Whonix KVM - A Secure OS for the Dark Web
ฝัง
- เผยแพร่เมื่อ 5 ก.ค. 2022
- In this video I show you how to setup Whonix KVM, I also explain why its better to use Whonix in KVM instead of virtualbox due to Oracles bad track record of fixing and giving details about security issues.
Download Whonix KVM
www.whonix.org/wiki/KVM
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my TH-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. - วิทยาศาสตร์และเทคโนโลยี
finally a secure way to use facebook
Yes, just use my link
kek
@@notafbihoneypot8487 lmaoo
Lmao
😂😂😂
last video: leaked data for sell on the dark web
this video: how to get on the dark web
next video: how to get monero securely and buy stuff on the dark web with it
"How to anonymously cash out crypto"
actually he made a video about buying things safely from dark web, somebody really doing and writing the way.
To get Monero securely you just buy it and send it to a personal wallet. It really is that simple.
@@JamesWilson01 what about ip address? when you submit the transaction to the mempool is your ip not visible? or how does it work?
@@kerbatonbaton8108 If you're buying Monero, you can do it completely legally on a big exchange where they have a picture of your real driving licence or whatever. No reason to hide your IP if they know exactly who you are. The cool part is, as soon as you send the Monero to your personal wallet, it becomes completely untraceable. If you want to do something with that Monero that is not "government-approved" you should create your personal wallet over tor on a secure like Tails to be extra safe 🤓
Whonix vs QubesOS vs Tail for security and privacy? Would make for an interesting video, since all three aim for a different use case
Yes please do this
Oh yes please!
Qubes gang
Whonix actually works better as a VM on Qubes, and Whonix devs actually recommend it as a second level of protection. Unless your QubesOS is compromised, you're practically invisible.
id say they are all have very different uses but id still like to see a comparison
Been dabbling with Whonix for quite some time with VirtualBox, though it's not always the most secure option. Definitely an optimal choice for privacy and security when it comes to operating systems regardless of whether you use KVM or VirtualBox
In your opinion what’s most secure?
@@Joseph-ws5de I know I'm not OP but KVM is definitely more secure.
Good for gaming on the side?~
@@moth5799 If you're USB mounting KVM's then yes, but otherwise VirtualBox is good for use by public computers or laptops that you'll only use when on public networks.
@@NotACutie Gaming on the Tor network is asking for 1 second lag. Unless you are talking about offline.
Sleep keeps RAM powered, while hibernation writes RAM to swap. Setting up encrypted swap is actually really easy to do on most graphical installers for Linux.
Links and easy how to guide? 😅
Encrypted swap? That sounds like black magic to me
@@xmvziron why? its just swap but encrypted. probably slow as hell
Huh didn't know that. Thx for that
Do you have a link to a tutorial?
Been using this setup for a while now, thanks for providing some more detailed information especially swap file vulnerabilities and other things to consider.
Whonix is amazing, I've been using it on my burner laptop for a while and it's kept me safe from the Dark Web's malicious activity.
I use Arch BTW
Of course you run Arch… the Elitist has spoken LuL! When I better understand our craft I’ll dive down the Arch hole. All Arch users I’ve met swear by it! 🍻.
WHO CARES?!!!
@@NeverTrust298 it's a meme, welcome to the internet!
@@NeverTrust298 welcome to the internet my friend
@@ColdSteel-dz3pf Just go straight to Artix/Parabola, depending on your hardware.
I dont really know anything about all this but I always come back to channels like this just because of how interesting all these topics are. I've learned a good bit just dont really ever plan to go on the darkweb. Still really cool tho!
Same. I love seeing how these things work, though I don't have an use case for it.
Don't worry, some day you will see your search history popping up somewhere & you will realise data security is important.
I don't think anyone has a use case for it here.
Whonix is brilliant. Thanks for finally making a video about it.
Your coverage is super actionable
Thanks for covering this OS
Thanks for all your hard work thinking about all the details like swap files, etc.
Yah, when I saw that, upward security (ie protection against your enviroment) was what bothered me. It doesn't matter how secure WHONIX is, if the host it is running on is less secure. Weakest link and all. Especially if for some insane reason your host OS is Windows, I can't imagine the upward security will be very good.
Agreed
So the solution is to run Whonix, on Whonix.
@@cbtillery135 engineer pfp checks out
@@cbtillery135 No, on Cubes.
I bought a laptop on 1 November,2023 pre-installed with windows 11 home. How do i completely wipe windows off my laptop and install whonix KVM?. 😊
Thrilled to see some Whonix love...all the edgy "youtuber hackers" only talk about Tails. Do Qubes next!
