Does Xen not have the ability to use a pool of RAM and just overlap the empty space? I was under the assumption that enterprise level hypervisors could do that. Even if you have five VMs, if four of them are idle, only a little more than one OS’s worth of RAM should be actually filled with active data.
Qubes does not only use compartmentalization for stuff like browsing, if I remember correctly your /home folder is also a separate VM and I think there was something similar to this happening too, so I assume there’s always at least like 3 or 4 VMs running. Either way AFAIK you still need that amount, regardless of if there’s an alternative, which makes it non usable for poor people.
Fair enough. I said this in another comment already, but for this reason I really wish there was a viable desktop OS that uses a microkernel, since such an OS can be much more easily designed do secure compartmentalization without the need for VMs or duplicate parallel processes in general. Micorkernels still have more computational overhead than one monolithic kernel, but would be much more resource frugal than multiple VMs.
This. When the safety tool/system is so good that you don’t realise if it is working or not. I think a better question would be “whether anyone was compromised while* using it?”
Edit: a word.
Removed by mod
I’m curious if whonix actually provides any value rather than just running tor locally?
It’s definitely more resistant to any exploits because Whonix Workstation doesn’t know your real IP address.
Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?
If someone got saved from being identified then you probably will not hear about it anywhere but there were cases where Whonix would save someone from being identified if they only used it. As an example see Buster Hernandez’s case (more details here: https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez). He was running Tor locally (because he was using Tails) and he got caught.
Removed by mod