Whonix 14 will come with major time related deanonymization attack defenses. The only networking allowed is Tor and sdwdate until sdwdate succeeded, i.e. until the clock is unlinked from all other VMs. (T533)
On the Qubes-Whonix side this does not work well yet usability wise.
- 1) disable this new feature in Qubes-Whonix 
- 2) leave it enabled, but then users would have really bad usability 
- 3) somehow magically find a contributor who implements T534 
Which option do you suggest? @marmarek
 Enabling / disabling this feature is as simple as an /etc/whonix_firewall.d/ config snippet drop-in.
 Tor Browser might already be started, but with broken connectivity, since time synchronization is not done yet. And if time synchronization was to fail, then this issue would not be communicated to the user.
 I could ask iry to work on the gui part, but at the moment iry has its hands full with anon-connection-wizard.