Type: Privacy-focused operating system — virtual machine based
Access: Requires virtualization software (VirtualBox or KVM)
Account required: No — free download
Clearnet version: whonix.org
Open source: Yes
Tor routing: All traffic — system level, cannot be bypassed
Amnesic: No — persists between sessions
Last verified: March 2026
What Is Whonix?
Whonix is a privacy-focused operating system that uses an innovative two-virtual-machine architecture to provide strong anonymity for ongoing work. It runs as two separate virtual machines on your regular computer — a Whonix Gateway that handles all Tor routing, and a Whonix Workstation where you do your actual work.
The Workstation is configured to connect only to the Gateway — it has no direct internet access whatsoever. All traffic from the Workstation must pass through the Gateway, which routes it through Tor. This architecture means that even if malware infects the Workstation, it cannot bypass Tor to reveal your real IP address — the Workstation literally has no path to the internet other than through the Tor-routing Gateway.
Unlike Tails, Whonix is not amnesic — it persists between sessions. This makes it suitable for ongoing work requiring persistent data, applications and configuration, while still providing strong system-level Tor routing.
Onion Address
Clearnet version: https://whonix.org
The Two-VM Architecture
Whonix’s architecture is its defining feature and what distinguishes it from simply installing Tor Browser on a regular operating system.
| Component | Function | Network Access |
|---|---|---|
| Whonix Gateway | Runs Tor daemon, routes all traffic through Tor network | Direct internet — only for Tor connections |
| Whonix Workstation | User-facing OS — browse, work, communicate | Gateway only — no direct internet path exists |
| Host OS | Runs virtualization software — Windows, Mac or Linux | Normal internet — separated from Whonix VMs |
Why this matters for malware resistance: Most operating system-level anonymity setups route Tor through the browser. If malware on the system makes a direct connection that bypasses the browser — through a background process, a compromised application or a kernel-level exploit — it reveals the real IP. Whonix’s Workstation VM has no direct internet connection at the network level. There is no bypass to exploit because the bypass route does not exist.
How to Install Whonix
Option 1 — VirtualBox (Recommended for Beginners)
- Download and install VirtualBox from virtualbox.org
- Download the Whonix VirtualBox images from whonix.org/wiki/VirtualBox
- Verify the OpenPGP or signify signature before importing
- Import the Gateway OVA file into VirtualBox — File → Import Appliance
- Import the Workstation OVA file
- Start the Gateway VM first — wait for it to fully boot and connect to Tor
- Start the Workstation VM — it automatically routes through the Gateway
- Open Tor Browser in the Workstation to confirm connectivity
Option 2 — KVM (Linux, Advanced)
KVM (Kernel-based Virtual Machine) provides better performance and security than VirtualBox on Linux systems. The Whonix website provides detailed KVM installation instructions for users comfortable with Linux command-line tools. For most users starting with Whonix, VirtualBox is simpler and sufficient.
Option 3 — Qubes OS (Most Secure)
Whonix is integrated into Qubes OS as official templates — the recommended setup for users who need the strongest available isolation. In Qubes-Whonix, the Gateway runs as a ProxyVM and the Workstation runs as an AppVM, both using Qubes’ hardware-enforced isolation on top of Whonix’s network-level isolation.
What’s Included in Whonix Workstation
| Tool | Purpose |
|---|---|
| Tor Browser | Anonymous web browsing — pre-installed and configured |
| Thunderbird | Email client with PGP support via Enigmail |
| KeePassXC | Password manager |
| OnionShare | Anonymous file sharing and receiving |
| Electrum | Bitcoin wallet |
| LibreOffice | Document editing — full office suite |
| VLC | Media player |
| GnuPG | PGP encryption and key management |
Whonix vs. Tails
| Feature | Whonix | Tails |
|---|---|---|
| Amnesic | ❌ No — persists between sessions | ✅ Yes — forgets everything on shutdown |
| Host computer isolation | ⚠️ VM isolation — partial | ✅ Complete — never touches hard drive |
| Runs on | Virtual machine inside existing OS | USB drive — any computer |
| Persistent data | ✅ Yes — full persistence | ⚠️ Optional encrypted volume only |
| Malware IP leak resistance | ✅ Strong — no direct internet path | ✅ Strong — all traffic through Tor |
| Setup complexity | ⚠️ High — requires virtualization | ⚠️ Moderate — USB boot |
| Best for | Ongoing anonymous work — journalism, research | One-time high-stakes sessions |
| Can use on shared computer | ⚠️ Leaves VM files on host | ✅ Yes — no trace left |
Whonix with Qubes OS — The Strongest Setup
Qubes OS is an operating system that compartmentalizes computing into isolated virtual machines called qubes. When Whonix runs inside Qubes OS, each layer of isolation reinforces the others:
- Qubes isolation: If malware compromises the Workstation qube, it cannot access other qubes — your personal files, work documents and other applications remain isolated
- Whonix routing: All traffic from the Workstation must pass through the Tor-routing Gateway — no direct internet path exists
- Combined effect: Malware that compromises the Workstation is contained within it and cannot reach the internet without Tor or affect other parts of your computing environment
This combination — Qubes-Whonix — is considered the strongest practical desktop security setup available to non-government users. It is recommended by security researchers including Edward Snowden for high-stakes privacy needs.
