When I login to my Telegram account by scanning the QR code with my phone (untorified) either through web app or desktop client on my standard Whonix WS qube I sometimes get duplicate service notifications from Telegram on my phone that also includes my real IP.
That is, if my Tor exit node is happen to be in the Netherlands and my real location is Brazil then I’ll get one service notification with a warning that someone logged into my account from the Netherlands on a device running Qubes OS and then immediately another one stating that someone logged into my account from my real Brazilian IP on the same device running Qubes OS.
How can that be explained?
I sometimes need to read my Telegram chats under Whonix so that I could browse the links in the chats on another qube while at the same time making sure that I won’t accidentally misclick and open the link from my direct/untortified connection. Overall I don’t have any concerns about my anonymity in the particular use-case. it’s just an interesting observation I cannot explain myself.
Original post: Telegram leaks real IP through Whonix qube - General Discussion - Qubes OS Forum