What advantages does virtualization has over live cd?
In comparison, using a VM would double your attack surface as you will have to secure both the host and guest systems instead of one in case of running host only live cd, isnt it?
Both approaches have advantages and disadvantages.
Some real world implications are safer in Whonix:
Whonix has different security features, some of them, no Live CD has yet:
(You get updates as fast as the underlying operating system, updates persist, full IP/DNS leak protection, hidden hardware serials...)
Whonix lets you do things, which Live CD's can't offer:
- you can host hidden services, just configure them securely and don't care about spilling IP through the protocol
- TorChat works
- Mixmaster over Tor works
- Flash does not leak IP
- Skype does not leak IP
- you can install virtually any software and run it over Tor, and there will be never* any IP/DNS leaks
- full persistence of installed packages, configuration files, user data etc.
About Virtual Box:
Note, Whonix isn't Virtual Box only, there are also instructions for https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/ for advanced users.
Once Whonix can run on top of Qubes OS, there will be an even smaller attack surface. (Qubes OS is based on Xen, which is a Microkernel.)