Phone Number Validation vs User Privacy

The mandatory linkage of the software application with a phone number makes it very likely adversaries can easily link any 'anonymous' use of such applications in Whonix with a user's real identity.
Some applications like Signal and Telegram require the user to provide a phone number for verification.
Even if a secondary phone number is used as a limited workaround. At the time of writing user requests to enable registration with an email account as a possible alternative have been ignored or denied by some developers of such applications. For this reason alone, alternative options like Gajim, HexChat and Tox should be investigated instead; see Instant Messenger Chat for further information. Readers are of course free to ignore this advice.
In many cases (such as Signal and Telegram) the number can be different form the device's SIM card; it can be a landline or VoIP number, so long as the user can receive the verification code and possesses a separate device to set up the software. A far safer registration alternative is to utilize a random online phone number, see:
Phone Number Registration Unlinked to SIM Card
.
See also:
- Do not Use (Mobile) Phone Verification.
Mobile Devices Privacy and Security
Two-factor Authentication (2FA)

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!