Auto renaming of contacts a risk?

Hi,

when a user renames his profile, also the his name automatically changes in the contact list of his contacts.

While at first this seemed to be nice, I now rather think this is an anti-feature because it may allow kinds of impersonification to some extend. This can be used for threads starting from jokes to scam.

In telephone number based messengers the ID usually is bound to the number, which also has a name in the phone’s address book. So the assignment is static.

In Deltachat you can do such things:

Joke: Children in the family rename their profile to their mother’s name and write stuff to their father.

Scam: In a company a bad acting coworker can rename it’s profile to the managers name and write stuff to human ressources or others.

As probably nobody knows the delta chat mail addresses or the public keys of his contacts, the only method of validation is the chat history, which also could be empty when disappearing messages are used.

Related:

I think we could protect against this by saving all metadata of a contact after initial scanning them, including their display name, bio and avatar in the override table and forcing to always display these overrides. When any of those change, a button with text to that effect in small print could be displayed next to their name everywhere.

Pressing this button would show a modal to review the before & after information, including the date of adding the contact and the most recent timestamp when the same metadata was broadcast by them and the first time said change was broadcast. The user would then be offered to either update each override table field based on the remote edits, ignore these edits for now or ignore all remote updates for this contact in the future.