The Whonix wiki has a page describing the benefits of Whonix workstation. It states that the main benefit is that it ensures that TOR is always used for network access, and provides some additional hardening for common apps (like Thunderbird).
Assuming that the additional hardening is not relevant, is there any point to using whonix-workstation over, say, a Fedora template with TOR browser installed? All network access should be over TOR as long as whonix-gateway is set as the network VM.
This may be a more suitable question for the Whonix forum: forums.whonix.org/. And probably someone has already asked it, so please make sure to search before posting
If you use Tor in Fedora, a user mistake or a vulnerability in the Tor browser could allow an attacker send packets outside the Tor browser to a C2, revealing your IP address. These types of attacks don’t happen with Whonix.
This is fair. When I posted it here I was thinking about the topic as “use of Whonix within QubesOS” which seemed on-topic. But thinking about it more, the core of the question is really “what security benefits does Whonix Workstation provide?” which is not on-topic.
I did search the whonix forum but I did not find anything that directly addressed this topic. I did find a tangentially related thread, and included a note about another wiki page which is relevant, in the thread I started on the whonix forum, which I will link to here in case someone else is curious and also searches the wrong forum by mistake.
I would not object to this thread being closed as off-topic.