The trade-off is significant complexity and hardware requirements. Qubes OS requires a computer with Intel VT-x/VT-d or AMD-Vi virtualization support, 16GB RAM recommended and an SSD. The learning curve is steep. For users who are not security professionals or do not have genuinely high-stakes privacy needs, Tails is more practical.
System Requirements
| Component | Minimum | Recommended |
|---|---|---|
| RAM | 4GB | 8GB+ |
| Storage | 30GB free | 50GB+ SSD |
| CPU | Dual-core with virtualization support | Quad-core+ |
| Host OS | Windows, Mac, Linux with VirtualBox | Linux with KVM or Qubes OS |
| Virtualization | VT-x/AMD-V required — enable in BIOS | VT-d/AMD-Vi for stronger isolation |
Common Mistakes When Using Whonix
Starting the Workstation before the Gateway. Always start the Gateway first and wait for it to connect to Tor before starting the Workstation. Starting the Workstation first may result in failed connections or error messages that are confusing for new users.
Logging into personal accounts. Whonix routes all traffic through Tor — but logging into Gmail, Facebook or any identity-linked account inside the Workstation links that session to your real identity regardless of Tor. Never use Whonix for activities linked to your real identity in the same session as anonymous activities.
Running Whonix on an untrustworthy host. Whonix runs inside your existing operating system. If your host OS is compromised — by malware, monitoring software or an employer — the virtualization layer can potentially be observed. For high-stakes use, run Whonix on a dedicated computer used only for this purpose.
Not updating regularly. Unlike Tails which resets to a clean state on reboot, Whonix persists between sessions — which means it can accumulate outdated software over time. Run updates regularly: sudo apt update && sudo apt full-upgrade in both the Gateway and Workstation.
Frequently Asked Questions
Can I use Whonix on a Mac with Apple Silicon?
Whonix on Apple Silicon Macs requires UTM or VMware Fusion rather than VirtualBox, as VirtualBox support for Apple Silicon is limited. The Whonix documentation provides specific instructions for Apple Silicon — check whonix.org for current guidance. Performance and compatibility have improved significantly since Apple Silicon’s introduction but remain less straightforward than on Intel hardware.
Does Whonix protect against all forms of surveillance?
Whonix provides strong protection against network-level surveillance — IP tracking, traffic analysis and connection monitoring. It does not protect against hardware-level surveillance such as keyloggers installed in the host computer’s firmware, physical observation of your screen or behavioral analysis based on writing patterns. For the strongest available protection, combine Whonix with Qubes OS on dedicated hardware used only for sensitive work.
Is Whonix faster or slower than Tails?
Both systems route traffic through Tor, which adds latency regardless of which system you use. Whonix running in a VM may feel slightly slower than Tails due to the overhead of virtualization. However, Whonix can be configured with more resources than Tails — allocating more RAM and CPU cores to the VMs improves performance significantly on capable hardware.
Can I install additional software on Whonix?
Yes — Whonix is based on Debian Linux and supports standard package installation via apt. Installing additional software in the Workstation does not affect the Gateway’s Tor routing — all traffic from installed applications still routes through Tor automatically. Be aware that some software may behave unexpectedly when forced through Tor — applications that require UDP connections or make direct IP connections may not work correctly.
What is the difference between Whonix and a VPN?
A VPN routes your traffic through a single server operated by a company. Whonix routes all traffic through the Tor network — three independent relays run by different volunteers. A VPN provider can see everything you do and must be trusted. With Tor and Whonix, no single party sees both who you are and what you are doing. Whonix also provides malware IP-leak resistance that no VPN can match — because the Workstation has no direct internet path, malware cannot bypass the routing even if it bypasses Tor Browser.