Banner displaying the Whonix logo (combination dial lock), Tails logo (USB interface), and Qubes logo (large blue Q).
Whonix logo, Tails logo, and Qubes logo.

Whonix, and Tails, and Qubes, Oh my!

The demand for user privacy and anonymity is at its highest than ever, and appears to be here to stay. In my last blog, I talked about the difference of using VPN and TOR, or VPN over TOR, and vice versa, and we looked at the different use cases for each.

Tails OS

Goal = Leave no traces.

Tails Pros & Cons:

The following is a short list of pros and cons of using Tails and could help you determine the use case of this fun OS.

  • It is really easy to setup, and pretty much comes with great out of the box configurations, including Tor configurations
  • Tails comes with built-in tools to clean metadata (strip geolocation and other ID tags for increase of privacy on documents)
  • Since all the activities are happening on the USB, it essentially protects the host device from malware, or application infections.
  • There is no segregation between activities. Should you have an infected and exploited application, it can affect the rest of the OS. You can easily get around this by unplugging the USB (which kills the OS and dumps the RAM), or re-imaging the entire USB stick.
  • Not recommended as a permanent OS as all memory and activities are deleted after shutdown. Also, it is very limited on its capabilities and applications.

Qubes OS

Goal = Virtualization to create isolation.

  • Type 2 — Hosted which resides on the software level.

Qubes Pros & Cons:

The following is a short list of pros and cons of using Qubes and could help you determine the use case of this desktop OS.

  • There is no live mode; this only works after an install on the internal host drive.
  • On it own, it has great security but poor anonymity — You should consider using Whonix along side.

Whonix

Goal = TorBox

  • The application being used can only see local IP address
  • Timezones cannot be traced
  • The clock is set to UTC
  • Timestamp HTTP headers get sent to randomly selected web servers.

Whonix Pros & Cons:

The following is a short list of pros and cons of using Whonix and could help you determine the use case of this OS.

  • The VirutalBox usage makes it easy for anyone to use
  • The default install is simple and requires no extra customization
  • The only separation is workstation from host — there is no increase of security from risky behaviour. This means that there isn’t much protecting the host from getting infected.
  • It is easy to accidentally use the real host when meant to use the workstation VM.
  • Using this as a longterm option can cause issues to your host as it uses your host’s hardware for virtualization.

Bonus Option:

Kodachi OS

Goal = Anti-forensic

SubGraph

This is a Linux based OS that is still in its infancy (very new); there isn’t much on it, but I wanted to include it as an option for those who weren’t satisfied with the list of options above. The OS runs custom applications on isolated sandboxes that aid in the protection of the host.

Eeny, Meeny, Miny, Moe

The options given are obviously not the only ones out there, and there is a lot more information on each should you choose to conduct your own research. I feel that it is easier to choose when you know the basics and focus of each so that you can match one to your specific use case. Don’t choose one because your friend told you its the best, do you research and decide for yourself — you have the right to know the wins and the fails of each.