I am using Qubes + Whonix.
As I have read in the Whonix docs, Whonix (Tor in general) offers stream isolation. Regarding this, and regarding Tor identity in general, I have some questions.
- Docs say:
Stream isolation provides protection against identity correlation through circuit sharing.
How exactly does it work? Because when I am having several tabs open and operating them, they should all be the same identity. And when I want a new identity, I have to reopen the browser.
What benefit does stream isolation provide here?
- I have thought about using Firefox instead of Tor browser in Whonix, because all traffic is forced over Tor anyway.
2.1 What is the difference between using Tor browser in Whonix, and Firefox in Whonix then?
2.2 Is stream isolation somehow possible with Firefox? How can I get a new browser identity at all when using Firefox in Whonix? I am not sure if reopening the browser does the trick, like it is with Tor browser.
- If I have several Whonix VMs running (within Qubes) at the same time, are they isolated from each other as well, hiding that they are operated from the same person? (I’m 99% sure the answer is yes, but you can’t be safe enough).
Thank you very kindly.