Whonix is great.
My question: Assume a malware is on Whonix-Workstation that has ability do traceroute.
This malware using tcp syn do traceroute, Whether it will get the whole tor relay circuit like arm on Whonix-Gateway.
I can see the entire tor relay connections on Whonix-Gateway using arm tool. that is OK, because the place is Whonix-Gateway.
But if I or malware can see the entire tor relay circuit on Whonix-Workstation, I think that is a bad idea. because this will expose my ip location.
Whether Whonix has this problem or my worry is superfluous?
Thank you everyone.