For reference google:
It seems that there is a large amount of malicious relays, entry and exit nodes operating on TOR network which allow deanonymization of users.
How does this affect Whonix users?
And how to protect against this?
Also: do hops used for Gateway to route system traffic via TOR match the hops that TOR is running through on the Workstation instance?
Or is traffic routed once via TOR on Gateway and then a second time whenever you run TOR separately on the workstation?