Recommended private chats and social networks for Whonix

That’s not really how this works. This is how it works: Contribute wiki page, chapter Documentation

This milestone was made possible thanks to the incredible support from our community. Thank you!

Big parts of the wiki have been contributed by the community. That includes large parts of the Chat wiki page.

1 Like

Wow, I didn’t know about this. Cool. Then I can add some additions to the wiki on the topic of messengers. For example, I can edit a bit of the section about Telegram: the information about calls is now outdated, but I can add articles where mtproto 2.0 is criticized for weak cryptography. And I can help add information about Simplex Chat, Briar and Session based on forum messages, If sections about these messengers are created in the wiki (I can’t create sections in the wiki, can I?). And I hope the moderators will correct my possible formatting errors when editing the wiki

3 Likes

New sections (wiki chapters) can be created. There’s no limitations, except:

  • new wiki pages: For new wiki pages to be created, please post a request here: Long Wiki Edits Thread
  • file uploads: account required. Will be granted after request and after minimal amount of productive wiki edits have been made.
2 Likes

Okay. I will prepare a text on new messengers and send it to you. and I tried to edit page about telegram (made the actual information), please check it.
Thank you

1 Like

That must have failed. No edit has been received by the wiki.

1 Like

Hmmm. Okay. I will try again.

1 Like

Done

1 Like

Edits accepted.


Added just now: Telegram Data Harvesting and Telegram User Freedom Threats.

2 Likes

Patrick, I made a small correction in wiki. It seems that my edits have disappeared from the site, but I can see it in the editing section. Please check.
New edits only appear after reloading wiki page after accepting site’s terms. Sorry for the inconvenience

1 Like

Perhaps some wiki editing usability issues, documented just now:
Flagged Revisions

1 Like

I want to share a great telegram review. The author very subtly ironizes about the security of telegram and provides very important arguments that telegram deliberately misleads users and makes every effort to ensure that users never use secret chats

By default, Telegram chats do not use end-to-end encryption, and nor does the messenger inform users about the secure chat option. Who could have thought that a user who just installed a messenger precisely because it was advertised as secure wanted to keep correspondence private? Answers on a postcard, please. The upshot is that when a user creates a new chat, Telegram neither offers to secure it nor even hints at the existence of an option other than the default chat.

What’s especially interesting is that the secret chat button is hidden as deep as possible. It’s not in the chat interface itself. It’s not available at the next level either: even if you tap the name of your chat partner and go to their profile, you won’t find the coveted button there. You need to dig a bit deeper: tap the three dots menu, rummage around in the secondary features, and there it is — the secret chat option with end-to-end encryption.

Another complaint arises regarding the name Telegram has given to its end-to-end encrypted chats. The developers could have called them something neutral like “secure”, “protected”, or “private”. But no: they went for “secret” — and this word has a very interesting effect on people’s perception.

Many a time, after creating a secret chat in Telegram, I receive a sarcastic quip from the other end something like: “Wow James – For My Eyes Only, eh?!?” Others apprehensively enquire as to what could possibly be so important – or naughty or something else – for its needing to be secret.

1 Like

Patrick, I made changes to this wiki in the section of recommended messengers Instant Messenger Chat I added Simplex Chat and Swtch as the most recommended for their maximum anonymity and protection against metadata collection Instant Messenger Chat I think that now XMPP and Matrix are significantly inferior to these messengers, which is also emphasized by many security specialists (in fact, XMPP and Matrix only encrypt messages but do not protect metadata). If you agree, then move the sections for Simplex and Swtch higher up. I’m not quite sure how to do that. Thank you.

1 Like

Wow, I found a report on the Australian regulator’s website stating that Telegram can moderate even secret chats! https://www.esafety.gov.au/sites/default/files/2025-03/BOSE-responses-to-mandatory-notices-tvec-March2025.pdf

Telegram stated that messages in Secret Chats were not ‘forwarded’ to moderators when they were reported by an end-user. Without access to the messages being reported, Telegram reported that it relies on alternative signals or indicators to determine if ‘the reported user is not otherwise engaging in harmful or malicious behaviour’

I added it to the wiki Send Telegram Messages over Tor with Whonix ™

ps Hmm but I don’t know how to fix • • after quote. It might be a typo due to the quote inside the subsections

This does not follow from the quote that you provided.

Not sure what “moderate” means in this context. Obviously, Telegram can ban any account tied to any registered phone number at any time. To ban an account (for spam or anything) is a form of moderation.

Not forwarded.

That could be anything. I haven’t read the source but it’s your argument to make. Speculation: the “alternative signal” could be unencrypted chats or the social graph (who is chatting with whom, extending surveillance to chat partners).

Pretty much any centralized service that conttols all the components should be assumed to do this, whether it’s tracking the chats content itself or “only” the metadata.

By the way, if I recall correctly in the past one could use Telegram on desktop without the mobile app (and telegram-desktop is currently included in Debian apt sources so installation is trivial). Phone number verification was required but not a mobile device (and there are fairly easy solutions for online verification).

Now however, the situation is different - you can’t register an account without creating it on a mobile app first (similar to Signal). This means that to use Telegram on Whonix we are potentially exposed to location / network / other identifying data being recorded by the Telegram mobile app during the initial registration, or otherwise use some kind of Android emulator in the workstation - I haven’t seen a solution for this either.

Similar issue with Line - an account must be registered on the phone first. The user can then set email / password credentials and use these to log in to the desktop version (in Whonix the desktop version can be installed as a chromium’s Line extension).

It’s even worse with WhatsApp - if I’m not mistaken, there the user needs to have the app active on the phone for the desktop version to be usable.

1 Like