another statement on news article "How to Evade Government Surveillance and Stay Anonymous Online" - mailed


I am adrelanos, Whonix maintainer.


It dislike to pressure press. You are free to write what you want. This are just some friendly appreciating comments. Not asking for anything. I believe suggesting corrections without strings attaches are okay. Openness and transparency may be best to handle this. This mail will also be published on Whonix Feature Blog.

I am sorry, if the Whonix project page created the impression or implied, that Whonix can provide strong anonymity, defeat three-letter government agency surveillance and such.

When you log into Whonix-Gateway it says:

Whonix is experimental software by means of concept and design.
Do not rely on it for strong anonymity.

Quoted from:

[...] Although Whonix has been developed with greatest care, a negative,
being leak free or being free form mistakes in the extended project
description [1], can not be proven. This is Whonix's first release
announcement. I hope skilled people look into the concept and
implementation and fail to find anonymity related bugs.

See also Whonix security in real world and Security Reviews and Feedback.

whonixcheck, the popup when starting Whonix-Workstation says:

Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.
Whonix is experimental software by means of concept and design. Do not rely on it for strong anonymity.

The Download page states:

First time user?


  • If you don't know what a metadata or a man-in-the-middle attack is.
  • If you think no-one can eavesdrop on your communications because you are using Tor.
  • If you have no notion on how Whonix works.

Then, check first the [About] and [Warning] pages to make sure that Whonix is the right tool for you and that you understand well its limitations.

The Whonix Homepage says:

This is only a very brief introduction. See Documentation and/or Technical Design for a more comprehensive description, security features and threat model.

And if you read through the Documentation and/or Technical Design it speaks mostly about about things which are insecure, where Whonix could do better (more than enough!), drawbacks and tries to give recommendations.

Did the Homepage create confusion? Anyway, it will be improved. (History of changes) Please tell me, what created the impression.


Posted by Anonymous 2013-01-09

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks