Whonix builds on much stronger concepts than Tails, as malware with root privileges cannot discover the users real IP address since it simply is not aware of it. It uses an internal VLAN to connect to Tor on a separate virtual machine. This design has proven to be far less vulnerable to leaks, with a track record of 10+ years.[1] However it is not a live system, and you have to trust the host operating system that you run it on as opposed to Tails where you boot into a secure environment where ever, as long as you trust the hardware.
>Whonix consists of two VMs: the Whonix-Gateway and the Whonix-Workstation. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network.
>only connections through Tor are permitted.
>DNS leaks are impossible.
>Malware with root privileges cannot discover the user's real IP address.
That is a great explanation. I would only add to this that QubesOS [1] has been designed to take advantage of everything you describe and even take it a step further using multiple VM's for further isolation. Whonix is one of their default implemented VM templates. They make it easier for someone to use Tor in a safer configuration.
>Whonix consists of two VMs: the Whonix-Gateway and the Whonix-Workstation. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network.
>only connections through Tor are permitted.
>DNS leaks are impossible.
>Malware with root privileges cannot discover the user's real IP address.
See also technical introduction: https://whonix.org/wiki/Dev/Technical_Introduction
[1]: https://whonix.org/wiki/Whonix_against_Real_Attacks