Why is it more secure to use Tor on Whonix, then just use tor elsewhere?

PACMANchasingme · 12-30-2015, 08:28 PM

Isn't a distro like arch with just tor and iptables more secure because it comes with nothing on it. If I run Whonix I'm seeing myself at the mercy of the developers? if one of them is compromised wouldn't security distros be much more prone to snooping around.

I obviously don't know anything and I'm just curious to learn more.

qlue · 12-31-2015, 03:48 AM

Being "at the mercy of developers" is pretty much true for any distribution. Whonix is, however, open source. It is also Debian, so any security issues for Debian could also affect Whonix.

The advantage of a distribution like Whonix is that a lot of people, who collectively know a lot more about security than any one person, are all working together to make it easier for the average joe to enjoy the benefits of Tor.

Tor is just a tool, and if it's mis-configured or simply just used the wrong way it is really no more anonymous than any other option.

Regardless of which distro you use Tor with, you need to read up and educate yourself as much as possible about online safety and security.

You are your own best, and worst, security app.

ondoho · 12-31-2015, 05:53 AM

it is true for closed source software, that you are "at the mercy" of the devs.

it is the very definition of open source software, that you are not "at the mercy" of the devs.
because its source is open for everyone to see.

but just for the sake of argument, you are still "at the mercy" of arch developers, and tor developers.
and there's many levels of software in between - systemd, gtk, Xorg... that you need to install before you can install tor on top of arch.

but, in the end i agree with your sentiment: it is safer to do it yourself.