Whonix: A High Security Method of Surfing the Internet
Whonix is a desktop operating system designed for advanced security and privacy. Whonix mitigates the threat of common attack vectors while maintaining usability. Online anonymity is realized via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP address leaks. Commonly used applications are pre-installed and safely pre-configured for immediate use. The user is not jeopardized by installing additional applications or personalizing the desktop. Whonix is under active development and is the only operating system designed to be run inside a VM and paired with Tor.
Whonix builds on much stronger concepts than Tails, as malware with root privileges cannot discover the users real IP address since it simply is not aware of it. It uses an internal VLAN to connect to Tor on a separate virtual machine. This design has proven to be far less vulnerable to leaks, with a track record of 10+ years.[1] However it is not a live system, and you have to trust the host operating system that you run it on as opposed to Tails where you boot into a secure environment where ever, as long as you trust the hardware.
>Whonix consists of two VMs: the Whonix-Gateway and the Whonix-Workstation. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network.
>only connections through Tor are permitted.
>DNS leaks are impossible.
>Malware with root privileges cannot discover the user's real IP address.
That is a great explanation. I would only add to this that QubesOS [1] has been designed to take advantage of everything you describe and even take it a step further using multiple VM's for further isolation. Whonix is one of their default implemented VM templates. They make it easier for someone to use Tor in a safer configuration.
Whonix is a desktop operating system designed for advanced security and privacy. Whonix mitigates the threat of common attack vectors while maintaining usability. Online anonymity is realized via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP address leaks. Commonly used applications are pre-installed and safely pre-configured for immediate use. The user is not jeopardized by installing additional applications or personalizing the desktop. Whonix is under active development and is the only operating system designed to be run inside a VM and paired with Tor.