Great edits, great work!
A few comments…
Yes, I think system requirements should be moved to Whonix System Requirements with a new sub chapter “For Best Security” perhaps? On the security guide page there should just be a stub pointing that out perhaps. Or using wiki templates.
The non-perfection about the Security Guide wiki page now is, that it is partially structured into easy, moderate, difficult, and partially not?
The subject Other Anonymizing Networks over Tor (UDP Tunnels) is not so much on spot anymore.
- Not very UDP related.
- Overlap with Combining Tunnels with Tor - should be mostly merged?
- Doesn’t clearly distinguish between user → tunnel → Tor → Internet vs user → Tor → tunnel → Internet. Some comments points only apply in the one or other direction.
- The following bullet points require more references. A lot of cracking tools available alone does not mean these are efficient against sane setups. ( Compare to https://forums.whonix.org/t/should-we-recommend-to-avoid-wifi )
Warning: you should be aware that VPNs by themselves are incapable of preventing intelligence agencies from monitoring your activities. A host of tools are already in long-term use which:
- Attack and exploit VPN protocols;
- Decrypt traffic;
- Extract VPN metadata;
- Extract router information;
- Record full-take VPN collection for later analysis; and
- Fingerprint users in the XKEYSCORE system.
For example Attack and exploit VPN protocols; could use a more on spot reference. Is there some claim in any of these documents that they are keep using some unknown cryptography bug to keep decrypting everyone’s OpenVPN traffic all the time or something similar?