NetworkChuck? Lmao yeah.
I noticed you don’t have any videos on openSUSE, a lot of people seem to love it and a review would be pretty great from you, love the content as always
Been waiting for this episode
was waiting for this video for ages
Whonix is really an interesting distro
I hopefully never have to use this, but its nice to know that it exists.
0:30 About this: Is it possible to do something like this on a host machine/VM running windows 10/7? I just saw Adrien Crenshaw's old Defcon presentation where @ the end he demonstrates getting people's IP addresses because other computer apps (like Office Word) don't respect Tor's proxy settings. Is there a method of doing something like what whonix did but on other OS's?
I daily drive Qubes and love it. It has a large learning curve though, but if you know the basics and are comfortable enough to do a walkthrough video I'm sure people would love it!
I think the reason he hasn't is becuase a screen recorder is difficult to set up in Dom0. You could probably use an external capture card as that's how I'm planning on recording my QubesOS setup.
@@RashidSEC Yeah that is a good point 😁. Along with the security risk of installing any sort of software in Dom0 to begin with. But I suppose for an example video wouldn't make Joanna too angry 😂
Yeah that would be awesome, qubes user here too!
@@RashidSEC usb capture card to loop the hdmi and send the output to a vm with obs LOL it does actually work
@@trik9464 We will find out. My thinkpad has 64 gb of ram wish me luck.
Hello, love your content. What host distro do you use? Do you have a video on that?
yoo early gang
Literally as I was attempting to use Whonix!
11:26 Why is the User Firewall settings using the Nero Burner 6 icon?
Instead of TOR, would the new Beacon browser be a more secure option?
A router with this running on it can be very useful. That or something that works similarly. Maybe run it on an old PC with two NICs as a firewall of sorts.
Funny I was just wondering if would work with rasp pi as a VPN/tor router. Been looking at making one for a travel system.
This really helps, thanks. Im going to run tails inside of whonix inside of a kvm/vert inside of an arch linux desktop inside of proxmox running inside a docker container inside a pod on truenas scale. 💥😎
Then what?
Honestly I'm not sure if this is safer than TailsOS(from USB boot)+TOR+Tunel.
Can you recommend a video for invisible/anonymous/untraceable use of the internet? I know its actually not possible (reading the research papers) but I could at least protect against most pen-testing?
whonix is great and not a hastle to set up 10/10 👍
The only thing that those "Finally, it's here" comments should be about
I have a Linux VM. In this VM I installed Whonix using KVM.
That's really interesting. I never heard of Whonix KVM before. I usually have a SD Card with Tails for that in my old ThinkPad since it's really easy to setup.
Well, My T60 isn't really that secure but recently I bought and repaired an old IdeaPad with 6gb RAM (4gb Soldered/ 2gb user replaceable) , some Ryzen 5 CPU and Windows 7 Starter on it.
I'm actually curious to try it out on that Ideapad after I transfer my SSD to it. After all, this week I'll be getting a package from Lenovo with a brand new battery and display. The 4c 8t CPU should have enough of a punch to run a Linux KVM.
Hey, can you also make a video on invidious? It’s a secure frontend for youtube that you can make your own instance for.
Saved to watch later before shaband
Your view on downloading Qemu/kvm on windows 10 ?
I have questions...
So the order of everything is PC > Storage Devices (SSD/HDD) > Hypervisor > VMs > Operating System > Web Browser, right?
Qubes and Whonix are both operating systems. So why is Whonix ran INSIDE of Qubes, so Qubes > Whonix?
KVM acts as a Hypervisor, thought the type, 1 or 2, is debated. Qubes uses a hypervisor called Xen. What's better, Xen or KVM? Why? And if KVM is considered better for whatever reason, then could you run Qubes inside of KVM, without security/performance disadvantages compared to Xen?
So then the order of everything would be PC > Storage Devices > KVM OR Xen > Qubes > Whonix > Tor, correct?
Another thing, I run Windows 10 with my SSD. I recently wanted to access the dark web, but I don't fuck around with security, so here I am asking every question thinkable after getting confused by my extensive research. I have an old 2TB HDD that hasn't been used in a long time with nothing important on it, as I backed up all the folders onto Google Drive and wiped my HDD.
If I keep my SSD for my standard stuff on Windows, could I then install all my dark web stuff (Hypervisors, VMs, OSs, etc.) onto the HDD, set my HDD as my boot drive in my motherboard's BIOS, and then when I want to access the dark web do that and be safe? Would my SSD/Windows be safe if that's done?
