@Avitus@Linux sure signal is so far the best central messenger when it comes to handling privacy on potentially hostile infrastructure. However any seized phone can reveal phone numbers of group members. Collecting IP addresses are another attack vector. Cloudflare which serves encrypted blob files may be able to identify IP addresses of all signal group members who download an encrypted file. It's not data that the signal organization itself has access to but certainly an attack vector.
Some of you may have heart of #simplex which likes to elevate itself as "the first messenger without user-ids" ... a goal, similar to ours, of not letting the transport layer know about who talks. Only we are doing it in the email system, fully interoperable with tens of thousands of existing email servers and other #openpgp endpoints. The email system is much more than SMTP/IMAP or even openpgp btw ... there is plenty of room for radical shifts and new takes. We are just starting :)
1) Many people want end to end encryption by default and only. Signal has dropped SMS chats three years ago. Mixing cleartext and e2ee is problematic from a usable security pov
2) Several #chatmail operators in repressive situations/environments want to be sure their servers do not contain data that can hurt people. Strictly requiring end to end encryption helps.
3) We use IETF standardized protocols for interoperability and discuss with other MUA devs and help where we can.
#openpgp traditions and #signal both bind a cleartext identifier, phone number or email address, to a cryptographic key. It opens up attack vectors as the servers/orgs controlling this binding can interfere.
#deltachat avoids such cleartext identity bindings by creating random #chatmail addresses, as transport only. The cryptographic key becomes the identifier and we want it hidden from the transport layer. Only people being in end-to-end encrypted chat need to identify each other, after all.
@feld@daco just for background: managing devices is a recurring topic in discussions but it's not slated for implementation soon.
Fwiw current thinking is that devices facilitate a group key agreement and then cryptographically exclude a particular device by rotating to a new group key, and changing credentials likely and rotating the PGP key. Easier said than done but mainly just to note that delta does not have to use PGP for managing devices.
new security milestone reached: #chatmail relay servers are hardened to only transfer end-to-end encrypted e-mail with metadata minimization. No cleartext message can enter or leave the secure chatmail network anymore.
We now talk about "chatmail relays" rather than servers as they only ephemerally store messages until delivery. Dirt cheap to run.
We opened up our #rust "chatmail core" infrastructure library and set up an overview of the community driven ecosystem ...
Following popular request, here is a proper announcement about editing and deletion of messages available in app stores now. It briefly highlights how Delta Chat actually works contrary to how even some experts thinks it works :)
TL;DR Delta Chat is not a classic e-mail client. It uses special messages to co-ordinate encryption, metadata and group interactions and now edit/delete. Delta Chat implements a Peer-to-Peer messaging paradigm without any server state.
Bummer. Last week our OpenTechFund contract was not signed but suspended along with OTF itself. Shit happening overseas.
However, we wouldn't deliver resilient messaging infrastructure and apps if we weren't a resilient and fun community. We never had much money to begin with, and are graced with great pro-bono contributions.
We are now looking for other public funding but it takes time. Meanwhile it'd be great to get intermittent help via a wealthy donor or small tips https://delta.chat/en/donate
As big-tech corporates are now starting to snake-sell their exploitative products under the "sovereignty" label we'd like to clarify:
#sovereignty lies in controlling and being able to change communication infrastructure components and apps to your needs, without permission.
Renting a proprietary product running in a proprietary cloud even if some of the proprietary code runs on machines standing on EU ground ... is willfull subordination, not sovereignty. Duh.
@mattcen We beg to disagree a little :) The e-mail system is a very wondrous beast and we are untapping interesting new possibilities with our #chatmail efforts. As to sealed sender/receivers that's entirely possible. However, we prefer to make further arguments in released code when the time comes and stars align ;)
#Signal took a huge bet that running on US big-tech toxic infrastructure is fine because its groundbreaking and industry-shaping cryptography is crafted to neutralize it and keep users safe.
But is it really feasible to live on toxic infrastructure in the longer run?
#deltachat rather takes a bet on the massive e-mail server network and interoperable protocols, and on #chatmail servers which enforce message encryption and metadata-minimization.
@cehteh there is a marker for edited messages but no versioned history and no tombstone. The current UX was done after comparing with several other messengers. Current release is also the result of pragmatic implementation considerations and comes with the expectation that there will be refinements in later releases but based on real-world experiences rather than theoretic concerns (which we are aware of).
@rakoo@cehteh@lyyn the emacs-spacebar XKCD is great but maybe not entirely fitting here. We understand the concern of "the other side can remove a message on my device, and i don't like that" but it also needs to be squared with other concerns like "Damn, i sent this password/secret/photo and i really didn't want to do that, need to remove it quick". What matters a lot is that Delta Chat is designed for chatting among friends or at least non-enemies. And to test out things in real-worlds.
@arutaz at he upcoming openpgp summit in April post quantum cryptography will be a topic. ... See also https://datatracker.ietf.org/doc/draft-ietf-openpgp-pqc/ which is close to finalization ... So sooner or delta will grow support for pqc but it's, frankly, a bit overrated. There are many more immediate threats to care for like blocking and censorship attacks. Because what good is a service, however cool.cryptographically, if it can not be actually used?
There is no shortage of startups and enterprises animated by, or outright proclaiming, replacing e-mail as the de-facto open internet messaging standard. VC Investors are forever fascinated by funding such endeavours. #matrix#simplex#slack etc are examples.
#deltachat endorses e-mail but reconfigures and repurposes it to serve for interoperable instant messaging. The #chatmail server network relays end to end encrypted e-mail only, and servers are reduced to dumb store-and-forward relays.
@lionel@feld chatmail addresses are not like classic email accounts or any other regular platforms's accounts for that matter. A chatmail address by default keeps no data. There is no registration data other than the password. It's really just about taking control of an address. This is why we rarely talk about "accounts" because everyone is used to this being a heavy bag of collected data and state.
@matthieu@feld yes, many chatmail servers are not ddos protected likely. Some run in environments where ddos protection exists. Fwiw ddossing all email servers world wide is probably a daunting task and would bring most governments and institutions to a grinding halt.
We have stopped publishing about new chatmail server setups half a year ago btw and are to devise a decentralized way to distribute information about chatmail servers. We don't want to provide public block lists, basically.
@fabrice@feld#chatmail servers do not keep persistent logs, and only the end-devices have the readable messages of a conversation. Servers briefly see an end-to-end encrypted message but it gets removed after the app downloaded it.
Secure decentralized messaging for all major platforms and then some. Reliable and instant by using fast and secure Chatmail servers, but also compatible with classic e-mail providers. Offering chat-shared web apps for fun and collaboration, end-to-end encrypted and without any server side hosting. Security-Audited multiple times, last in 2024. #chatmail #FOSS #OpenPGP #deltachat #Internetfreedom #fedi22 #webxdc #p2p