Whonix KVM - A Secure OS for the Dark Web
ฝัง
- เผยแพร่เมื่อ 5 ก.ค. 2022
- In this video I show you how to setup Whonix KVM, I also explain why its better to use Whonix in KVM instead of virtualbox due to Oracles bad track record of fixing and giving details about security issues.
Download Whonix KVM
www.whonix.org...
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my TH-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. - วิทยาศาสตร์และเทคโนโลยี
![[UNCUT] ชาวบ้านถาม “นายกอุ๊งอิ๊งค์” ประชาชนมีกิน มีใช้ กี่โมง? I คนดังนั่งเคลียร์ I 16 ส.ค. 67](http://i.ytimg.com/vi/tKZvOzLIJJc/mqdefault.jpg)
finally a secure way to use facebook
Yes, just use my link
kek
@@notafbihoneypot8487 lmaoo
Lmao
😂😂😂
Whonix vs QubesOS vs Tail for security and privacy? Would make for an interesting video, since all three aim for a different use case
Yes please do this
Oh yes please!
Qubes gang
Whonix actually works better as a VM on Qubes, and Whonix devs actually recommend it as a second level of protection. Unless your QubesOS is compromised, you're practically invisible.
id say they are all have very different uses but id still like to see a comparison
Been using this setup for a while now, thanks for providing some more detailed information especially swap file vulnerabilities and other things to consider.
Been dabbling with Whonix for quite some time with VirtualBox, though it's not always the most secure option. Definitely an optimal choice for privacy and security when it comes to operating systems regardless of whether you use KVM or VirtualBox
In your opinion what’s most secure?
@@Joseph-ws5de I know I'm not OP but KVM is definitely more secure.
Good for gaming on the side?~
@@moth5799 If you're USB mounting KVM's then yes, but otherwise VirtualBox is good for use by public computers or laptops that you'll only use when on public networks.
@@NotACutie Gaming on the Tor network is asking for 1 second lag. Unless you are talking about offline.
Sleep keeps RAM powered, while hibernation writes RAM to swap. Setting up encrypted swap is actually really easy to do on most graphical installers for Linux.
Links and easy how to guide? 😅
Encrypted swap? That sounds like black magic to me
@@xmvziron why? its just swap but encrypted. probably slow as hell
Huh didn't know that. Thx for that
Do you have a link to a tutorial?
I dont really know anything about all this but I always come back to channels like this just because of how interesting all these topics are. I've learned a good bit just dont really ever plan to go on the darkweb. Still really cool tho!
Same. I love seeing how these things work, though I don't have an use case for it.
Don't worry, some day you will see your search history popping up somewhere & you will realise data security is important.
I don't think anyone has a use case for it here.
Whonix is brilliant. Thanks for finally making a video about it.
Whonix is amazing, I've been using it on my burner laptop for a while and it's kept me safe from the Dark Web's malicious activity.
I use Arch BTW
Of course you run Arch… the Elitist has spoken LuL! When I better understand our craft I’ll dive down the Arch hole. All Arch users I’ve met swear by it! 🍻.
WHO CARES?!!!
@@NeverTrust298 it's a meme, welcome to the internet!
@@NeverTrust298 welcome to the internet my friend
@@ColdSteel-dz3pf Just go straight to Artix/Parabola, depending on your hardware.
Your coverage is super actionable
Thanks for covering this OS
Thrilled to see some Whonix love...all the edgy "youtuber hackers" only talk about Tails. Do Qubes next!
NetworkChuck? Lmao yeah.
Yah, when I saw that, upward security (ie protection against your enviroment) was what bothered me. It doesn't matter how secure WHONIX is, if the host it is running on is less secure. Weakest link and all. Especially if for some insane reason your host OS is Windows, I can't imagine the upward security will be very good.
Agreed
So the solution is to run Whonix, on Whonix.
@@gormless-idiot engineer pfp checks out
@@gormless-idiot No, on Cubes.
