I say:
You quote:
That’s confusing.
Time off by:
- hours: If time is off by hours, it’s more likely confusion caused by timezones. Whonix on purpose sets time to UTC. Hence, if you you compare it with the host which uses your local timezone it will be different. The minutes would be similar but hours could be different.
- minutes: sdwdate has to acquire the time from somewhere. It acquires it from onion time sources. These are defined in file
/etc/sdwdate.d/30_default.conf. It’s possible that some time sources are off by several minutes. Happened in the past. Would not be a shocker.
There’s an utility to check all onion sources but it’s supposed to be run by advanced users or developers since its output could be confusing:
/usr/share/sdwdate/onion-tester
It is conceivable that some ISPs might in theory specifically detect Whonix and only disrupt Whonix connections or use malware (viruses, trojan horses).
- No? Obviously, I cannot prove a negative. I cannot prove this isn’t the case. This being conceivable is bad enough as the world is.
- Yes? For now, I don’t see evidence for that.
However, this is speculation and jumping to conclusions based on limited technical skills. The technical skills required would be analyzing sdwdate in depth such as by looking at the time sources, understanding its logs and/or source code.
What this is more likely: Usability issues.
Please read this wiki page: