- The design goal is, that the host's [any VMs], Whonix-Gateway and any Whonix-Workstation's clock should slightly differ.
- Rationale: Prevent adversaries from linking anonymous and pseudonymous activity. Described in more detail on the Dev/TimeSync wiki page.
What this is not:
- Therefore Whonix-Gateway should not "directly" be the ClockVM for all other VMs.
- Using a second instance of sdwdate.
- Reusing Whonix-Gateway and sdwdate.
- Having the time securely provided by sdwdate.
- Useful to reuse these components, since sdwdate depends on Tor, that Whonix-Gateway provides. And Whonix-Gateway is also the right place for Tor configuration.
- Having a second instance of sdwdate running within Whonix-Gateway that provides time for dom0 and all non-Whonix VMs would be an improvement against time related attacks.
- Better than NTP.
- For those who are willing to use Tor.