Does using Tor Browser in Whonix leave less traces than just running Tor Browser on the host? Running a whole virtual OS should create more network traffic than just Tor Browser. On top of that there’s always network traffic from the host. How can all non-Whonix traffic on the host be blocked when using Whonix?
What measures can be taken against VM OS-generated network traffic that has nothing to do with the purpose of any particular Whonix or Tor session? I’m aware of stream isolation, but can that cover everything? The OS can surely generate more network traffic streams than the number of circuits that stream isolation affords.