https://www.whonix.org/w/index.php?title=Warning&oldid=41607&diff=cur is huge. All self-written? @torjunkie I haven’t seen such a summary/overview before yet.
Could you please help to review https://www.whonix.org/w/index.php?title=Warning&oldid=41607&diff=cur @HulaHoop?
<ref>Some have already been addressed by The Tor Project.</ref>
Why make this a footnote? Which ones were addressed, and which ones not? Seems like an important information if we add this.
<ref>Explaining why browser plug-ins should generally be avoided or disabled in Tor Browser.</ref>
Slightly confusing. All disabled by default in Tor Browser.
Connections to peer-to-peer systems are exploited to retrieve the IP address of the client. For example, adversaries can retrieve the IP address of clients connecting over Tor with the BitTorrent protocol when they communicate with the torrent tracker. <ref>Torrent trackers retrieve information about peers who can share the requested resource, that is, IP address and listening port.</ref> While tracker lists can be retrieved anonymously over Tor, the actual P2P connection is not – meaning a MitM attack on this connection can redirect to a list that includes the IP address of a malicious torrent peer. This means the IP address of the client that originated the tracker request (over Tor) can be retrieved.
Doesn’t apply to Whonix.
Whonix will keep your IP address hidden while you use BitTorrent and other file sharing and P2P programs.
Since it doesn’t apply to Whonix, is it worth mentioning it on our Warning page? We could mention a short summary on attacks on Tor somewhere in Whonix wiki but the Warning page isn’t the right place?
Tor clients can be induced to adopt a malicious Tor guard (entry) node via: altering traffic capabilities of the target, blocking connections to legitimate entry nodes at the network level, and so on. This greatly assists end-to-end correlation and other attacks.
<ref>Note: This attack variant is no longer possible since directory servers now control the declaration of effective bandwidth.</ref>
Shouldn’t be a reference if this is no longer valid, too important to hide it in reference.
Cell Counting and Padding
Tor Cells Manipulation