EOS + Whonix or Qubes + Whonix, opinions and differences?

nicknick · October 3, 2024, 1:42pm

(Sorry, I didn’t know if the correct subforum was “Newbie” or this one, please move the thread if this is not the correct subforum)

Hi friends.

I was reading about Whonix and it seems to be used with Qubes. I don’t understand how Qubes works, but it seems to be something like this:

You install QubesOS (same as when you install EOS), from an ISO.
You download Whonix (but it’s not an ISO) and run it from QubesOS (I think from a virtual machine or something like that)

My question is, can I install Whonix alongside EOS instead of QubesOS?

Would EOS + Whonix meet the same level of security as QubesOS + Whonix?

Because, although my main operating system is EOS, I would like to have a secondary operating system with the highest level of security, anonymity and privacy. I have read that it is possible to achieve this by running Whonix on an operating system.

So, if I’m not mistaken, Whonix IS NOT a normal OS like EOS, apparently Whonix can only run on virtual machines, is this correct?

So, I really want to try this out and see how secure and anonymous an OS it is alongside Whonix, as I’ve heard that even your ISP can’t see that you’re connecting to Tor, your IP can’t be leaked, and even if viruses or ransomware for Linux infect your PC, they won’t get out of there (I’ve read this on forums and reddit, I don’t know how true this is).

So, have any of you tried this or know a bit about it, can you give me your opinion?

Thanks!

EDIT:

By the way, I’ve heard that you need a lot of ram to run virtual machines, my pc is: i5 3470 (4 cores), 1050 ti (4gb), 16gb ram

dalto · October 3, 2024, 2:05pm

You can run it in a VM on EOS.

You have enough RAM to run a whonix VM, no problem.

smokey · October 3, 2024, 2:08pm

Their website answers all these questions you have asked.

https://www.whonix.org/wiki/Dev/VirtualBox#Why_use_VirtualBox_over_KVM?
and many more

drunkenvicar · October 3, 2024, 2:14pm

Qubes/Whonix both configured to route thru Tor network in my understanding.
Is EOS? would be my question.
Also Qubes has every process isolated and is basically a VM that way. EOS not so much.

The only way I can see it is EOS+Firefox is a lot worse then EOS+Whonix for security.
Sounds like an interesting endeavour (no pun intended), go for it.

from Distrowatch comment:
“Qubes OS Isn’t a distro, its mostly a Xen hypervisor that sits on top of Fedora and Debian. Qubes OS allows users to have a very secure computer by isolating each application for various purposes. Qubes OS creates qubes or virtual machines that can be used seamlessly. Qubes will sandbox networking and even USB drives. Qubes allows users to setup a VPN or a Whonix qube for added privacy.”

dalto · October 3, 2024, 2:22pm

If you run Whonix in a VM, it will be isolated from your host.

The advantage you get in Qubes is seamless integration.

nicknick · October 5, 2024, 5:42pm

I see, thanks. I think dual booting with Qubes is not recommended, so if I want to try it I guess I should delete EOS, try Qubes OS, and reinstall EOS (not really a big deal for me, since EOS installs quickly).

In case I want to try Whonix on EOS as you said (which btw requires a virtual machine to work as I’ve read), which app/package/virtual machine is the most recommended or the most used?

Oh thanks, they recommend VirtualBox there, I’ll check out the wiki as it seems to require several packages to install.

Also, I’ll read the rest tomorrow, thanks.

Sorry, my English is pretty bad, do you mean that both are equally secure, but Qubes+Whonix has better integration? (with integration you don’t mean security, but performance or something?)

dalto · October 5, 2024, 5:56pm

It is entirely a matter of opinion but I would recommend pretty much anything except virtualbox.

For a quick solution that is easy to get up and running, try Gnome boxes.(It doesn’t matter if you use gnome or not).

Yes.

Not performance or security. More like ease of use.

In your case of “I want to test Whonix”, I don’t see any advantage of using Qubes for trying out whonix. If you wanted Whonix to be more seamless with your normal desktop, then you could look at Qubes.

z580c · October 5, 2024, 6:54pm

If you have concerns then it’s important to note that your ISP will absolutely still be able to see that there’s a connection to a Tor entry node coming from your home network, if they want to - the connection is still being routed from you, over their network and to the Tor entry node, after all. If it’s properly configured (and you haven’t got a nation-state level adversary trying to see what you’re up!) to then they won’t be able to see what’s being sent and received over that connection, but they will still be aware of the connection itself.

There is nothing magic about a VM that makes a connection invisible to the ISP - the entire point of the Tor protocol is that after the traffic is sent along the ISP’s network it’s then bounced around a network of nodes to obfuscate the true path and nature of the connection.

Alongside this, theoretically, if the Tor network were ever compromised then your IP can also absolutely be leaked - again, there’s nothing magic about a VM that can prevent this. The connection starts at your home connection which has your IP plastered all over it, and the only way to avoid that is to not connect at all.

Regards to viruses/malware/etc, the advantage of running in a VM mean that if the VM does get infected you can just trash it and spin up a fresh one with minimal fuss - in theory provided your setup is sound they will be contained within the VM.