Whonix is ​​the best operating system for anonymity

No monitoring under Linux?

It is true that the federal Trojan developed by the BKA currently only runs on Windows. However, this does not apply to commercially available and widespread solutions such as those from the Hacking Team and Finfisher. According to the company's official advertising material, it can infect Mac OS X, Linux, Windows, Android, Windows Phone and Symbian; some solutions only have problems with iOS devices. In the case of the hacking team software, the current version of iOS could only be exploited if users had previously manually jailbroken it.

  1. German Climate Computing Center (DKRZ), Hamburg
  2. Simba Computer Systeme GmbH, Ostfildern (near Stuttgart), Karlsruhe, Oberhausen

The tips also state: "Microsoft is working with the US authorities". Therefore, all of the company's solutions should be avoided. In principle, users should only use open source solutions if they "perfect security"Because only here can users really check whether there are no backdoors.

Open source alone does not ensure security

That is also a questionable thesis. Because just because the source code is open, not all errors are found. Practice also shows that critical software errors in open source projects can go undetected for many years. If errors occur in central libraries such as glibc or in the Android media server, numerous systems are affected. Heartbleed also went undetected for a long time. Several errors in Truecrypt went undetected even in a code audit, even if these ultimately did not affect the encryption itself, but the Windows drivers for the software.

In addition, most users should not be able to check the source code themselves. It would make sense to use a distribution that enables reproducible builds; the Debian project is well advanced here. Reproducible builds offer a demonstrable security that prevents manipulation when translating the source code into binaries. The Alphabay makers don't say a word about that.

No word about checking ISOs

  1. Terraform with AWS
    14./15. September 2021, online
  2. Elastic Stack Fundamentals - Elasticsearch, Logstash, Kibana, Beats
    October 26-28, 2021, online
Further IT training

Darknet dealers also do not go into the possibility of checking downloaded ISO files using a hash value or signature in order to rule out manipulation. If the signatures are hosted independently and securely, they provide a good way of detecting tampering, as with the Linux Mint project.

The recommendation to rely on virtual machines is not entirely convincing. VMWare, for example, automatically assigns a constant Mac address. In addition, the contents of a virtual machine can also be compromised if the host system is infected with a state trojan. Anyone who values ​​anonymity should therefore use a live system that can be started from a write-protected USB stick or, even better, from a DVD. This ensures that no log files are actually generated. If information has to be saved, this can be done on external, encrypted media.

Drug dealers recommend qubes

For security reasons, the platform recommends using the Linux operating system Qubes OS. With its innovative approach of compartmentalizing individual operating system areas, Qubes can actually contribute to security. But users also have to use Qubes accordingly so that it can work effectively. That means: Use of particularly sensitive content only in a special virtual machine. If Qubes is simply used like a normal operating system, the effect on security and anonymity is small. Another problem with Qubes is that it only runs on very special and very powerful hardware.

The use of live operating systems such as Tails, Whonix or the Ubuntu Privacy Remix should therefore be more practical. The Linux operating system Subgraph could be another interesting alternative, but the software is currently still in beta. In addition to the built-in Tor support, Tails offers Mac address spoofing by default, i.e. not only disguises the IP address, but also the network address of the hardware. With the unique Mac address, computers can be tracked across different networks.

The Canadian secret service CESG is said to have used this technique to monitor the movements of suspects. But Mac address spoofing is not only useful for hiding from secret services. Many hotspots, which offer free internet access for a certain period of time, save the Mac address of the device used for this purpose. With a new address, the time starts all over again.

Unsurprisingly, the use of encryption is also recommended. Within the Linux partition, users should "Put all your illegal stuff in a Truecrypt container". For this purpose, either the no longer maintained Truecrypt encryption software or its successor Veracrypt is recommended. In addition, the entire partition should be encrypted using the LUKS software supplied with many distributions. Encrypting files on your own computer is certainly a good idea - but it has little to do with protecting your anonymity while surfing.

  2. 1
  3. 2
  4. 3
  5. 4