Whonix Wiki Download Docs News Support Tips Issues Contribute DONATE

What threat do malicious TOR relays pose to Whonix users and are whonix gateway hops the same as browser hops in Workstation?

For reference google:

how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac

tracking-one-year-of-malicious-tor-exit-relay-activities-part-ii-85c80875c5df

is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8

It seems that there is a large amount of malicious relays, entry and exit nodes operating on TOR network which allow deanonymization of users.

How does this affect Whonix users?
And how to protect against this?

Also: do hops used for Gateway to route system traffic via TOR match the hops that TOR is running through on the Workstation instance?

Or is traffic routed once via TOR on Gateway and then a second time whenever you run TOR separately on the workstation?

Unless Vanguards - Whonix helps, Tor issues affect Whonix the same way Tor issues affects Tor users since Whonix is based on Tor.