Unfortunately this is true. It’s too easy even for an intelligent user to accidentally send an unencrypted message, and there are a couple of different scenarios where this could happen.
I also have concerns. As I wrote here:
I completely agree. Ideally there would also be a switch to prevent anyone who scans your QR code from sending you an unencrypted message. I believe there is even a strong argument for making this the default setting. The current onboard process guides users to create an account on a chatmail server by default, and the chatmail server will reject attempts to send an unencrypted message. There is no valid use case where you want to send an unencrypted message to the server just for the server to reject your message. It makes more sense if the client never sends the unencrypted message to the server in the first place. Therefore having a “never send unencrypted messages” setting enabled by default is more consistent with the current default settings as well as more consistent with the app’s designation as a “secure messenger” and the expectations which that entails. More advanced users who choose a non-default server could easily change the setting for “never send unencrypted messages” if this is what they want.
Yes, but even with a chatmail server, the problem is that the encryption is currently forced at the server instead of at the client. Proper E2EE means no unencrypted messages should ever be leaving the client. If you are sending unencrypted messages to the server and just trusting the server not to store or forward your unencrypted message, that’s not E2EE!
Some people use Delta Chat only as a messenger and switch to a tradtional email client when they want to send and receive normal unencrypted emails. This is why Delta Chat has an option to only display chat messages and ignore/hide normal emails in the inbox. It is reasonable if these users expect their chats to be encrypted at all times, just like any other secure messaging app.
Unfortunately, as I described here, many people might reasonably but falsely assume that the connection is secure as soon as they scan a contact’s QR code, when in reality the connection is not secure until the contact sends their key and the secure join is completed. On a slow network connection, it can take several minutes until the secure join is completed, and if either person is offline at the time, it can take much longer, and Delta Chat will currently allow you to send unencrypted messages in the time between scanning a QR code and completing the secure join.