Phone Number Validation vs User Privacy
The mandatory linkage of the software application with a phone number makes it very likely adversaries can easily link any 'anonymous' use of such applications in Whonix with a user's real identity.
Even if a secondary phone number is used as a limited workaround. At the time of writing user requests to enable registration with an email account as a possible alternative have been ignored or denied by some developers of such applications. For this reason alone, alternative options like Gajim, HexChat and Tox should be investigated instead; see Instant Messenger Chat for further information. Readers are of course free to ignore this advice.
In many cases (such as Signal and Telegram) the number can be different form the device's SIM card; it can be a landline or VoIP number, so long as the user can receive the verification code and possesses a separate device to set up the software. A far safer registration alternative is to utilize a random online phone number, see: Phone Number Registration Unlinked to SIM Card .
- Do not Use (Mobile) Phone Verification.
- Mobile Devices Privacy and Security
- Two-factor Authentication (2FA)