Oh, and before getting all the secure stuff, do you install standard Linux first?
Thank you anyone in advance!
Now I know how to do things without the FBI seeing. Thanks, FBI!
i set up kali in virtualbox using whonix as a gateway without any issues, one thing i'm trying to figure out is if it's possible to configure the network settings to switch between routing traffic through the whonix gateway or using NAT to connect directly to my host machine. after spending 3 hours downloading updates through the tor network at 300kb/s i realized that it would be less painful to temporarily disconnect from whonix to do the updates.
Bah! You can select KVM from within VirtualBox to be your virtualization hypervisor.
At 11:03 it turned out funny that you say that you could encrypt the volume and at the same time the volume window appears on the top right :)
I want a video on Qubes now.
I live in a Post-USSR country, I might need this lol
Great video Thank you
i got some error when i was trying to run the gateway and then noticed it only gets 256MiB of RAM by default thus wasn't able to launch all the required systemd services
The question is should you use a VPN on your host os so that they cant tell (Your ISP) youre connecting to tor?.... Or there's no need for that?
Kenny, I've been trying to get a dualboot working for a month and I'm losing my shit. I only need windows for a handful of applications, but they're all GPU intensive stuff like CAD and illustration software. I don't know if using a windows VM will run well enough with the performance hit but I'm sick of fucking with Windows and having it run its slimy tentacles through my entire system and break Linux every time I boot into it.
do you have any recommendations?
I have a secondary gpu ( Gtx 1050). For GPU intensive Windows only applications I use a Windows VM and pass through the second GPU. Since I also only have one monitor I use looking glass to access the video output. This works really well, no need to dual boot but you do need to dedicate a gpu to the vm.
Like the thread ripper high siding.😁
Genuine question, why do you have 128gb of ram
Now we just need a whonix-qubes video
Thanks a lot..
How do I set up the whonix gateway to use kicksecure os so I can set up I2P?
Should one run Mullvad or some kind of VPN on the gateway VM?
If you have enough RAM, just put the virtual disk file in a tmpfs ramdisk 😎 (and disable swap)
KVM or Oracle VM VirtualBox for better option security and anonymity? (Maybe ı will start to use Linux for KVM, should ı do it or use Oracle VM VirtualBox)
is there a video of you compiling gentoo on your threadripper?
11:05 encrypt the volume?? You mean like a luksFormat?? If so, could you make an episode of that?
Or do you mean put the *.qcow2 files in an encrypted Truecrypt/Veracrypt container before you use it?
I used to do that with my old VBOX files, but I think an encypted os volume would be more secure
Would love a video on whonix gateway cli, some of us need that extra ram lol
Will this run on a Debian 11 Live USB ? I always get an error when trying to run the Workstation...
Would you say this is more secure than Tails OS ?
I think if you use this too much, NSA or FBI might tag the network packages thru your isp (which they always know where internet usage is from) just because you are shady
How to be safe from that
Public wifi?
@@BOSS_1417 You may use a VPN to hide tor usage from your isp
Based
If I got host encrypted volume and only boot partition unencrypted is imposible to read swap data if I turn off the computer Right? I mean I don't have to disable nothing I'm with LUKS + lvm and LUKS over lvm
Nice👍
We still don't have a working version of Whonix for ARM-based Macs, have we?
There is testing version, but it’s not recommended
@@nothingtoseeherelolkek Last time I checked they hadn't compiled it. Do they have a working alpha release now?
Finally a way to protect my deep fried dank memes from the glowies
How about zero Knowledge at network base layer instead ?
can I safely use soulseek to download scatman john with this?
what is the state of the tor netwok? i mean do really anyone runs an end node at home?
Hey apparently Apple is going to release a lockdown mode to protect against Pegasus and similar software
I imagine it will mostly mitigate the damage Pegasus can do
Great news but sooner or later linux privacy folks need to expand their arsenal with opensource hardware. More & more attacks are getting hardware & cryptography based.
Isn't the lockdown mode a step after believing that someone is in your phone? In which case won't protect anything that they have already accessed. The problem with pegasus is that most people have no idea they are infected, so it's kind of pointless for most iphones.
What about running Whonix on Tails OS, which itself is a VM on QubesOS?
I wonder how Whonix would do against an Intel computer with an Intel management engine. The low level "spyware" thing.
i like Qubes, but using an old thinkpad (air gapping my kit, i have the hardware so why not) really doesn’t permit having even more than 2 VMs running concurrently.
