diff --git a/etc/default/grub.d/40_cold_boot_attack_defense.cfg b/etc/default/grub.d/40_cold_boot_attack_defense.cfg
index 1b4793a..9342c5a 100644
--- a/etc/default/grub.d/40_cold_boot_attack_defense.cfg
+++ b/etc/default/grub.d/40_cold_boot_attack_defense.cfg
@@ -1,7 +1,7 @@
 ## Copyright (C) 2022 - 2022 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.
 
-## RAM wipe is enabled by default on real hardware / bare metal.
+## RAM wipe is enabled by default on host operating systems, real hardware.
 ## RAM wipe is disabled by in virtual machines (VMs).
 ##
 ## User documentation:
@@ -14,6 +14,8 @@
 ## unclear if that could actually lead to the host operating system using
 ## swap. Through use of kernel parameter wiperam=force it is possible to
 ## force RAM wipe inside VMs which is useful for testing, development purposes.
+## There is no additional security benefit by the wiperam=force setting
+## for host operating systems.
 #GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT wiperam=force"
 
 ## Kernel parameter wiperam=skip is provided to support disabling RAM wipe