Whonix ™ developer HulaHoop recently approached Tor researcher, Tariq Elahi, to discuss how exposure to malicious guards in multi-Workstation scenarios could be measured. It was discovered that 1 guard/client per internet-connected program (not identity!) is the safest possible configuration. In fact, the probability of a network adversary observing a user’s activities is lower than the default scenario, whereby one Tor Entry Guard is relied upon for all applications.
Thanks for the info.
If I were to defend against the malicious guards, did I have the right idea in my OP? I still dont understand how you can take a “snapshot”. Thanks Patrick
Qubes does not support snapshots. Might be possible to work around it by using Qubes VM snapshots using git / SVN or copies of VMs but that becomes rather complicated. And due to the new developments mentioned in my previous post, I am not interested in this.