Send Telegram Messages over Tor with Whonix

From Whonix
Jump to navigation Jump to search
Telegram Logo

Use Telegram over the Tor network with Whonix.

Introduction[edit]

Although Telegram Desktop is functional in Whonix, it requires Phone Number Validation and is therefore unrecommended at this time.

Telegramarchive.org is a relatively secure, cross platform, fully-featured instant messenger. The Telegram FAQarchive.org describes the basic architecture:

Telegram is a messaging app with a focus on speed and security, it’s super-fast, simple and free. You can use Telegram on all your devices at the same time — your messages sync seamlessly across any number of your phones, tablets or computers.
With Telegram, you can send messages, photos, videos and files of any type (doc, zip, mp3, etc), as well as create groups for up to 200,000 people or channels for broadcasting to unlimited audiences. You can write to your phone contacts and find people by their usernames. As a result, Telegram is like SMS and email combined — and can take care of all your personal or business messaging needs. In addition to this, we support end-to-end encrypted voice calls.

Advantages include: [1]

  • the client source code, protocol and API are opensource - other closed source elements are planned for eventual release in the future
  • verified builds are supported
  • end-to-end client encryption via a 'secret chats' optionarchive.org
  • options for self-destructing messages, two-step verification and other advanced privacy/security options [2]
  • support for Android, iPhone/iPad, Windows, macOS and Linux
  • access to chats across multiple devices
  • no limits on the size of chats and media
  • a free service with no advertisements or subscriptions
  • a stated commitment to protect personal information, conversations and other data
  • interested readers can learn more about the security protocol herearchive.org.

Disadvantages include:

  • The application requires the user to register a phone number to create a Telegram account. See also Phone Number Validation. This is why it is not recommended for anonymous messaging at this time.
  • End-to-end client encryption is not a default. Easy to confuse encrypted and non-encrypted chats. For the purpose of encrypted chats it would be better to use a messenger that is always encrypted end-to-end by default.
  • At time of writing, starting a phone call form a secret (encrypted) chat resulted in a regular (unencrypted) call. The call log appears in the chat log of the regular (unencrypted). Not in the secret (encrypted) chat. There is no visual feedback to distinguish an encrypted from an unencrypted call, even if encrypted calls existed.

One viewpoint is to see telegram as modern public chat, IRC alternative.

Installation[edit]

[3]

telegram-desktop can be installed from Debian backports. This is non-ideal, see footnote. [4]

1. Update the package lists.

sudo apt update

2. Install the select software.

sudo apt -t bookworm-backports install telegram-desktop

3. Done.

The procedure of installing the package from the backports repository is now complete.

Start[edit]

To launch the application, in Whonix-Workstation terminal run.

telegram-desktop

Figure: Telegram Desktop in Whonix [5]

For a basic Telegram user guide refer to this official blog entryarchive.org.

See Also[edit]

Footnotes[edit]

  1. https://telegram.org/faqarchive.org
  2. https://telegram.org/blog/privacy-revolutionarchive.org
  3. telegram-desktop version in Debian stable (buster) at the time of writing showed a warning that soon it will be no longer functional.

    You are using an outdated app that is no longer supported. To access your messages, please update your app to the latest version.

    Hence using Debian backports version.

    Not installing from telegram website since telegram does not provide digital software (gpg) signaturesarchive.org.

  4. Users should Kicksecure logo Prefer Packages from Debian Stable Repository The Web Archive Onion Version , but using backports is better than manual software installation or using third party package managers since this prefers APT. To contain the risk, Non-Qubes-Whonix users might want to consider using Multiple Whonix-Workstation and Qubes-Whonix users might want to consider using Multiple Qubes-Whonix Templates or Kicksecure logo Software Installation in an App Qube The Web Archive Onion Version .
  5. A false (random) phone number was utilized for this image.

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!