Having a minimal and pruned Linux OS whilst running whonix is more ideal
15:08 a lot more convenient to _use_ sure but a lot more of a pain to set up. Tails is probably the easiest thing to actually set up
I'm running into a "no bootable device" error and wondering if it has something to do with permissions. The gateway is owned by libvirt-qemu and the Workstation is owned by me (user). I have a Kali VM I run through KVM and it is set as root. Not sure how any of these got set, but do you think this is the issue?
I got it to work. Honestly, I think the problem was that I didn't unzip the files the way the instructions dictate.
@@TechLifeForLife hey how did you get it to work?
Can it run from RAM?
I would like to boot it from BD-R and run from RAM.
based
Is this a virtual machine I can use on my windows
What was that onion site that archives good darkweb sites?
I want to use to upload files without compromising my privacy can i do it?
Guys recommend some channel like this one
As I see it whonix's only advantage over TAILS is that it runs on a VM so if your dark web session is hacked your real OS/fs is safe; but kvm requieres too much resources; I'd prefer the risk of booting TAILS from a usb pendrive: it's fast, amnesiac (which whonix is not) and I won't save anything on my notebook fs
With Tails, if your dark web session is hacked your real OS/fs is safe too. The advantage of Whonix is being able to run both your dark web OS and real OS securely at the same time
No. Whonix is much better than Tails. Whonix is more secure/hardened, impossible to leak IP Address even if your Workstation has been compromised (since the tor gateway are not on Workstation like Tails) Full torified system and a lot of interesting tools like Kloak. Also you can make Whonix amnesic with Qubes-Whonix DispVM.
What should I use on my main computer (not a burner) connected with ethernet cable?
Tails or Whonix?
@@pier_is_losing tails. Its easier
@@andrepipo4542 Is it safer though?
Virtualbox+Whonix is not that hard to install, but, what I understand is that it leaves traces on my hard drive? I can still reset the pc, there is not much stuff on it anyway.
Soo I really don't know, I just want the safest option here, I'll probably be resetting the pc after browsing for a couple of days, not doing anything illegal, I'm just looking for a specific info.
soo, tails or whonix?
thanks i legit tried doing this a few weeks ago and couldnt get it working
Same. I thought KVM was like, a cool version of VMware or something. But I think I was mistaken….. lmao
I like writing games to my drive. Though gaming is extraneous and unnecessary I enjoy it too much to give up.
Which is Good Quebes Or Whonix Or Tails ?
When my traffic is already routed through the tor network, does it make sense to use the tor browser then? Wouldn't that be unnecessary?
I don't know a lot about this, but I'm pretty sure it brings more anonymity since pretty much everyone else is using Tor Browser as well
tor to some extent prevents fingerprinting your browser
Tor is more hardened than Firefox and protects you from fingerprinting, since everyone who use Tor Browser and don't modify him (adding extensions, changing Proxy settings, etc) have the same fingerprint.
i like Boxes call me crazy but it works for me.
tails but riceable basically. I like the ability to customize, I normally just leave the gateway as CLI only, and put a window manager or something on the workspace VM
@Not Convinced no one asked you to interject, but here you are, the difference between us is that you're acting like an ass-hat and I'm not.
Time to get in the DarkGuep and buy a Tank for my school homework
WHONIX RULLESSSSSSSS
Is there an VM for android?
Is there a reason why I cant extract the download file so I can have the files separate therefore I can open in terminal and install?
im using Linux MInt
WH OMEGALUL NIX
Every day :)
Glowy.
I think this sounds great for the countries like China and North Korea
Something to put on my new 200$ thinkpads
Could you take a look at NixOS? I recently switched from a 4 year arch journey and I think its fantastic and probably the future of linux
I mean, a look on NIxOS would be good.
I'm not really a fan of transactional operating systems (really more of the rolling release type guy) but yeah, tested it a bit but I still think it's a more "advanced" user type of OS (at least for me) and, if I'm like, installing a transactional/atomic update system to someone like my grandmother or smt, I'd definitely prefer Fedora Silverblue tbh
How good is the general software availability? I've been wanting to switch for a lil bit but I'm worried there's less applications and drivers available than what I use right now (Manjaro).
@@sethadkins546 I believe it has the biggest repo of any distro 90k+, and adding custom packages is super simple
@@vicstoron it definitely requires some tinkering but once it's setup it's the most comfy os experience I've ever had
@@sethadkins546 I think enough for you to use. The only part that if you grab source from Internet and try to install or compile like normal mostly it won't be work so therefore you need to learn nix to touch it. Also installer is pretty easy now.
All fine and dandy until you the pleasure to go through compromised Tor exit nodes
Danm this is that advanced drip
A whonix vs tails vs QubesOS video please!!!