I bought a laptop on 1 November,2023 pre-installed with windows 11 home. How do i completely wipe windows off my laptop and install whonix KVM?. 😊
Thanks for all your hard work thinking about all the details like swap files, etc.
I noticed you don’t have any videos on openSUSE, a lot of people seem to love it and a review would be pretty great from you, love the content as always
I daily drive Qubes and love it. It has a large learning curve though, but if you know the basics and are comfortable enough to do a walkthrough video I'm sure people would love it!
I think the reason he hasn't is becuase a screen recorder is difficult to set up in Dom0. You could probably use an external capture card as that's how I'm planning on recording my QubesOS setup.
@@RashidSEC Yeah that is a good point 😁. Along with the security risk of installing any sort of software in Dom0 to begin with. But I suppose for an example video wouldn't make Joanna too angry 😂
Yeah that would be awesome, qubes user here too!
@@RashidSEC usb capture card to loop the hdmi and send the output to a vm with obs LOL it does actually work
@@trik9464 We will find out. My thinkpad has 64 gb of ram wish me luck.
11:26 Why is the User Firewall settings using the Nero Burner 6 icon?
This really helps, thanks. Im going to run tails inside of whonix inside of a kvm/vert inside of an arch linux desktop inside of proxmox running inside a docker container inside a pod on truenas scale. 💥😎
Then what?
A router with this running on it can be very useful. That or something that works similarly. Maybe run it on an old PC with two NICs as a firewall of sorts.
Funny I was just wondering if would work with rasp pi as a VPN/tor router. Been looking at making one for a travel system.
Honestly I'm not sure if this is safer than TailsOS(from USB boot)+TOR+Tunel.
Been waiting for this episode
Bah! You can select KVM from within VirtualBox to be your virtualization hypervisor.
I want a video on Qubes now.
0:30 About this: Is it possible to do something like this on a host machine/VM running windows 10/7? I just saw Adrien Crenshaw's old Defcon presentation where @ the end he demonstrates getting people's IP addresses because other computer apps (like Office Word) don't respect Tor's proxy settings. Is there a method of doing something like what whonix did but on other OS's?
whonix is great and not a hastle to set up 10/10 👍
I live in a Post-USSR country, I might need this lol
The only thing that those "Finally, it's here" comments should be about
Now I know how to do things without the FBI seeing. Thanks, FBI!
That's really interesting. I never heard of Whonix KVM before. I usually have a SD Card with Tails for that in my old ThinkPad since it's really easy to setup.
Well, My T60 isn't really that secure but recently I bought and repaired an old IdeaPad with 6gb RAM (4gb Soldered/ 2gb user replaceable) , some Ryzen 5 CPU and Windows 7 Starter on it.
I'm actually curious to try it out on that Ideapad after I transfer my SSD to it. After all, this week I'll be getting a package from Lenovo with a brand new battery and display. The 4c 8t CPU should have enough of a punch to run a Linux KVM.
Instead of TOR, would the new Beacon browser be a more secure option?
I think if you use this too much, NSA or FBI might tag the network packages thru your isp (which they always know where internet usage is from) just because you are shady
How to be safe from that
Public wifi?
@@BOSS_1417 You may use a VPN to hide tor usage from your isp
I have a Linux VM. In this VM I installed Whonix using KVM.
Literally as I was attempting to use Whonix!
was waiting for this video for ages
Whonix is really an interesting distro
At 11:03 it turned out funny that you say that you could encrypt the volume and at the same time the volume window appears on the top right :)
If you have enough RAM, just put the virtual disk file in a tmpfs ramdisk 😎 (and disable swap)
Finally a way to protect my deep fried dank memes from the glowies
I hopefully never have to use this, but its nice to know that it exists.
I wonder how Whonix would do against an Intel computer with an Intel management engine. The low level "spyware" thing.
Hey apparently Apple is going to release a lockdown mode to protect against Pegasus and similar software
I imagine it will mostly mitigate the damage Pegasus can do
Great news but sooner or later linux privacy folks need to expand their arsenal with opensource hardware. More & more attacks are getting hardware & cryptography based.
