sheep
9
It’s the time set by sdwdate, which is the median time of three servers chosen randomally from whonix’s list. Correct, JS has access to that.
sdwdate mitigates that to some extent, but I agree, not fully. Not between one setting and another. Indeed JS makes fingerprinting way easier.
Since it’s UTC time in all Whonix machines that won’t be possible.
By the way, it’s possible to set other timezones: