search

oxen-io / session-desktop

Session Desktop - Onion routing based messenger
https://getsession.org
GNU General Public License v3.0
1.56k stars 196 forks source link

[Feature request] Local message editing (enable complete forgery) #2344

Open beantaco opened 2 years ago

beantaco commented 2 years ago

In development of Session Protocol, the Session team decided to drop cryptographic deniability (and forward secrecy), referring to it as effective in theory but not in practice.

As a mitigation against loss of cryptographic deniability, the Session team referred to creating a feature that would allow users to edit messages:

"Instead of designing a cryptographic protection, Session will add the ability to edit other users’ messages locally, thus providing a way to completely forge conversations. Since signatures are deleted after messages are received, there will be no way to prove whether a screenshot of a conversation is real or edited, diminishing the value of screenshots as evidence." (December 2020)

https://getsession.org/blog/session-protocol-technical-information

As a side benefit, users could edit out sensitive information from messages as needed without deleting messages entirely.

However, to my knowledge this edit feature has not been added.

KeeJef commented 2 years ago

Linked to #885 but different, we should look at doing both at the same time if possible