Delete messages on the device of the chat partner

[chatonick]

May be you add such chat options as Telegram killer feature: self-destructing after specific time messages and chats and autodeleting messages on other side of the conversation after deleting on one side.

[r10s]

Some things are mixed here, so i try to clarify (please correct me if i'm wrong):

Chats and Secret chats

• Telegram differs between (1) transport-encrypted chats that are stored unencrypted/accessible on the Telegram-Server and (2) end-to-end-encrypted chats that are not stored on the Telegram-Server. Telegram calls the former "Chats" and the latter "Secret chats".
• Delta Chat does not make this difference: Chats are started as normal chats in the sense of Telegram - but, if possible, eg. when both clients are using Autocrypt, end-to-end-encryption is used automatically. This is called "opportunistic encryption". Telegram does not have this. So, the "normal Chat" may already have the features of Telegram's "Secret chat" - and more:
• Delta Chat also allows end-to-end-encrypted groups that are not possible at all by Telegram.
• Delta Chat's end-to-end-encrypted chats can be used in a multi-device-setup. This is not possible by Telegram

Verified chats

The current release of Delta Chat has a "Labs" feature (see advanced settings) that enables so called (3) Verified Chats or Verified Groups which add extra-security:

• Verified Chats chats are guaranteed to be always end-to-end-encrypted
• moreover, Verified Chats guarantee that all members are verified out-of-band, and that always verified keys are used for communication
• Telegram does not have this feature, nor most other Messengers i know
• see http://countermitm.readthedocs.io/en/latest/new.html for more details about this feature and for some screenshots

Self-destructing messages

Self-destructing messages and manual deletion of messages on both sides of the conversation:

In general, there is nothing that really prevents one of the users making a copy of the "self-destructing messages" or from messages that are deleted on "both sides of the conversation".

However, there may still be some use in them, eg. if both sides agree that they do not want to have a history accidentally, we already had an issue for this, #99 which i just reopened. Feel free to discuss this point there, and if your questions with respect to secret chats are answered, maybe you can close this issue.

[chatonick]

In general, there is nothing that really prevents one of the users making a copy of the "self-destructing messages" or from messages that are deleted on "both sides of the conversation".

No. It's not for protection from known contact, it's for protection when the contact device gets into the hands of others. In this case I can delete the entire history remotely. You can make a checkbox or option in the chat which will need to enable on both sides.

we already had an issue for this

Not only messages but also chats if I want to have some chats automatically deleted on my device after some time.

These features are positioned by Telegram as unique security. But you can easily implement them. Once you can already send the status of message reading then you can send any commands. Adding timers for chats and messages probably shouldn't be a problem either.

Also in Telegram there are Bot API and different bots that can remotely control one device through another by sending commands for example take pictures and voice recordings. But it's not safe as they work without end-to-end encryption. You can do all of these things are actually simple and secure. You can make DeltaChat not just a messenger but a whole secure ecosystem. It will be really unique security!

[r10s]

okay, things get clearer now :)

so, this issue is about (a) self-destructing messages as #99 and (b) the option to delete messages on the devices of your chat partner (related to #198)

it's for protection when the contact device gets into the hands of others. In this case I can delete the entire history remotely.

sounds reasonable, in a way. however, this won't work if the device is offline; possibly one of the first things an attacker would do. also this would introduces completely new attack vectors and possibly abuse.

maybe a device-password or device-encryption would be better here. maybe an additional delta-password.

[testbird]

"Verified chats"

Beware "verfied" may rather mean "someone has captured your QR that can be freely copied and abused" not "keys one-to-one confirmed through another channel" => https://github.com/deltachat/deltachat-core/issues/168

[r10s]

someone has captured your QR that can be freely copied and abused

but this cannot happen without you will notice it.

however, all this is subject to change, it's currently not even beta and we decided to make it static for simplicity while testing.

it's also an open question in the spec, see http://countermitm.readthedocs.io/en/latest/new.html#open-questions , and i think it would be better to discuss this there, see https://github.com/nextleap-project/countermitm/

[testbird]

Positive ACK.

[chatonick]

this issue is about

This issue is about many Telegram features )

possibly one of the first things an attacker would do

Maybe so but maybe not so :) In this case just be useful self-destructing messages.

also this would introduces completely new attack vectors and possibly abuse.

Chat partner must explicitly accept this option.

[r10s]

closing this for now here, of course, the discussion can go on in the new support forum at https://support.delta.chat