I hope this gets addressed. Not for me in particular but for those where anonymity is part of their threat model.
A lot of these posts are not appreciating that your threat model is not my threat model is not @Aleow’s threat model. Using security-focused or even “secure” devices can be a massive security risk in some parts of the world. Any unique or mostly unique identifier can be all it takes for someone to get noticed and hurt.
Also, I strongly disagree that security and privacy are not related. They are not the same but I don’t think you can have one without the other.
We can discuss details, but do we all agree, that sharing qubes names (including own) with all applications of unsafe qube is not right and can be easily avoided in the current system?
It is a design flaw. 1) That domain name inside the qube is the same as qube’s name in dom0 for no reason. 2) Copy process leaks source qube names to target qube software for not actual reason, too (my proposal how to fix it).
My opinion: Qubes OS should not leak qube names to qube’s internal software (possibly malicious). Only dom0 should be able to know qubes’ names. It is easy to make it so.
Regarding OP, i use the web app version of telegram. Its just as good and my device info shows up as chromium linux (as i chose hardened brave browser). You could use torbrowser or arkenfox instead, but i feel hardened brave does a better job at fingerprinting resistance (aims for privacy whereas tor browser aims for anonymity).
If you’re using it locally then it’s a good alternative. But you shouldn’t use it using their web site because you don’t know what javascript did they serve you.
I don’t use telegram on my phone, to log into a telegram account you need a code that comes to telegram, I only use telegram on my computer, but if I have already logged into my telegram accounts from my computer (I use a lot of accounts), telegram has already seen that I am using Qubes, why do I need to use a browser? If they know that I have a Qubes system. If they found out about it, it doesn’t make sense to switch to a browser anymore.
I’ve done some troubleshooting between Qubes (Fedora/Debian) and Whonix, and I can report that I know where it’s coming from, and it’s not a Qubes problem at all. For some reason, Whonix has set the $XDG_CURRENT_DESKTOP env to X-QUBES where classic Fedora/Debian qubes set it to XFCE (which is how they appear in telegram too).
This means that the solution to this is to simply set the variable to XFCE (/rw/config/rc.local):
I don’t know how to read code and don’t understand anything about it, maybe someone here understands it and will watch all this and say something interesting.
I had already changed it with my tests while writing and forgot. Only Fedora returns XFCE by default. Anyway, it’s not a problem if Debian returns something else, since it’s not used for any privacy related activities.
For your other post, I don’t see the point of changing this information, what you want to achieve here is to hide Qubes, not the hypervisor itself.
Xen is not related to Qubes at all. It’s used by many people and companies around the world. What’s less used here are Qubes modifications and applications, which is something completely different.
Again, Qubes is not privacy/anonymity oriented, it is security oriented. Changing this is useless from a security standpoint. So there is no reason for developers to waste time hiding the hypervisor.
There can be no security without privacy and anonymity. But I understand you, maybe someone wants to hide these identifiers (like me), but not all coders and can do it themselves.
Privacy/Anonymity adds up on top of security.
Qubes provides security.
Whonix provides a better level of privacy/anonymity on top of what Qubes provides by default.
I understand what you want, but Whonix is not Qubes and there are things they can’t do without breaking things for everyone.
How do you figure that? Imagine a perfectly secure transparent box. It’s impossible to break into the box from the outside, but everyone outside the box can see everything that happens inside the box. It’s perfectly secure but not at all private. Now imagine the equivalent for a computing system. Everything that happens on the system is visible to everyone, but no one can compromise the system or exert any kind of unauthorized control over it. Again, perfectly secure, but not at all private.
(Before anyone says, “But perfect security is impossible,” please understand that this is a purely conceptual argument. The claim under consideration is, “There can be no security without privacy and anonymity.” That is a conceptual claim about the relationship between security and privacy. The thought experiments above are intended to provide counterexamples.)
well its too late now. But what i’m suggesting is what you could have done. If u didnt want to download the telegram app on your phone, you could have downloaded it on an android vm. Anytime you sign up on browser, you could use the app on the vm to sign in instead of relying on a sms enabled phone.
Anyhow, there litereally isnt anything u can do about it now other than making a new tg account