search

RocketChat / Rocket.Chat

The communications platform that puts data protection first.
https://rocket.chat/
Other
40.65k stars 10.66k forks source link

e2e chats allow non-encrypted chats to be sent #15095

Open dswebbthg opened 5 years ago

dswebbthg commented 5 years ago

Description:

Encrypted channels allow users to send non-encrypted text

Steps to reproduce:

1) create an encrypted channel with only yourself as the user 2) send message via app that supports e2e, result = encrypted message 3) login via android app (which seemingly doesn't support e2e), send message in channel. message is sent unencrypted and can be seen on the thick client

Expected behavior:

disallow sending of non-encrypted messages on encrypted channels

Actual behavior:

allows sending of non-encrypted messages

Server Setup Information:

Additional context

Relevant logs:

reetp commented 5 years ago

Android app does not currently support encryption. It is on the roadmap:

https://github.com/RocketChat/Rocket.Chat.Android/issues/566

However, I am not sure you should be able to send a plain message in an encrypted channel.

dswebbthg commented 5 years ago

In my opinion encrypted chats shouldn't allow any non-encrypted messages, but it definitely does right now.

milton-rucks commented 8 months ago

Expected to be solved in 6.8