Whonix is a Linux desktop dedicated to absolute security and privacy. Find out how to use this unique take on the desktop operating system.
In today’s world, security and privacy have become incredibly important to both businesses and consumers. For some, it doesn’t seem to matter what we do as there’s always a security risk lurking around the corner. To that end, we go to all lengths to secure the desktop platforms we use. Sometimes it works, sometimes it doesn’t.
If you’ve reached the point where you have tasks that require the most secure and private desktop you can find, where do you turn? You could give Whonix a try. Whonix takes a very different approach to desktop security. Instead of a single operating system, you actually work with two virtual machines—one as a gateway and the other as a desktop. The gateway works with the Tor network to ensure security and privacy. With this one-two punch, you can be sure everything you do on the desktop is anonymized.
How do you make this work? I’m going to show you.
SEE: Security Awareness and Training policy (TechRepublic Premium)
What you’ll need
The trick to using Whonix is by way of VirtualBox–in order to use Whonix, you’ll need VirtualBox installed. The platform you use to host VirtualBox doesn’t matter.
How to import the virtual appliance
The first thing you must do is import the virtual appliance into VirtualBox. This is actually quite easy. All you need to do is head over to the Whonix download page and download the OVA file. Upon clicking the file, you should be prompted what to do with the download (Figure A).
Make sure to select Open with and then choose VirtualBox from the drop-down. Click OK and the download will begin. Once the download completes, you’ll be prompted to import the appliance into VirtualBox (Figure B).
Don’t change any of the appliance settings, just click Import and agree to two EULAs. Once you’ve agreed to the licenses, the import will complete.
How to run Whonix
The appliance import will wind up with two virtual machines:
It is important that you only start the Gateway first as it must connect to the Tor network. Once you start the Gateway, it’ll land on the Anon connection Wizard (Figure C).
Click Next and, in the resulting window, click Next again (Figure D).
When the connection to the Tor network is made, you’ll eventually see a warning that Whonix needs to be upgraded. Close that warning, open a terminal window, and issue the command:
sudo apt-get-update-plus dist-upgrade
You will not be prompted for a sudo password. The upgrade will start and complete.
After that, issue the following command:
sudo apt-get update && sudo apt-get upgrade -y
For this command, you will be prompted for a password. The default sudo password is changeme.
When this completes, leave the Gateway running and start the Whonix Workstation from VirtualBox. When the desktop finally loads, you will need to “agree” both license windows, by checking Understood and clicking Next (Figure E).
The Whonix Workstation will then check for any available updates. Should there be any, run through the same process as you did with the Gateway.
Changing the default passwords
You’ll want to change the default passwords on both the Gateway and the Workstation. To do that, open a terminal window and issue the command:
You will be prompted for the current password and then asked to type and verify the new password.
At this point, you can now start using the Whonix Workstation as a secure and private desktop session. You must remember, however, that any time you want to use this desktop, you must start the Gateway first.
Cybersecurity Insider Newsletter
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Kubernetes security guide (free PDF) (TechRepublic download)
- Information security policy (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)