Will there be a Whonix host meta-package for vanilla Debian hosts that includes as much security specific and privacy enhancements as applicably possible?
Yes. It’s required for a Whonix-KVM-Host anyhow.
hardened-debian-host-kvm-xfce(rename required) (not sure in which order the name, getting a lot: host vs VM, kvm vs virtualbox, xfce vs cli)whonix-host-kvm(depending onhardened-debian-host-kvm-xfcemost likely to avoid code duplication, that’s a clean way to implement it anyhow)
But I am not sure yet a whonix-host-kvm meta package (installable on Debian hosts or default installed meta package on a Whonix-KVM-Host) could be capable of fetching Whonix qcow2 images since we don’t have a Debian package(s) which which ships qcow2 images, and I am not sure yet it’s sane to create them.
This is doubly relevant for a hardened Debian VM which can also act as a sandbox for the browser that accesses captive portals.
Interesting idea, so we could ship the hardened Debian VM by default on a Whonix-Host too.