Simplified Privacy

Why KVM Whonix over Oracle VirtualBox

5 Reasons to Run Whonix in KVM VirtManager over Oracle VirtualBox

Reason 1

Oracle is an NSA contractor and the copy-paste extension pack isn’t open source.

Oracle’s previous CEO Larry Ellison not only criticized Edward Snowden, but literally praised the NSA. Quote “It’s great,” Ellison said of the domestic spying. “It’s great, it’s essential.” [2] Further quoting from his talks “Snowden had yet to identify a single person who had been “wrongly injured” by the NSA’s data collection.”. [3] This corrupt attitude stems from Oracle selling database solutions to the CIA. [2]

Reason 2.

Oracle is among the world’s biggest data collectors

Oracle faces class action lawsuits for privacy violations, as one of the biggest data brokers. Spice Works reports: “the lawsuit alleges Oracle collected data, prepared dossiers of more than half of the global population, and sold them to third parties without taking prior consent from data subjects.” [4] According to TechHQ, “The data harvesting has been going on for years, using Oracle Data Cloud, and the Oracle chairman admitted that they have the information of 5 billion people.” [5]

The Oracle VirtualBox isn’t part of most Linux package managers, where you’d just do a “sudo apt update” once in awhile and get the upgrade when you want. Instead, VirtualBox makes calls directly to their servers to find out if there’s an upgrade, exposing your VPN IP directly to Oracle/NSA.

Reason 3.

You can save hard-drive space

Having lots of VMs is tough with storage limits. The Oracle Whonix images take up more space on your computer, rotting your hard-drive for “live-mode” which isn’t storing anything. In contrast, the KVM version is a “Sparse-image” which starts small and expands as it grows. This keeps your storage useage lean.

Reason 4.

Stronger breakout protection

Oracle’s Virtualbox is a type 2 hypervisor, meaning this runs on top of the operating system. Instead, KVM is a type 1 hypervisor running on the hardware. This presents harder challenges for government thugs blowing taxpayer funds to hack you for illegal surveillance.

Reason 5.

Oracle is slow on responding to security vulnerabilities

Very rarely will a software developer actively criticize upstream platforms it creates on. But Oracle is so slow to respond to critical vulnerabilities that even Whonix calls them out. Quote, “This historical 0-day vulnerability, reported privately to Oracle in 2008 by an independent security researcher. Over four years later, the vulnerability remained unfixed, exhibiting Oracle has a history of failing to provide timely patches to customers so they can protect themselves.” [1]


Please help me spread the knowledge. It’s being suppressed.

The references for this article can be found here.

Related Articles