Isn't the lockdown mode a step after believing that someone is in your phone? In which case won't protect anything that they have already accessed. The problem with pegasus is that most people have no idea they are infected, so it's kind of pointless for most iphones.
This vs Tails? Lol imagine running Whonix ON Talis
After you remove the tails live usb, all the KVM setup and whonix will be gone.
@@rishirajsaikia1323 Not necessarily, Tails does offer encrypted persistent storage for exactly this type of application. Its probably super overkill but it is definitely doable.
@@DanteHaroun Wouldn't be good. Tails blocks all clearnet traffic. If you use KVM with any VM, the VM will have the traffic through tor too. Whonix Workstation need Whonix Gateway to work. If you use Tails + Whonix, you will have tor over tor traffic, which is slow and insecure. Qubes-Whonix is 100x better, more secure, stable and faster.
15:08 a lot more convenient to _use_ sure but a lot more of a pain to set up. Tails is probably the easiest thing to actually set up
Hello, love your content. What host distro do you use? Do you have a video on that?
Saved to watch later before shaband
Genuine question, why do you have 128gb of ram
Your view on downloading Qemu/kvm on windows 10 ?
As I see it whonix's only advantage over TAILS is that it runs on a VM so if your dark web session is hacked your real OS/fs is safe; but kvm requieres too much resources; I'd prefer the risk of booting TAILS from a usb pendrive: it's fast, amnesiac (which whonix is not) and I won't save anything on my notebook fs
With Tails, if your dark web session is hacked your real OS/fs is safe too. The advantage of Whonix is being able to run both your dark web OS and real OS securely at the same time
No. Whonix is much better than Tails. Whonix is more secure/hardened, impossible to leak IP Address even if your Workstation has been compromised (since the tor gateway are not on Workstation like Tails) Full torified system and a lot of interesting tools like Kloak. Also you can make Whonix amnesic with Qubes-Whonix DispVM.
What should I use on my main computer (not a burner) connected with ethernet cable?
Tails or Whonix?
@@pier_is_losing tails. Its easier
@@andrepipo4542 Is it safer though?
Virtualbox+Whonix is not that hard to install, but, what I understand is that it leaves traces on my hard drive? I can still reset the pc, there is not much stuff on it anyway.
Soo I really don't know, I just want the safest option here, I'll probably be resetting the pc after browsing for a couple of days, not doing anything illegal, I'm just looking for a specific info.
soo, tails or whonix?
I have questions...
So the order of everything is PC > Storage Devices (SSD/HDD) > Hypervisor > VMs > Operating System > Web Browser, right?
Qubes and Whonix are both operating systems. So why is Whonix ran INSIDE of Qubes, so Qubes > Whonix?
KVM acts as a Hypervisor, thought the type, 1 or 2, is debated. Qubes uses a hypervisor called Xen. What's better, Xen or KVM? Why? And if KVM is considered better for whatever reason, then could you run Qubes inside of KVM, without security/performance disadvantages compared to Xen?
So then the order of everything would be PC > Storage Devices > KVM OR Xen > Qubes > Whonix > Tor, correct?
Another thing, I run Windows 10 with my SSD. I recently wanted to access the dark web, but I don't fuck around with security, so here I am asking every question thinkable after getting confused by my extensive research. I have an old 2TB HDD that hasn't been used in a long time with nothing important on it, as I backed up all the folders onto Google Drive and wiped my HDD.
If I keep my SSD for my standard stuff on Windows, could I then install all my dark web stuff (Hypervisors, VMs, OSs, etc.) onto the HDD, set my HDD as my boot drive in my motherboard's BIOS, and then when I want to access the dark web do that and be safe? Would my SSD/Windows be safe if that's done?
Oh, and before getting all the secure stuff, do you install standard Linux first?
Thank you anyone in advance!
tails but riceable basically. I like the ability to customize, I normally just leave the gateway as CLI only, and put a window manager or something on the workspace VM
@Not Convinced no one asked you to interject, but here you are, the difference between us is that you're acting like an ass-hat and I'm not.
