thank you for the reply , i learn something new.
the question become, how are tor nodes protected against this, it seems to me that they can passively
de-anonymize everyone on the fly , they just need to poison the tor binary that most people end up using
on those debian-based nodes, and the trigger activate and everything is exposed.
Itβs not just about the Tor binary but unfortunately most binaries.
related wiki pages:
- Malware, Computer Viruses, Firmware Trojans and Antivirus Scanners chapter Backdoors in Kicksecure wiki (Whonix is based on Kicksecure.)
General security question. Unspecific to Whonix.
Can be resolved as per: