Due to bugs - not caused by Whonix (upstream bug reports are linked here) - the choice for Whonix development boils down to the following two options.
- A) staying on Debian stable version and keeping Vanguards - Tor Anonymity Improvement, or
- B) disabling Vanguards and using a newer Tor version.
So far I’ve decided for A) as disabling Vanguards would be a major downgrade.
That is currently broken which is why things are as is. See:
- Tor integration in Whonix - #47 by Patrick
- Connections drop on Tor 0.4.8.9
- Tor integration in Whonix Development Notes
Probably not realistic. Not sure. Look into salaries for Linux distribution developers. Maybe OpenSUSE can be used as an example. Dunno how good this data is:
https://www.glassdoor.co.uk/Salary/SUSE-Software-Engineer-Salaries-E466462_D_KO5,22.htm
(Other considerations on top of it, small vs large company, job security, etc.)
This isn’t just a one-off task. It needs constant monitoring, testing newer versions, analyzing bugs and perhaps derivative-specific bug fixes should need arise. Continuous brain cycles being spent.
At some point during Debian release cycle of a stable version.