Comparison of Whonix, Tails, Tor Broswer Bundle, and Qubes OS TorVM

Whonix: Comparison with Others.

-- Tom

 

Nice post. I've read that on their site many times before. I am responding just to confirm that I have checked out most of the Whonix features personally. The dual VM's and their security by isolation method is very easy to enjoy. Literally works out of the box!

 

That is a nice comparison chart. It's good not just for understanding the differences between the projects, but also for understanding all the things they do. Whonix is cool and easy to use. But I'm still curious to try out Qubes OS.

 

Even you use any of these, then you become the ugly duckling.
So, means many benefits but also some disadvantages.

 

thx nice comparison and breakdown

 

Hi

Big thanks for the link...as i am writing some stuff to fight censorship.
A few pricacy and security focused distributions are not included, but this is already a great comparative effort.

It is clear that Whonix is well balanced between security and privacy.

Rgds

 

Are you referring to browser fingerprinting? I'm not sure what you mean. But I do believe Whonix and the Tor Browser Bundle and perhaps the other systems have configured themselves in ways to resist browser fingerprinting.

Tor also has an intereting recent post about how effective fingerpriting really is:

https://blog.torproject.org/blog/critique-website-traffic-fingerprinting-attacks

 

I like this quote from Merisi

If you use Whonix, then adversary can tell you are use certain kernel of Debian Linux and Tor, is it correct? Maybe also can tell some other such things about you. You are now a part of a very select and interesting group of internet users. Now you are walking down the high street with a mask that says "Look at me!". People cannot easily see who you are, but they will be looking.

If lots of people start to use Whonix, I feel very different about it. But right now, how many people use it? It is simple enough to just monitor who has downloaded the Whonix software.

 

Whonix uses the Tor Browser Bundle, just as Tails does. There's a tweak, so the Tor client can run in a separate VM, but otherwise they all (TBB, Tails and Whoniux) look the same. They pretend to be some common mix of Windows and IE, as I recall.

 

Yes they can, you are correct. With the right tools you can fingerprint any system, & I mean any system despite what your using.

These tools are custom made for security pen testers and governments.

I have first hand experience with them, I can even pull name/brand/type of CPU & Network Card & Wifi Adapter with the right tools.

 

Are you saying that a website can do that, without a successful exploit?

Anyone can pull anything if they get root.

 

Yes, as Mirimir asks, are you saying a website alone, without installing malware on a system, can circumvent the information the browser itself provides and fingerprint a system beyond that information? How is that possible?

*

My and mirimir's question above to ComputerSaysNo notwithstanding, I don't think this is correct. As I already said above, the Tor Browser Bundle is configured to reveal very little (and inaccurate information) about your system.

In the Tor Browser Bundle, EFF's Panopticlick sees that I'm running Windows (but I'm not), does not correctly see my screen size, detects no plugins or fonts, and that's about it. This does in fact make the Tor Browser Bundle's fingerprint more unique, than my other non-Tor browser. On the other hand, I assume this also makes it appear exactly the same as anyone else running the Tor Browser Bundle, so I don't know how easy this fingerprint can be attached to any one person. And it has the benefit of appearing differently from my regular browser, so I don't know how the two would be correlated with each other as being the same person.

So I think the "very select intereting" group idea oversimplifies the complexity of the task. Being part of a very select interesting group in which everyone looks the same and can't be distinguished from each other may not be that useful for tracking purposes. And we already know that the government is very interested in Tor traffic anyway, so the browser fingerprint is hardly the thing drawing the most attention to you.

In addition, if you look at the link I provide above in which the Tor project analyzes the complexities of fingerprinting, it also appears that it's just not as simple as you're suggesting.

 

Hi mirimir,

Tails does not use the Tor Browser Bundle (TBB) directly. I think they port the changes to it into Iceweasel, the Gnu Firefox derivative. So, effectively, a TBB equivalent, eh? However, it is difficult to figure out how coordinated the two projects are to dovetail the TBB changes and when they make it into a Tails release IMO.

-- Tom

 

That's true, I forgot.

So the signature might be different.

But adrelanos is very careful and thorough, so I'm assuming that they're the same.

I'll check later, when I have a chance.

 

Your right if you get r00t you can get anything, but I believe the tools I'm speaking about you can pull that info through just the browser, I think it calls Windows WMI (which holds all the hardware information) and pulls the info through that and you don't need a exploit. I'll double check though just to be certain when I'm back at work, they don't let me take the good stuff home for good reason.

See above.

 

Well, OK maybe it's doable on Windows. I wouldn't be surprised

[searches some]

Wow! Now that's a really bright idea

I trust that WBEM is better locked down in Unix/Linux.