Tails uses a less secure model because it relies on the system firewall to block any non-Tor connections. This means that any user to root vulnerability will leave you naked, deanonymized. Additionally, protocol leaks, or unintentional leaks are more likely to happen. Both of which have happened in the past and are not mere speculation.
I've commented in this thread that at one point, such a vulnerability was left unpatched in Tails for years despite being documented and a PoC existing.
Whonix on the other uses two VMs, one of which runs Tor and the other applications, and connects via an internal network. This means that non-Tor connections are impossible, as the VM where you run software is completely unaware of the real, external IP.
This raises the level of exploit needed substantially, from user to root, to remote kernel exploits or hypervisor escapes.
I've commented in this thread that at one point, such a vulnerability was left unpatched in Tails for years despite being documented and a PoC existing.
Whonix on the other uses two VMs, one of which runs Tor and the other applications, and connects via an internal network. This means that non-Tor connections are impossible, as the VM where you run software is completely unaware of the real, external IP.
This raises the level of exploit needed substantially, from user to root, to remote kernel exploits or hypervisor escapes.