Is there any benefit to whonix-workstation in QubesOS (browser use only)?

The Whonix wiki has a page describing the benefits of Whonix workstation. It states that the main benefit is that it ensures that TOR is always used for network access, and provides some additional hardening for common apps (like Thunderbird).

Assuming that the additional hardening is not relevant, is there any point to using whonix-workstation over, say, a Fedora template with TOR browser installed? All network access should be over TOR as long as whonix-gateway is set as the network VM.

There is also a section describing some dangers of running multiple Whonix workstations. It doesn’t look like Fedora (or Debian, etc) would be any more vulnerable or resistant to these concerns, but I may have missed something.

There is a related thread from a couple of years ago, but it didn’t receive much attention: Use-cases for Non-Whonix Tor in Qubes

This may be a more suitable question for the Whonix forum: And probably someone has already asked it, so please make sure to search before posting :slight_smile:

1 Like

The answer is yes.

If you use Tor in Fedora, a user mistake or a vulnerability in the Tor browser could allow an attacker send packets outside the Tor browser to a C2, revealing your IP address. These types of attacks don’t happen with Whonix.

This is fair. When I posted it here I was thinking about the topic as “use of Whonix within QubesOS” which seemed on-topic. But thinking about it more, the core of the question is really “what security benefits does Whonix Workstation provide?” which is not on-topic.

I did search the whonix forum but I did not find anything that directly addressed this topic. I did find a tangentially related thread, and included a note about another wiki page which is relevant, in the thread I started on the whonix forum, which I will link to here in case someone else is curious and also searches the wrong forum by mistake. :slightly_smiling_face:

I would not object to this thread being closed as off-topic.


Closed since the OP posted a link to the corresponding topic in the Whonix forum.

(Thanks @skyvine, that’s the best way to allow the conversation to continue in the appropriate forum!)