Back

@chiraag @tortie @sbb @waeiski @Mer__edith This is not "the elephant in the room" and neither is deltachat a reasonable alternative. The metadata that delta leaves is *significant* and can be tied to an individual. That's why it is crucial to use a "trusted" mail provider, because delta doesn't use any of the advancements in cryptography of the last decade.

The data traces Signal leaves on AWS is not personal data, the metadata is minimal and they make efforts to reduce it further. AWS is still a problem, but one of Availability (what if Bezos cancels his contract with them?).

Please do not compare them based on where they store the data, if the amount and kind of data stored is very different.

@ljrk @chiraag @tortie @waeiski @Mer__edith I wish that the #EU would clarify its stance regarding #Signal: *is the AWS hosting problematic for them or not*? Let's assume *not OK* for a minute.

As to a Signal alternative, I *wish* I could recommend #XMPP over #Deltachat today. *AFAIK*, in XMPP, #OMEMO does perfect forward secrecy/double-ratcheting - but alas, the #iOS and #MacOS clients aren't the greatest at present. That lack of all common OS' having feature parity (very reliable notifications, Reactions, etc.) makes me hesitate in recommending XMPP for *everyone* today (but it's great for geeks).

Whereas Deltachat at least has usability parity for features across each OS it supports (which I feel users would highly expect *first*, before demanding a more modern encryption). Yes, autocrypt has no perfect forward secrecy, etc. and other metadata-related criticisms. But Deltachat is simple enough to learn, *allows servers to realistically be used in the desired country*, and works on all the common platforms. It's a decent choice for *today*, as a well-rounded choice (where tradeoffs must be made somewhere). And once the XMPP clients get better (in MacOS/iOS), I'll recommend XMPP as a goto *then*.

@sbb @ljrk @chiraag @tortie @waeiski @Mer__edith Can somebody please explain, which "other metadata-related criticisms" is related to delta chat?

@ulfi @sbb @ljrk @chiraag @tortie @waeiski @Mer__edith

The core difficulty for most federated messaging systems is that there's a lot of information available without breaking encryption. XMPP and email (DeltaChat is built on the same core as email) have this problem. There are basically two cases:

• You're using the same mail server as a bunch of other people.
• You're using a self-hosted or otherwise small mail server.

In the second case, simply seeing a connection to that mail server gives a good indication of who someone is talking to. A passive adversary can monitor connections to that server and, even without breaking TLS, let alone the end-to-end encryption, can see who is talking to you.

In the first case, whoever operates the server (e.g. Google for gmail) can see the sender of every incoming message and the receiver of every outgoing message. Even if there's end-to-end encryption for the messages, they can build a connection graph.

If you want to use it for, say, organising a union, it doesn't actually matter what the message content is, the metadata is enough for retaliation.

For XMPP/email, a lot of the privacy guarantees are as strong as the least trustworthy server in a communication. If one person is using gmail in a group thread, Google will still be able to learn the identities of everyone in that chat. Again, this doesn't depend on breaking encryption and even if there is 100% secure end-to-end encryption, they can still learn a lot from the metadata. And, because of the federation, I have to trust my server and your server if we want to talk.

Signal has other problems, but avoids these. They've built the system so that they don't know this metadata. When you send a message with the sealed sender feature (on by default), you connect as an unauthenticated users and deliver a message to a mailbox. The receiver connects later and grabs the message and decrypts it. The server doesn't have an automatic way of determining the sender's identity (though they probably can if they correlate IPs - using Signal over TOR can mitigate this) and so can't build this graph of the people who are communicating.

For most attacks, the metadata is at least as interesting as the message content.

Signal isn't above criticism. I've written other complaints about them in the past. The reason I recommend Signal is that all of the problems I have with Signal can be fixed with incremental changes, whereas the problems with XMPP and COI can be fixed only by completely redesigning the protocol from the ground up in a way that would break all existing clients and servers.

@david_chisnall @sbb @ljrk @chiraag @tortie @waeiski @Mer__edith This is basically the problem of centralized services, not of federated services. But you are right that federated services do not completely solve the problem. It is still there but much less severe.

@ulfi @david_chisnall @sbb @chiraag @tortie @waeiski @Mer__edith No, this is very much a problem with federated servers: They are just like many centralized servers. Feds only need to break into one of the many to get the data, and that's easy enough. Especially since mail servers are terrible to secure and store too much dangerous data. They just multiply the problem.

This is totally fine and good for resilient systems, like the Fediverse. But it's the opposite of what you want for secure IM. There you want a centralized anonymous rendezvous server – or direct P2P. Everything else is gonna bite you in the ass.

@ljrk @david_chisnall @sbb @chiraag @tortie @waeiski @Mer__edith
Signal know which device sends a message and which device receives a message. Moreover it can track traffic of all users. Feds do not need to access multiple servers (like in federated systems), they only need to access Signals servers to get this data of millions of users (perhaps they already did). Why is this secure?

But I agree that Delta Chat may not be the right choice for persons of very high risk (i am not sure). It is more a great every day messenger which gives people back the power over their communication.

@ulfi @ljrk @david_chisnall @chiraag @tortie @waeiski @Mer__edith It's a huge step up over *unencrypted* email, which I still have several of my contacts favoring. I would like to see that lowest common denominator pulled upwards, as it were - to *any* encryption, even DeltaChat's.
For example, I got doxxed badly lately when Google Forms "helpfully" emailed me my registration details for a day seminar (had age, email, phone number, etc). Aargh. That's the sort of sloppy security vomit that Deltachat/autocrypt could have improved.

@sbb @ulfi @david_chisnall @chiraag @tortie @waeiski @Mer__edith Wow, it's better than 60s/70s technology. If that's your measure for success...

@sbb @ulfi @david_chisnall @chiraag @tortie @waeiski @Mer__edith I think you mischaracterize me there. I'm very much pragmatic – I'm accepting the imperfectness of Signal, for a starter. I just don't see why we should settle for worse.