Reference, what you’re probably talking about:
Increase Protection from Malicious Entry Guards: One Guard per Application
That chapter was updated by me just now:
Whonix ™ developer HulaHoop recently approached Tor researcher, Tariq Elahi, to discuss how exposure to malicious guards in multi-Workstation scenarios could be measured. It was discovered that 1 guard/client per internet-connected program (not identity!) is the safest possible configuration. In fact, the probability of a network adversary observing a user’s activities is lower than the default scenario, whereby one Tor Entry Guard is relied upon for all applications.
A newer development however might conflict with this. The blog post by The Tor Project [archive], New low cost traffic analysis attacks and mitigations [archive] (forum discussion [archive]) discusses website fingerprinting. Quote:
In terms of mitigating the use of these vectors in attacks against Tor, here’s our recommendations for various groups in our community:
Users: Do multiple things at once with your Tor client
Therefore it looks like a difficult choice. Either:
- A) Increase Protection from Malicious Entry Guards, or
- B) do multiple things at once with your Tor client for better protection against website fingerprinting.
//cc @HulaHoop