Why is whonix-ws necessary?

[jkitt]

Wouldn't an appvm, with the tor browser, and netvm set to sys-whonix do the same thing?

[entr0py]

jkitt:

> Wouldn't an appvm, with the tor browser, and netvm set to sys-whonix do the same thing?
>

No. You can see which differences are applicable to you here:
https://www.whonix.org/wiki/Other_Operating_Systems#Security_Comparison:_Whonix-Download-Workstation_vs._Whonix-Custom-Workstation

Some of the more notable things include:
* no Tor-over-Tor (for Tor Browser Bundle)
* stream isolation
* fingerprinting defenses
* secure time sync

Whonix is under continual development. Ongoing projects include defending against side-channel attacks and obfuscating keystroke fingerprinting.

If all you want is an isolated gateway to transparently torrify your traffic, then you can use any OS you prefer as your workstation. (with TBB configured not to launch Tor). In any case, it's advisable to avoid easily fingerprintable (ie leaky) distributions like Ubuntu or Windows.

[9174710470470470470]

Hello,

If you don't need it, you can choose under software in the installation if you install whonix - or not. So it is totally up to you.

Someone might or might not use whonix also as a command and control server, so I by myself disabled it.

Kind Regards