Type: Privacy-focused operating system — dual VM architecture
Tor routing: System-level — all traffic forced through Tor gateway VM
Persistence: Yes — survives reboots unlike Tails
Best combined with: Qubes OS
Clearnet: whonix.org
Last verified: March 2026
Onion Address
The Two-VM Architecture
Whonix runs as two separate virtual machines: a Gateway VM that connects to the Tor network and handles all routing, and a Workstation VM where you actually browse, write and work. The workstation has no direct internet connection — all traffic must pass through the gateway.
The practical consequence: if malware gets onto the workstation and tries to phone home with your real IP, it cannot. The workstation literally has no path to the internet except through Tor. DNS leaks, WebRTC leaks, application-level bypasses — all blocked at the architecture level, not by configuration.
| Threat / Feature | Whonix’s Position |
|---|---|
| IP leak from compromised workstation | Impossible — workstation has no direct internet |
| DNS leak | Impossible — all DNS goes through Tor gateway |
| Persistence across reboots | ✅ Yes — unlike Tails |
| Host machine trace | Minimal — runs in VMs, not bare metal |
| Best for | Ongoing work requiring persistent anonymous environment |
Whonix vs. Tails
Tails is amnesic — it forgets everything on shutdown, which makes it ideal for one-off high-stakes sessions. Whonix persists, which makes it better for ongoing anonymous work where you need to retain files and settings. Many advanced users run Whonix inside Qubes OS for the strongest available combination of isolation and persistence.