Tails vs. Whonix vs. Qubes

I’ve dabbled in using TAILS and Whonix, but haven’t set up Qubes yet. Can someone briefly explain what the advantages and disadvantages of each of these are?

Whonix, in fact, was my first “unofficial” Linux distro - it included the KDE Plasma desktop, LibreOffice, and several other programs.

they cover this question on their website

1 Like

Thank you, raphty! I’ll check this out.

1 Like

Isn’t it that you can use Whonix inside of Qubes?

1 Like

True, I had forgotten about that! In fact, why don’t I try setting it up that way?

1 Like

I set up a Tails install on two USB keys, dabbled a bit with it, and left it at that.

I was dissuaded by the fact that the Tails Reddit is almost exclusively filled by requests for help (does not work ! lost everything !), as opposed to requests for how-to’s, or doing more advanced things. Is that a valid concern ?

Regarding Qubes, I understand it’s very picky about hardware (and mine is not compatible).

1 Like

The Tails subreddit might be a lot of people trying to access darknet markets and things like that (just a guess, but I’m basing this on the types of questions I get).

Tails is intended to be used on computers you don’t want to leave traces on. For an installation at home you could definitely use QubesOS which has an official Whonix template and can even start tails appvms so everything you ask for.

1 Like

Would that mean Tails would break more often for them ?

You can even combine whonix vms with qubes with dispvms.
That way you are also sure that all malware is gone when you close the reboot the vm. so you essentially get all benifits from all the os’s, with a signle click of a button. NOTE: dispvms are not amnesiac, qubes does not attempt at all to hide the fact that you ran a dispvm, BUT all data off the vm itself is gone.

1 Like

Not necessarily. The issue is (sometimes) is that sometimes people get impatient with Tor (and/or other privacy tools like Tails) and make mistakes because they aren’t configured correctly. There’s a pentester on Twitter who essentially deanonymized some of the darknet markets because they didn’t have their Tor hidden services set up right. I don’t claim to be the best at this, but I’m not running an illegal hidden service!

Am I right in thinking that Qubes (awesome as it is!) has at least a theoretical vulnerability in that even though everything is compartmentalised, it’s all sharing the same hardware? In particular the processor - meltdown/spectre vulnerable?

Use Qubes-certified hardware and that will become less of an issue.

Thanks, although I am looking to remove issues, not reduce them :slight_smile:

1 Like