Tor without Whonix

I don’t understand what your “immediate impression” is based on.

Using a Tor proxy with sensible defaults will guarantee Tor connections,
and incorporating use of Qubes firewall makes it better than
Whonix-gw, which does not allow use of the Qubes firewall.

Using Onion repositories is entirely different - it has nothing to do
with sending all traffic across Tor. In fact, since the live system
can’t be updated, (because it is entirely transient), there’s little
point in using repos at all, and this is generally discouraged.

The fingerprinting issue is interesting - I haven’t seen any detailed
investigation of what the Whonix-gw and Whonix-ws fingerprint looks
like, or what other qubes look like when running through Whonix.
In any case, there are two significantly different uses of
fingerprinting - I’ve posted on this before.
One is the fingerprint that can be used to trace you : the other, the
fingerprint that can identify you once you have been found.

Using a generic qube will put you in a larger pool than using Whonix-WS
if the adversary is able to somehow compromise that qube, and read
information from it.
Using a dedicated Tor proxy will put you in a larger pool than using
Whonix-GW if the adversary is able to compromise that qube,
and read information from it. It’s arguable that it puts you in a larger
pool even if the adversary has not compromised the qube, but is simply
observing traffic.
The ease of being able to change hosts using a live version makes the
second fingerprinting method more difficult.

Whonix provides a host of stuff that a vanilla proxy doesn’t provide, e.g
sdwdate, tests prohibiting Tor-over-Tor, etc. Neither of the two
mentioned are things I want.
It’s often valuable to be able to set the time and timezone to “wrong”
values - and while Tor can struggle when the time is incorrect, in many
cases it works fine.
Similarly, the only argument against Tor over Tor was adduced by adrelanos

  • I find it unconvincing. Tor over Tor works fine, as you can confirm
    for yourself, and investigate by checking circuits on the host and the
    proxy. The only official Tor comment on the issue is that the
    capability will be withdrawn in the future. Until then, we’ll ship a
    Tor Browser behind a Tor proxy.

In my opinion, the form of fingerprinting that most users are subject to
is use, assuming they use Tor to hide their IP. This is because
people are creatures of habit - they work at much the same time
every day; visit the same websites; open a browser, and then check
their mail; use the same set of logins across different sites, (not the
same names or passwords, but the same set of logins). All of
these patterns of behaviour make it easier to limit the pool to which
one belongs, and are very difficult to break.
Qubes, whether using Whonix or vanilla Tor, makes it somewhat easier to
break some of these patterns. It isn’t easy.

3 Likes