Whonix ®

Download

Windows Linux Mac VirtualBox KVM Qubes Intel / AMD64 ARM64 PPC64 USB ISO Raspberry Pi More options Source Code

About

Overview Features Whonix vs VPNs Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Use Telegram over the Tor network with Whonix.

Introduction[edit]

Telegram is a cross-platform, fully featured instant messenger. The Telegram FAQ describes the basic architecture:

Telegram is a messaging app with a focus on speed and security, it’s super-fast, simple, and free. You can use Telegram on all your devices at the same time — your messages sync seamlessly across any number of your phones, tablets, or computers.

With Telegram, you can send messages, photos, videos, and files of any type (doc, zip, mp3, etc.), as well as create groups for up to 200,000 people or channels for broadcasting to unlimited audiences. You can write to your phone contacts and find people by their usernames. As a result, Telegram is like SMS and email combined — and can take care of all your personal or business messaging needs. In addition to this, we support end-to-end encrypted voice calls.

Advantages include: ^[1]

• access to chats across multiple devices

Disadvantages include:

• The application requires the user to register a phone number to create a Telegram account. See also Phone Number Validation.
• End-to-end client encryption is not enabled by default.
  • The desktop and web versions have no end-to-end encryption feature. Messages from non-encrypted chats are stored on Telegram's servers and Telegram team has access to it according to section 3.3.1 of privacy policy (archived at time of writing). Telegram moderators may check messages that users have reported, as stated in section 5.3 of privacy policy. Telegram notified eSafety Commissioner of the Australian Government about moderation in secret chats:^[2]

Telegram stated that messages in Secret Chats were not ‘forwarded’ to moderators when they were reported by an end-user. Without access to the messages being reported, Telegram reported that it relies on alternative signals or indicators to determine if ‘the reported user is not otherwise engaging in harmful or malicious behaviour’

• • The mobile version has easily confused encrypted versus non-encrypted chats.
  • Telegram does not have encrypted group chats, channels and chats with bots.
  • Telegram sends the user's personal data to the interlocutor to the chat: registration date (month and year), region of the phone number, common groups, and any changes to the name and avatar (if it have been changed in the past 30 days). ^[3]
  • For the purpose of encrypted chats, it is better to use a messenger that is always encrypted end-to-end by default.
• MTProto 2.0 has been repeatedly criticized by cryptography experts ^[4]
• Telegram collects a lot of metadata: IP address, devices and Telegram apps you've used, history of username changes, etc. This metadata can be kept for 12 months, as stated in section 5.2 of privacy policy.
• Telegram cooperates with intelligence agencies and may share user data (IP address and phone number), as stated in paragraph 8.3 of the privacy policy.

This is why it is not recommended for anonymous messaging at this time.

One viewpoint is to see Telegram as a modern public chat or IRC alternative.

Telegram Data Harvesting[edit]

Telegram collects information about the operating system, sends it to the server, stores it there, and then sends a message to the user without end-to-end encryption. Here is an example:

Device : Telegram Desktop, 4.6.5 Snap, Desktop, Linux Qubes X11 glibc 2.35Telegram, service notifications ^[5]

This means Telegram has collected at least:

This has sparked discussion among users:

• https://forum.qubes-os.org/t/how-to-hide-the-fact-that-im-qubes-os-from-telegram/22934?
• https://forum.qubes-os.org/t/telegram-desktop-identifying-qubes-in-standalonevm/17906
• https://forums.whonix.org/t/qubes-identifiers/17994

See also: VM Fingerprinting

Telegram User Freedom Threats[edit]

As defined in User Freedom Threats:

• Proprietary Tethers
• RegistrationRequired
• Non-freedom network service
• Enforced centralization

Installation[edit]

^[6]

Start[edit]

To launch the application, in Whonix-Workstation^™ terminal run.

telegram-desktop

Figure: Telegram Desktop in Whonix ^[8]

For a basic Telegram user guide refer to this official blog entry.

See Also[edit]

• Whonix Project Chat
• GitHub: Telegram Desktop - Official Messenger
• Telegram for Linux

Footnotes[edit]

Whonix The most watertight privacy operating system in the world.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Whonix is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Whonix we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!