Delta Chat

5 months ago

Delta Chat
5 months ago

Dear fans of messenger comparison sports,

How does it factor in that on #deltachat there are many apps that can be used in a chat without requiring a login or even a privacy policy ... And the apps all work like cryptpad but automatically and without requiring any server side hosting?

Editing documents and checklists and calendars are all safely end-to-end encrypted without a server and anyone can write new #webxdc apps permission free.

Which other cross-platform messenger offers this?

24 webxdc app logos from games editors and calendars to checklists

A default available list of apps https://webxdc.org/apps

Unknown parent

Delta Chat

Unknown parent 5 months ago

@ryanprior @risottobias not everybody is deep into security (e.g. the billions of users of WhatsApp or Telegram). We choose "app" and "app store" terminology because it's what people understand, and have an idea what they can do with it. We have gone through serious security scrutiny and efforts, some hundreds of hours. Dismissing this out-of-hand is your sovereign choice of course.

@DNA schedule

Unknown parent

DNA schedule

Unknown parent 5 months ago

@risottobias I'm nodding along with all this. Before I'd adopt Delta chat or any similar platform I'd have to understand how it disempowers bad actors and sloppy users.

in reply to DNA schedule

DNA schedule

in reply to DNA schedule 5 months ago

@risottobias apps and app stores have such a bad security track record that the original post in the thread, touting Delta's many apps, comes off as very cavalier about security. Then you put yourself in the position of having to backpedal, explaining how your apps are different and safe. Maybe true, I still need to read and educate myself; but counterintuitive at minimum!

Unknown parent

Delta Chat

Unknown parent 5 months ago

@risottobias @ryanprior

if you like to know about all the gory details of how we isolate apps from getting at any side channels, see this discussion which also includes a security audit by Cure53 delta.chat/en/2023-05-22-webxd…

And yes, it's maybe not perfect, but it's not just yet another web view that has arbitrary access. Also, even if an app manages to break isolation, it has no access to the social graph at all. See webxdc.org/docs/spec/selfAddr_… for what is exposed to apps from the messenger side.

Delta Chat: Bringing E2E privacy to the Web: 4th security audit 😅

Delta Chat’s “web apps shared in a chat” come with a unique privacy promise but in January it was shown to be compromised. We got into a surprising struggle with Web browser sandboxing issues that ...

^delta.chat

@DNA schedule

in reply to Delta Chat

DNA schedule

in reply to Delta Chat 5 months ago

@risottobias thank you, I will be reading these links. It seems like you strongly believe in your mitigations here, and if that's the case, I would brag about this relentlessly and mention it every time you mention availability of apps.

This entry was edited (5 months ago)

⇧

Delta Chat

Delta Chat 5 months ago • •

Delta Chat

DNA schedule

DNA schedule

Delta Chat

Delta Chat: Bringing E2E privacy to the Web: 4th security audit 😅

DNA schedule

Delta Chat
5 months ago