In bitcoin you have to do coin control to not mix UTXOs. You absolutely need your own bitcoin node otherwise coin control doesn't matter. You need TOR to hide your IP. VPN is unreliable and easier to trace than tor. For example, they can see which VPN provider you use. Another example if if you conjoin and almost everyone else us using TOR, and the few who use VPN all use a different provider. That means you are maybe the only one who used the vpn provider and then when you take the btc out on the other side you use the same vpn provider, easily tracked. Lastly you need coinjoin.
Most of this is not true. If a remote Bitcoin node can correlate your UTXOs even when you use coin control, the same can be done by an ETH node for accounts. No privacy advantage there. VPNs are pretty reliable, and no they are not easy to trace. All someone can say is that the originator of some transactions is using a specific VPN provider. You can switch servers between transactions if you want to.
In ethereum I am not sure I understand everything. But instead of not mixing UTXO you should do same thing but not mix accounts aka addresses. Ethereum node requires a huge investment so we can't expect everyone to run their own node. What privacy penalties does that have?
The same as with Bitcoin.
Maybe not having a node in ethereum isn't as important for privacy as it is in bitcoin?
It is, but ethereum does not care about privacy and decentralization.
There are many "mixing" smart contracts and networks on ethereum so at least there ethereum has the advantage over bitcoin.
It is not an advantage, most of those mixers are worse by design than centralized Bitcoin mixers. They don't have the liquidity or volume of transactions to be better.
Lets evaluate which has better privacy. Or maybe they have almost the same level of privacy?
As a bonus, if it turns out many of us think that ethereum has equal or better privacy, we could also discuss the security between having btc on bitcoin vs having wrapped btc on ethereum.
Bitcoin does it better, especially since you are not likely able to run an ETH node or use ETH over TOR.