Babe wake up Mental Outlaw just dropped
All fine and dandy until you the pleasure to go through compromised Tor exit nodes
Great video Thank you
based
yoo early gang
thanks i legit tried doing this a few weeks ago and couldnt get it working
Same. I thought KVM was like, a cool version of VMware or something. But I think I was mistaken….. lmao
i like Qubes, but using an old thinkpad (air gapping my kit, i have the hardware so why not) really doesn’t permit having even more than 2 VMs running concurrently.
Having a minimal and pruned Linux OS whilst running whonix is more ideal
Thanks a lot..
Hey, can you also make a video on invidious? It’s a secure frontend for youtube that you can make your own instance for.
Like the thread ripper high siding.😁
I like writing games to my drive. Though gaming is extraneous and unnecessary I enjoy it too much to give up.
i set up kali in virtualbox using whonix as a gateway without any issues, one thing i'm trying to figure out is if it's possible to configure the network settings to switch between routing traffic through the whonix gateway or using NAT to connect directly to my host machine. after spending 3 hours downloading updates through the tor network at 300kb/s i realized that it would be less painful to temporarily disconnect from whonix to do the updates.
Would love a video on whonix gateway cli, some of us need that extra ram lol
WHONIX RULLESSSSSSSS
Finally a honeypot from the ATF and NSA
Im Facebook lover. I will use Facebook on that!
TAILS > Whonix ; no VM needed with Tails if started from a USB
Whonix is more secure/hardened than Tails. Whonix have so many good tools like Kloak, anon-apps-configs, etc. Whonix have the tor gateway separated from the Workstation, so IP leaks are impossible even if your Workstation Whonix gets compromised. And since Whonix use VM, your hardware information doesn't get leaked/exposed. Whonix is 10x better than Tails. Tails is more a easy anonymous portable OS to use on untrusted computers. There's no reason to use Tails instead Qubes-Whonix on personal computer.
@@bcz1337unless whonix and qubes is packaged together on a live usb. Then I say TAILS is better. All that isn’t so great when it has to be downloaded from windows 11
Can you recommend a video for invisible/anonymous/untraceable use of the internet? I know its actually not possible (reading the research papers) but I could at least protect against most pen-testing?
Based
This is from the official Whonix Wiki
Why use VirtualBox over KVM?
VirtualBox advantages:
The virtual network interfaces are better encapsulated inside the VM by VirtualBox.
Virtual network interfaces by VirtualBox: Are invisible on the host using tools such as "sudo ifconfig".
corridor leak tested.
Therefore Whonix VirtualBox has a higher leak-proofness then Whonix KVM.
KVM disadvantages:
Virtual network interfaces by KVM: Are visible on the host using tools such as "sudo ifconfig".
KVM: This complicates leak tests because tshark / wireshark on the host can see connections between Whonix-Workstation and Whonix-Gateway .
KVM: Therefore also leak-testing using corridor on the host failed.
KVM: host software such as for example NordVPN client kill-switch can break Whonix-Workstation KVM network connectivity.
Now I can finally play Roblox
When my traffic is already routed through the tor network, does it make sense to use the tor browser then? Wouldn't that be unnecessary?
I don't know a lot about this, but I'm pretty sure it brings more anonymity since pretty much everyone else is using Tor Browser as well
tor to some extent prevents fingerprinting your browser
Tor is more hardened than Firefox and protects you from fingerprinting, since everyone who use Tor Browser and don't modify him (adding extensions, changing Proxy settings, etc) have the same fingerprint.
Now we just need a whonix-qubes video
11:05 encrypt the volume?? You mean like a luksFormat?? If so, could you make an episode of that?
Or do you mean put the *.qcow2 files in an encrypted Truecrypt/Veracrypt container before you use it?
I used to do that with my old VBOX files, but I think an encypted os volume would be more secure
Should one run Mullvad or some kind of VPN on the gateway VM?
What about running Whonix on Tails OS, which itself is a VM on QubesOS?
Time to get in the DarkGuep and buy a Tank for my school homework
Finaly I can use "Facebook" Thank you 😂
Will this run on a Debian 11 Live USB ? I always get an error when trying to run the Workstation...
