I have checked Threema whitepaper and my guess is that they add padding because they use stream cipher (XSalsa20), which preserves the size of the message. Delta Chat uses block cipher AES for symmetric encryption, so short messages are padded to the block size of 16 bytes. Threema specifically talk about the amount of data:
In order to thwart attempts to guess the content of short messages by looking at the amount of data, Threema adds a random amount of PKCS#7 padding to each message before end-to-end encryption.
with Opportunistic SSL/TLS (aka Explicit SSL/TLS), a client will run a STARTTLS command to upgrade a connection to an encrypted one. If a server is compatible and no errors occur, the secured TLS or SSL connection will be established. If anything fails in the process, a plain-text transmission will be established.
So you say DC does it not that way?
But why STARTTLS at all then?
What is the sense then of providing STARTTLS / AUTOMATIC ?
I read it that way:
First âto thwart attemptsâŚby looking at amount of dataâ
(for me: by checking outgoing message size)
And they write also ââŚpadding to each messageâŚâ
(for me therefore: give the content extra chars so the output message has different size)
Yet I could agree, as I have verified two messages with same content and the output is different.
But I still would padding extra chars, cause for that reason:
Screen reader, Keyboard Reader.
Even with that a hacker could not get the full content cause of the hidden added extra chars
for each message. So a hacker is still in the same trouble as before. He cannot guess the real content.
We support STARTTLS and try both STARTTLS and TLS in default automatic there for better compatibility: there are servers which only support STARTTLS, there are servers that only support TLS, and there are firewalls/blocks which sometimes block one but not the other.
Ok. Than I would at least make a comment for ths options in the connection dialog,
so its clear for everyone that in all cases TLS is used or the connection is aborted except if one chooses âOffâ intentional.
I will update the list and put this instead.
Thx.
A wish list for a so called âsecurityâ update (hopefully):.
1. at least an encrypted email account password, rather whole db (especially on desktop version)
2. a note in the connection dialog about the connection methods (see post directly above)
3. missing connection option authentication method âEncrypted passwordâ
(see maybe thunderbird connect options for other methods)
4. choosable install path (desktop version)
5. give password stars shown a fix length regardless of the real length of password
6. profile name âMy nameâ with hint text: â(if set this is transferred in the headers too)â
7. an âEmtpyâ-button to empty DeltaChat folder on the server manually (without any logic,
only and only for an existing DeltaChat folder, if it does not exists nothing happens)
8. padding each message content with hidden random data 9. make-veryfied-contact-more-visible
Feel free adding points to the list or with other questions/discussion regarding encryption/security/privacy.
I disagree, donât like any padding making message bigger in vain as already told it doesnât matter with algorithms used by delta, and I think you can block screen reading with the option to block screen shots on android? and I am not sure how adding extra padding would prevent hackers from taking the message that you first typed but sure, we could also add some random letters while you type to protect the input areaâŚ
it would be needed to warn people if they are unsafe with this option, but if they are safe no need to bother people that donât know what TLS is with: WARNING!!! you will be safe! plain text is not tried by default
I would also like this, it is so hidden it is not really useful, I think there will be some work in âprotected chatsâ soon and I hope this gets some love.
there was an option to manually trigger âdelete ALL emails in a folderâ, but some people complained that this option is too dangerous, and people could lost important emails, so it was removed, it can be useful in some cases, but in general with the new auto-delete options in my case I have not missed it.
if your are looking for a super secure app your friends probably donât need/will-use I can recommend Briar, it feels super secure, you have to manually type a password to open it, canât take screenshot(not even configurable), it connects over Tor, p2p, no email or phone number associated to you, can configure a âpanic buttonâ, can be used offline if you think Tor is also insecure , but for friends from WhatsApp/Telegram anything not using a phone number will be betterâŚ
Any protection which is possible is better than having it not is my opinion.
Adding some chars (wouldnt make a message that much bigger) was a thinking about and more or less committed by the Threema Whitepaper. The full content is protected in all cases. And there are more platforms than Android, not to say: Desktop
I have not thought about where to place a comment like this or if other words would fit better.
The idea behind is: (to) make it clear.
I am sure this would help to understand how it is done and what to choose.
[Not to forget: STARTTLS behave not as I have assumed or maybe one suppose]
But yes, it must be something so unexperienced users can work with such an info like this too.
So I probably would write it that way:
You have 4 options. You are safe with all three options except OFF. That means
on any connections problems try out first these three options as these options guarentee an encrypted connection (in all three cases TLS only) to your server.
Usually automatic works fine. If it still fails try OFF.
But be warned: password is send unencrypted (cleartext) over the net.
Most provider allow encryption. Ask maybe for help before trying OFF.
Clear, I would agree. And note: I have suggested only and only the default
âDeltaChatâ folder. If this folder does not exist - nothing happens.
Not changeable/configurable. Nothing else, otherwise it would be counterproductive
[you mentioned already complainments].
Guess what. I already had\have it installed.
And its brilliant for its purpose. Its all set. Thats what I want to say. Make the app in that way. Less options yet safe. You have todo nothing. No wrongdoing possible. Even an unexperienced user can do not wrong. I can really recommend it for its ease-of-use and security. But as said DeltaChat has its own purpose (and character). So lets move on with DeltaChat.
[ Initial List ]
An updated wish list for a so called âsecurityâ update (hopefully):.
1. at least an encrypted email account password, rather whole db (especially on desktop version)
2. a note in the connection dialog about the connection methods (see post above)
3. missing connection option authentication method âEncrypted passwordâ
(see maybe thunderbird connect options for other methods)
4. choosable install path (desktop version)
5. give password stars shown a fix length regardless of the real length of password
6. profile name âMy nameâ with hint text: â(if set this is transferred in the headers too)â
7. an âEmtpyâ-button to empty DeltaChat folder on the server manually (without any logic,
only and only for an existing DeltaChat folder, if it does not exists nothing happens)
8. padding each message content with hidden random data (posts start with) 9.make-veryfied-contact-more-visible
10. Backup Verification Test Tool (check that an export does not fail on import) 11.durable warning signs on changes (possible MITM) until new verification/approval
Feel free adding points to the list or with other questions/discussion regarding encryption/security/privacy.