Delta Chat
#openpgp traditions and #signal both bind a cleartext identifier, phone number or email address, to a cryptographic key. It opens up attack vectors as the servers/orgs controlling this binding can interfere.
#deltachat avoids such cleartext identity bindings by creating random #chatmail addresses, as transport only. The cryptographic key becomes the identifier and we want it hidden from the transport layer. Only people being in end-to-end encrypted chat need to identify each other, after all.
Haelwenn /элвэн/ :triskell:
Delta Chat
1) Many people want end to end encryption by default and only. Signal has dropped SMS chats three years ago. Mixing cleartext and e2ee is problematic from a usable security pov
2) Several #chatmail operators in repressive situations/environments want to be sure their servers do not contain data that can hurt people. Strictly requiring end to end encryption helps.
3) We use IETF standardized protocols for interoperability and discuss with other MUA devs and help where we can.
Blake Leonard
@delta You imply Chatmail is interoperable with non-Chatmail email. My understanding so far has been that Chatmail -- the newly-default mode of DeltaChat that runs on specially-configured servers -- breaks DeltaChat's core benefit of being able to communicate with anyone with an email address; this is due to Chatmail's mandatory encryption and novel key exchange protocol that isn't widely supported or used. OpenPGP and AutoCrypt do enjoy some support in niche MUAs, but most email users are on Gmail or Outlook¹ which don't support either. It may be possible to do this excruciatingly manually or with a specialized external tool (which doesn't exist), but for most people, this breaks the main reason anyone would choose DeltaChat over, say, XMPP+OMEMO.
¹ okay maybe Outlook does, if you configure it, maybe only if you're a paying enterprise user, and only OpenPGP and not AutoCrypt.
Delta Chat
Some of you may have heart of #simplex which likes to elevate itself as "the first messenger without user-ids" ... a goal, similar to ours, of not letting the transport layer know about who talks. Only we are doing it in the email system, fully interoperable with tens of thousands of existing email servers and other #openpgp endpoints. The email system is much more than SMTP/IMAP or even openpgp btw ... there is plenty of room for radical shifts and new takes. We are just starting :)
feld
GNU Too
feld
feld
Avitus
@Linux @delta Any significance of this is negated because Signal has very little data about users.
https://signal.org/bigbrother/
The cops have to provide a phone number, and in all cases Signal can only say "yes, this number was registered". They don't know the identity of the number owner, who they talk to, what they've said, where they're located etc. unlike WhatsApp, Telegram, Facebook Messenger etc.
Delta Chat
@Avitus @Linux sure signal is so far the best central messenger when it comes to handling privacy on potentially hostile infrastructure. However any seized phone can reveal phone numbers of group members. Collecting IP addresses are another attack vector. Cloudflare which serves encrypted blob files may be able to identify IP addresses of all signal group members who download an encrypted file. It's not data that the signal organization itself has access to but certainly an attack vector.
Linux Is Best
@delta@chaos.social You should also add that Signal's development, servers, foundation, and business are all in the United States, and all subject to US Jurisdiction.
#Signal
feld
Blake Leonard
@feld That's a pretty good point. There are some okay XMPP clients, and a lot of dated and shit ones (much like IRC!), but there is only one Chatmail client -- it's like Element is for Matrix, but with no alternatives!
DeltaChat is also a lot like Element in that it is or at least feels like a fragile web-wrapper. (To be fair though, I've only tried it on Linux, where it actually is an Electron app, and Android, where it mostly just feels like a dated demo app.)
feld
Blake Leonard
@feld Wrapping the Rust core library and getting it to work is a battle too. IPC/FFI is not for the faint of heart, and integrating with strongly-typed languages is another story. I do understand Chatmail is more or less a standard and not a concrete implementation, though DeltaChat does offer a standard distribution.
I have a DC fork ArcaneChat alongside vanilla DeltaChat. I'll definitely take a look at that list, though. I have ideas about bridging and a standalone watch client rolling around in my head, though I'm not sure I want to be held responsible for maintaining it...
Matthias
@blake @delta
"this breaks the main reason anyone would choose DeltaChat over, say, XMPP+OMEMO."
I think if people use xmpp and delta chat for a while, the reason why they keep on using delta chat is not email compatibility. People should just try out.
(I still keep on using xmpp next to delta chat because I think it can be useful to have more than one open protocol)
feld
Blake Leonard
@ulfi @delta Whether or how often you use a certain chat app depends on who you can talk to with it. For example, I wouldn't use WhatsApp if I didn't have a friend whose parents won't let them use anything else. And I would use Signal, DeltaChat, or Conversations/XMPP if someone I knew also used that app. (There are actually a couple people I know on Fedi I use Signal with from time to time.)
Now, assuming you and all your friends have both apps, which one you'd use then depends on how comfortable those are to use. For example, if your friends are in a group chat and group chats tend to break on one (cough cough XMPP), you'd pick the other one. If one is slow and drops messages, or is missing some important feature the other one has, such as anonymous¹ messages, chat apps, or formatting, you're going to use the other one. You're right that there is an edge towards DeltaChat on this one, though on occasion XMPP does still win (and Signal sits in the middle).
¹ XMPP MUCs have a semi-anonymous mode where the group's admin can see the members' real JIDs, but other members can't. Maybe you're a woman and you don't want men from your group chat sliding into your DMs. DeltaChat could possibly recreate this using the mailing-list pattern, but standard DeltaChat group chats can't support it.
Johnny Peligro
feld
Avitus
@Linux @delta @feld We went from talking about if Signal is safe to now talking about serving subpoenas to organizations other than Signal, and gaining physical access to devices. That in itself is a testament to how safe Signal is. Whether a subpoena is served to CloudFlare, or what a given person's threat model is, is irrelevant to what Signal itself does to protect its users.
Linux Is Best
@feld@friedcheese.us @delta@chaos.social @Avitus@ioc.exchange CloudFlare is also not secure in the way people imagine it to be. Many people use CloudFlare, thinking it will mask their server. It does not.
This provider here, will show you the real server of every site behind CloudFlare https://search.censys.io/
Avitus
@Linux @delta @feld "That you know of" doesn't apply when Signal reports the subpoenas they receive and their responses with the data they provide:
https://signal.org/bigbrother/
This is going in circles. No service is Fort Knox. You have to accept some level of risk whether that be the service itself going bad or some outside force prying sensitive information from the service.
Signal, as shown at the link I've now provided three times and has been totally ignored throughout this conversation, mitigates first and third-party risk by collecting as little data as possible so they don't have it to give.
feld
Linux Is Best
@Avitus@ioc.exchange @delta@chaos.social @feld@friedcheese.us That you know of. -- That is the point.
When in doubt, pick a provider outside US Jurisdiction.
feld
Delta Chat
@feld @blake the list of clients and bots is better curated at https://chatmail.at/clients
Delta Chat
@rohden as official as it gets, yes :)
rohden
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.