I gather Telegram is bad. What’s better? Signal?
Note: Telegram and Signal are both affected by Amazon and Google pulling the plug on domain fronting. Azure cloud (Microsoft) maybe next.
Is the risk mostly in the info (that I knowingly type) not staying encrypted / confidential all the way through, or in the application leaking other data, e.g. about the system / content saved or used by other apps / IP / network etc?
I can live with the first risk by being very careful in the content so it won’t identify me, but the second is a major issue.
Whonix-Workstation is isolated from the host and Whonix-Gateway. Even if an application such as Telegram was misbehaving or malicious it could not access sensitive information such as:
- external IP Address (real IP)
- hardware serials
- host system time. Whonix uses sdwdate.
However, any user information on Whonix-Workstation would be accessible.
The risk is in end-to-end encryption.
You can be as careful as you want, but it only takes 1 mistake. There have been cases where people much more experienced than you or I are able to stay anonymous for 20 years… then they make 1 mistake then they are de-anonymized. And these are the people doing everything they are supposed to do.
My questions is, why use an encrypted messaging app if you’re not worried if your message stayes encrypted end-to-end?
At any given point in time I assume my chat counterpart may be compromised or even malicious to begin with. So even end-to-end encryption won’t help and I have to make sure I never disclose any identifiable information of any kind anyway. This doesn’t mean I like everyone on the way to just view everything at will, but it’s a lesser risk then data leaks. Think about it as SSL/TLS with clearnet sites. It’s not going to guarantee anything (forged/stolen certificates, ssl stripping, unreliable CAs, compromised site etc) but you still want to have it, right?
I also try to avoid having any identifying data in the workstation. But even non idenfying data may probably be valuable for an attacker to get a bigger picture about me and look for weak points and mistakes.
Perhaps use a separate VM just for that then.
The point I was trying to get across is use the most secure messaging app you can find and not use apps with known flaws. It just good practice/OPSec. As you mentioned using care with the information you share with other users is a good idea since in there is no way of knowing:
- Who they share that info with
- If there system is secure, compromised etc
- if they have the app configured correctly
Good idea/recommended. Very easy if you use Qubes OS