Anonymous operating system Whonix

Whonix is an anonymous operating system based on Virtual Box, Debian Linux and tor proxy, Whonix consists of two virtual machines, one dedicated to run a tor proxy acting as a gateway and the second one called Whonix-Workstation located in a completely isolated network. The system has been designed to make IP and DNS leaks impossible, not even malware with root access will be able to find out your computer IP, all Internet connections are forced through tor, including applications that do not support proxy settings, this is done using the firewall settings. It is possible to use Whonix with a VPN or SSH tunnel if needed, hardware serial numbers are also hidden. Any operating system able to run VirtualBox can run Whonix, this includes Windows, Mac, Linux, BSD and Solaris.

Disadvantages of running Whonix are that it will be very slow to update your operating system though tor, it is more difficult to set up than the tor browser bundle and your computer should have a good amount of RAM and modern CPU to run VirtualBox. Whonix advantages are that unlike an anonymous live CD like Tails or Liberté Linux data will be available after reboot due to persistent storage, you can install your favourite software packages using Debian’s packaging tool apt-get, the applications will be torified straight away, you can also save virtual machine snapshots saving a clean one for data recovery if needed.

VirtualBox setting up Whonix operating system

VirtualBox setting up Whonix operating system

Many Whonix default applications come configured to avoid fingerprinting, GPG software for example will not reveal your operating system version and XChat comes with the default torified set up as described in the tor project Wiki.

In countries where you can be forced to disclosure your full encryption password Whonix can help with plausible deniability if you hide the .ova virtual machine file inside a hidden encrypted container with Truecrypt or store the virtual machine inside a fully encrypted USB thumbdrive that will look like random data to forensics software.

Note: Development is ongoing, this is an Alpha release.

Visit Whonix homepage

Anonymous Internet surfing with Liberté Linux

Liberté Linux is a small (220MB) Gentoo based secure oriented distribution available as a live CD, live USB thumbdrive, installable or Open Virtualization Bundle (.ova) compatible with Virtualbox and VMWare. This operating system enables people to anonymously communicate with others via chat (Pidgin+OTR, XChat) or email and browse the Internet using tor, it supports new and old hardware, including 3G modems, Bluetooth and experimental UEFI booting.

Openbox is the default window manager, from there you can configure your mouse, keybindings, timezone, etc. You will find security software like the open source Figaro password manager and GNU Privacy Assistant (GPA) to manage encryption keys together with tools to read text (ePDFViewer, FBReader), listen to audio (Audacious), watch videos (Movie Player), edit images(Geeqie) and a task manager displaying CPU and RAM. Liberté Linux keep its size small replacing bloated software with lightweight tools that do not carry unnecessary features, for example instead of using LibreOffice to edit text it comes with Abiword.

Liberté Linux Anonymous operating system

Liberté Linux Anonymous operating system

The wireless network card MAC address is randomly changed at boot time, the only thing Liberté Linux asks the user to enter is a passphrase during installation in order to create a LUKS compatible encrypted storage space using otfe  (On-the-fly encryption) where persistent user data will be stored in /mnt/boot/otfe/liberte.vol  using a paranoid 8192 RSA key that will take a couple of minutes to generate. The user is automatically logged in as “anon“, if you need to be root, and it is never a good idea to browse the Internet as root, the root password is “liberte“, entering “gentoo=root” during boot will also unlock it.

Epiphany is the default browser, leaner than Firefox, it comes with HTML5 support, you shouldn’t need flash to view online videos in YouTube, the browser has been configured to surf the Internet through tor,  including links to The Hidden Wiki, Wikileaks and Torcheck on the main page to get you started. The Florence virtual keyboard allows the user to enter text using the mouse, a good way to bypass hardware keyloggers in public computers, RAM memory is wiped when you power off the system to stop cold boot attacks.

Liberté Linux is pioneering the use of Cable Communications for anonymous email exchange, achieved giving the user a cryptic .onion and .i2p address that functions as  personal email address, it requires some configuration in Claws email to use it. Message delivery can take hours or days and you will get a delivery receipt once the message reaches the recipient.

Liberté Linux Florence virtual keyboard

Liberté Linux Florence virtual keyboard

It is possible to run a stand alone VPN or PPTP using the network manager and tor-resolve in console mode, you can run Liberté Linux inside Windows too but I would not advice it as IMHO it weakens your privacy. I have used other Linux distributions for anonymous Internet surfing, like Tails and OccupyOS and I have decided to adopt Liberté Linux as my default distro for secure communications, I find it more suitable for me because it is more lightweight, it comes with detailed documentation, it creates an encrypted storage space for user data and exists the option to disable tor in case I need to login into Paypal or any similar site blocking proxies.

I don’t think you will be disappointed with this operating system. If you are wondering why it does not include Truecrypt I suspect that it might have to do with the fact that Truecrypt is not released under the standard Linux GPL license and this can be a problem. However, you can create your own encrypted containers from command line with otfe.

Visit  Liberté Linux homepage

Anonymous web surfing with The Amnesic Incognito Live System

Tails, short for The Amnesic Incognito Live System, has Ad-block preinstalled on its Iceweasel (Firefox based) browser, it comes with many other privacy enhancing tools to stop companies and repressive Governments tracking down Internet users.

This Debian based Linux live CD enables you to hide your IP address while surfing the Internet, it comes preconfigured to use the anonymous tor network for all outgoing connections, this will hide your IP at all times, you do not need to know anything about Linux to use it, just download the ISO file burn it to a CD, reboot your computer, MAC or PC, and it will work straight out of the box.

Anonymous live CD features

  • Supports mobile broadband devices like 3G USB dongles
  • Can be booted up from a USB thumbdrive instead of a live CD
  • Multilingual support including Arabic, Chinese and Spanish in between other languages
  • Firewall drops incoming packets by default
  • Instant Messenger Pidgin comes with the OTF messaging plugin to proxy communications through tor
  • Internet browser comes with the HTTPS Everywhere, FireGPG and Ad-block extensions
  • Stops cold boot attacks by wiping RAM memory on shutdown
  • Virtual keyboard available to stop keyloggers
  • Support for i2p eepsites, hidden websites hosted anonymously
  • Email client ClawsMail comes with GnuPG support to encrypt email messages
The Amnesic Incognito Live System

The Amnesic Incognito Live System

Live CD with encryption & file deletion

The Amnesic Incognito Live System includes secure-delete integrated on its file manager, a program to wipe free disk space and sensitive files, a front end encryption key manager called SeaHorse will take care of digital signatures and GPG encryption keys.

If you are comfortable with Linux command line you can take advantage of cryptsetup to encrypt files and macchanger to change your computer MAC address. Those are only the security features, open source everyday software for production purposes includes to edit documents, The Gimp to edit photos, Audacity to edit sound files and many others.

This operating system to hide your IP address has two preconfigured users: amnesia and root, the password is the same for both of them, amnesia.

Visit The Amnesic Incognito Live System homepage