Comparison of Whonix, Tails, Tor Broswer Bundle, and Qubes OS TorVM

Discussion in 'privacy technology' started by lotuseclat79, Nov 13, 2013.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,089
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Nice post. I've read that on their site many times before. I am responding just to confirm that I have checked out most of the Whonix features personally. The dual VM's and their security by isolation method is very easy to enjoy. Literally works out of the box!
     
  3. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    325
    That is a nice comparison chart. It's good not just for understanding the differences between the projects, but also for understanding all the things they do. Whonix is cool and easy to use. But I'm still curious to try out Qubes OS.
     
  4. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Even you use any of these, then you become the ugly duckling. :doubt:
    So, means many benefits but also some disadvantages.
     
  5. TheCatMan

    TheCatMan Registered Member

    Joined:
    Aug 16, 2013
    Posts:
    327
    Location:
    sweden
    thx nice comparison and breakdown
     
  6. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi

    Big thanks for the link...as i am writing some stuff to fight censorship.
    A few pricacy and security focused distributions are not included, but this is already a great comparative effort.

    It is clear that Whonix is well balanced between security and privacy.

    Rgds
     
  7. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    325
    Are you referring to browser fingerprinting? I'm not sure what you mean. But I do believe Whonix and the Tor Browser Bundle and perhaps the other systems have configured themselves in ways to resist browser fingerprinting.

    Tor also has an intereting recent post about how effective fingerpriting really is:

    https://blog.torproject.org/blog/critique-website-traffic-fingerprinting-attacks
     
  8. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    I like this quote from Merisi
    If you use Whonix, then adversary can tell you are use certain kernel of Debian Linux and Tor, is it correct? Maybe also can tell some other such things about you. You are now a part of a very select and interesting group of internet users. Now you are walking down the high street with a mask that says "Look at me!". People cannot easily see who you are, but they will be looking.

    If lots of people start to use Whonix, I feel very different about it. But right now, how many people use it? It is simple enough to just monitor who has downloaded the Whonix software.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Whonix uses the Tor Browser Bundle, just as Tails does. There's a tweak, so the Tor client can run in a separate VM, but otherwise they all (TBB, Tails and Whoniux) look the same. They pretend to be some common mix of Windows and IE, as I recall.
     
  10. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,411
    Yes they can, you are correct. With the right tools you can fingerprint any system, & I mean any system despite what your using.

    These tools are custom made for security pen testers and governments.

    I have first hand experience with them, I can even pull name/brand/type of CPU & Network Card & Wifi Adapter with the right tools.
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Are you saying that a website can do that, without a successful exploit?

    Anyone can pull anything if they get root.
     
  12. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    325
    Yes, as Mirimir asks, are you saying a website alone, without installing malware on a system, can circumvent the information the browser itself provides and fingerprint a system beyond that information? How is that possible?

    *

    My and mirimir's question above to ComputerSaysNo notwithstanding, I don't think this is correct. As I already said above, the Tor Browser Bundle is configured to reveal very little (and inaccurate information) about your system.

    In the Tor Browser Bundle, EFF's Panopticlick sees that I'm running Windows (but I'm not), does not correctly see my screen size, detects no plugins or fonts, and that's about it. This does in fact make the Tor Browser Bundle's fingerprint more unique, than my other non-Tor browser. On the other hand, I assume this also makes it appear exactly the same as anyone else running the Tor Browser Bundle, so I don't know how easy this fingerprint can be attached to any one person. And it has the benefit of appearing differently from my regular browser, so I don't know how the two would be correlated with each other as being the same person.

    So I think the "very select intereting" group idea oversimplifies the complexity of the task. Being part of a very select interesting group in which everyone looks the same and can't be distinguished from each other may not be that useful for tracking purposes. And we already know that the government is very interested in Tor traffic anyway, so the browser fingerprint is hardly the thing drawing the most attention to you.

    In addition, if you look at the link I provide above in which the Tor project analyzes the complexities of fingerprinting, it also appears that it's just not as simple as you're suggesting.
     
  13. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,089
    Hi mirimir,

    Tails does not use the Tor Browser Bundle (TBB) directly. I think they port the changes to it into Iceweasel, the Gnu Firefox derivative. So, effectively, a TBB equivalent, eh? However, it is difficult to figure out how coordinated the two projects are to dovetail the TBB changes and when they make it into a Tails release IMO.

    -- Tom
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    That's true, I forgot.

    So the signature might be different.

    But adrelanos is very careful and thorough, so I'm assuming that they're the same.

    I'll check later, when I have a chance.
     
  15. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,411

    Your right if you get r00t you can get anything, but I believe the tools I'm speaking about you can pull that info through just the browser, I think it calls Windows WMI (which holds all the hardware information) and pulls the info through that and you don't need a exploit. I'll double check though just to be certain when I'm back at work, they don't let me take the good stuff home for good reason.

    See above.
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Well, OK maybe it's doable on Windows. I wouldn't be surprised ;)

    [searches some]

    Wow! Now that's a really bright idea :eek:

    I trust that WBEM is better locked down in Unix/Linux.
     
Loading...
Thread Status:
Not open for further replies.