For reference google:
how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac
tracking-one-year-of-malicious-tor-exit-relay-activities-part-ii-85c80875c5df
is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8
It seems that there is a large amount of malicious relays, entry and exit nodes operating on TOR network which allow deanonymization of users.
How does this affect Whonix users?
And how to protect against this?
Also: do hops used for Gateway to route system traffic via TOR match the hops that TOR is running through on the Workstation instance?
Or is traffic routed once via TOR on Gateway and then a second time whenever you run TOR separately on the workstation?