News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Is it okay to install the host OS for Whonix on an internal SSD? : DarknetMarketsNoobs | Torhoo darknet markets

The main difference I see between an internal vs external SSD is that an external drive is easier to hide than a laptop or a partition on a laptop.

Would it be easier to deny that there is anything of value on an external drive?

Also, is it okay to use my main personal Linux machine as the host of Whonix, or should the host OS be dedicated to DN browsing so clearnet activities remain separate as much as possible?
/u/MrBacon420 P
2 points
3 weeks ago
As long as it's a strong Debian/etc base with LUKS encryption and a password you've never used anywhere else, yes, you'll be fine. NO MAC NO WINDOWS

You may want to look into cryptsetup-nuke-password , if you put in the special nuke password it'll wipe the encryption headers and keys, making the information useless.
/u/bogged_smith 📢
1 points
3 weeks ago*
Thanks for the tip about cryptsetup-nuke-password. I wonder if LE would bother decrypting the running system, or if they would (or are required to) remove the drive and clone it before trying to decrypt it? I suppose that if one uses the BIOS internal SSD encryption, then the SSD might be paired with the machine, unless there is a back door for LE, or they bypass the BIOS password to boot from USB and then access the drive on the running machine. If they have to use your OS to get in, then LUKS on top of all of that could pressure them into typing the special password. I'm not sure about the legal consequences of destroying evidence if one is being investigated though.

I'm using LUKS, but not Debian... Any thoughts about why you recommend a Debian based distro? It's true that there is less package churn, which can help with reliability, but I like having new software. It's also a lot of work for Debian maintainers to backport bug fixes to old versions of software, so software often remains unpatched until the next release.
/u/MrBacon420 P
1 points
3 weeks ago
Both posts are pending mod. You must be using a sensitive word. You can also post in /d/whonix
/u/MrBacon420 P
1 points
3 weeks ago
cyyptsetup would be before they get to your door use, not once you are in handcuffs. KickSecure if you want a tight ship, but it's a bit too restricted for me.
/u/MrBacon420 P
2 points
3 weeks ago
Please share more of " main personal Linux machine" - I would probably say no on this, but if you want to give a little bit more detail. Encrypted? What distro? etc
/u/bogged_smith 📢
1 points
3 weeks ago
Yes, my main personal machine is encrypted with LUKS, and the OS is OpenSUSE Tumbleweed, partly because I like staying up to date on kernel patches.

My main concern is that if I have Whonix on my main OS install, and I happen to download a malicious PDF file while browsing the clearnet outside of Whonix, then open it in a non-sandboxed PDF viewer, that could infect my whole system, granting access to the Whonix data. Of course, getting infected at all on a personal machine would also be a major issue, even if Whonix is not there.

If LE asks me to decrypt my main laptop, a secondary one, or an external drive, I know to not help them with that, God willing I have the courage to remain silent. If LE were to decrypt either laptop, they would know that I'm using Whonix, but that's also true of any external drive.

I get that there is no perfect security, so maybe I'm overthinking it. But I don't have a strong threat model, so it's hard to say what the pros / cons are here.
/u/MrBacon420 P
1 points
3 weeks ago
The newest version of Whonix has two users. User and sysmaint. When you are under the daily activities user, You have zero root access. You have to restart and go to the sysmaint to update packages, etc. Might be a thought. It's a little annoying but I'm already used to it and I like it.

The other is if you use Virtualbox, you can encrypt the workstation VM also. I go over that here - /post/bf134a488007596b453a
That would make your PDF scenario more difficult to accomplish.
/u/BrutalDeathMetal 🍼
2 points
3 weeks ago
A drive with your favorite linux flavor and a strong luks encrypted password.

A VM with Whonix Gateway/Workstation properly used with strong site passes and a strong pgp password.

You can keep up with it all with apps like KeepassXC & gpa plus terminal.
/u/whiteyb
1 points
3 weeks ago
That's basically how I have my device setup. Also used FDE on workstation and gateway. I think that it's virtually secure.I also have the host encrypted using LUKS.
/u/whiteyb
1 points
3 weeks ago
Also I was not familiar with the gpa command. I'm reading the manual now. Appreciate that buddy...
/u/MrBacon420 P
1 points
3 weeks ago
It's GNU Privacy assistant - it's a decent backup if Kleopatra crashes on decryption but I rarely use it. I would know the basics of gpg instead. /post/e38f9957f595b6d102e1
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo