Whonix: Anonymous operating system
Posted on 12 October 2012.
Whonix is an anonymous general purpose operating system based on Virtual Box, Ubuntu GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location.

Whonix consists of two machines, which are connected through an isolated network. One machine acts as the client or Whonix-Workstation, the other as a proxy or Whonix-Gateway, which will route all of the Whonix-Workstation's traffic through Tor. This setup can be implemented either through virtualization and/or Physical Isolation.

Whonix advantages:
  • All applications, including those, which do not support proxy settings, will automatically be routed through Tor.
  • Installation of any software package possible.
  • Safe hosting of Hidden services possible.
  • Protection against side channel attacks, no IP or DNS leaks possible^3^ To test for leaks, see LeakTests.
  • Advantage over Live CD's: Tor's data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save it's Entry Guards.
  • Java / JavaScript / flash / Browser Plugins / misconfigured applications cannot leak your real external IP.
  • Whonix does even protect against root exploits (Malware with root rights) on the Workstation.
  • Uses only Free Software.
  • Building Whonix from source is easy.
  • Tor+Vidalia and Tor Browser are not running inside the same machine. That means that for example an exploit in the browser can't affect the integrity of the Tor process.
  • It is possible to use Whonix setup in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
  • Loads of Optional Configurations (additional features / Add-Ons) available.
  • Best possible Protocol-Leak-Protection and Fingerprinting-Protection.


DMARC: The time is right for email authentication

Posted on 23 January 2015.  |  The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Jan 26th