From 4d51101ba8146dd5edbac8689904a4d1f01fc854 Mon Sep 17 00:00:00 2001
From: tommytran732 <contact@tommytran.io>
Date: Thu, 25 Aug 2022 22:17:56 -0400
Subject: [PATCH] Update Whonix description

Signed-off-by: tommytran732 <contact@tommytran.io>
---
 content/os/Choosing Your Desktop Linux Distribution.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/os/Choosing Your Desktop Linux Distribution.md b/content/os/Choosing Your Desktop Linux Distribution.md
index 8b0df25..ad59b68 100644
--- a/content/os/Choosing Your Desktop Linux Distribution.md	
+++ b/content/os/Choosing Your Desktop Linux Distribution.md	
@@ -98,9 +98,9 @@ Fedora Workstation and Silverblue's European counterpart. These are rolling rele
 
 ### Whonix
 
-[Whonix](https://www.whonix.org/) is a distribution focused on anonymity based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure). It is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
+[Whonix](https://www.whonix.org/) is a distribution focused on anonymity based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure). It is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden. It is currently the best solution that I know of if your threat model requires anonymity.
 
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [boot clock ranomization](https://www.kicksecure.com/wiki/Boot_Clock_Randomization), [encrypted swap](https://github.com/Whonix/swap-file-creator), hardened boot parameters, hardened kernel settings, and a [hardened memory allocator](https://www.kicksecure.com/wiki/Hardened_Malloc). One downside of Whonix is that it still inherits outdated packages with lots of downstream patching from Debian.
 
 Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.