How do I set up the whonix gateway to use kicksecure os so I can set up I2P?
VM inside a VM of a VM on top of a VM. Yo dawg 🤣
I think this sounds great for the countries like China and North Korea
Guys recommend some channel like this one
I’m waiting for the whonix video where he tells us about how long the NSA has been using this as a backdoor for something…
changing the ram and cpu allocation for the whonix vm seems like a way to fingerprint the system
Is this like CIA and FBI trap OS?
@@neighbor472 ok, so who is checking?
@@wvladimir21 Just checked it out while pooping… you’re good to go.
If I got host encrypted volume and only boot partition unencrypted is imposible to read swap data if I turn off the computer Right? I mean I don't have to disable nothing I'm with LUKS + lvm and LUKS over lvm
Could you take a look at NixOS? I recently switched from a 4 year arch journey and I think its fantastic and probably the future of linux
I mean, a look on NIxOS would be good.
I'm not really a fan of transactional operating systems (really more of the rolling release type guy) but yeah, tested it a bit but I still think it's a more "advanced" user type of OS (at least for me) and, if I'm like, installing a transactional/atomic update system to someone like my grandmother or smt, I'd definitely prefer Fedora Silverblue tbh
How good is the general software availability? I've been wanting to switch for a lil bit but I'm worried there's less applications and drivers available than what I use right now (Manjaro).
@@sethadkins546 I believe it has the biggest repo of any distro 90k+, and adding custom packages is super simple
@@vicstoron it definitely requires some tinkering but once it's setup it's the most comfy os experience I've ever had
@@sethadkins546 I think enough for you to use. The only part that if you grab source from Internet and try to install or compile like normal mostly it won't be work so therefore you need to learn nix to touch it. Also installer is pretty easy now.
Is there an VM for android?
Can it run from RAM?
I would like to boot it from BD-R and run from RAM.
i like Boxes call me crazy but it works for me.
Nice👍
Kenny, I've been trying to get a dualboot working for a month and I'm losing my shit. I only need windows for a handful of applications, but they're all GPU intensive stuff like CAD and illustration software. I don't know if using a windows VM will run well enough with the performance hit but I'm sick of fucking with Windows and having it run its slimy tentacles through my entire system and break Linux every time I boot into it.
do you have any recommendations?
I have a secondary gpu ( Gtx 1050). For GPU intensive Windows only applications I use a Windows VM and pass through the second GPU. Since I also only have one monitor I use looking glass to access the video output. This works really well, no need to dual boot but you do need to dedicate a gpu to the vm.
We still don't have a working version of Whonix for ARM-based Macs, have we?
There is testing version, but it’s not recommended
@@nothingtoseeherelolkek Last time I checked they hadn't compiled it. Do they have a working alpha release now?
Would you say this is more secure than Tails OS ?
is there a video of you compiling gentoo on your threadripper?
WH OMEGALUL NIX
How about zero Knowledge at network base layer instead ?
what is the state of the tor netwok? i mean do really anyone runs an end node at home?
i got some error when i was trying to run the gateway and then noticed it only gets 256MiB of RAM by default thus wasn't able to launch all the required systemd services
I run with 512MiB RAM
need qubes OS with whonix gateway video
How does whonix os compair to qubes os?
Qubes OS is more secure, but requires more technical knowledge to setup from my understanding.
Qubes also uses whonix. It is probably the most nightmarish thing to learn. I suggest having a dedicated laptop for it that you can afford to be out of comission on
@@trik9464 ok Thanks
@@Keniisu thanks for the info
@@trik9464 after installing Arch from the command line and daily driving it for a while, I do plan to in a future get a separate laptop just to dedicate myself to run Qubes but I can already imagine what a nightmarish task it will be to learn it.
The question is should you use a VPN on your host os so that they cant tell (Your ISP) youre connecting to tor?.... Or there's no need for that?
There's no reason for you to hide that you're using Tor, since you can't know what you did using this proxy