After reading Tor-related threads on this forum I want to test if my understanding is correct, can someone please tell me if the following is correct:
Delta Chat can be configured through the UI to be tunneled over Socks5, but this is still experimental and leaky
Using Delta Chat over a desktop VPN is potentially leaky
System-level approaches such as Tails and WhoNix will not leak anything, though nobody knows if multiple account isolation/compartmentalization is supported or not
Using Delta Chat through Orbot on Android or iOS will not leak anything, though nobody knows if multiple account isolation/compartmentalization is supported or not
Using Delta Chat through a non-Tor VPN on Android or iOS will not leak anything, though obviously there is no multiple account isolation/compartmentalization since this is only possible with Tor
We can expect better Tor integration in Delta Chat in the future but there is currently no timeline for this
Delta Chat core does not leak DNS when SOCKS5 is configured, but in the UI you enter the address before configuring SOCKS5. When you type in the address, DNS request for MX record is made bypassing SOCKS5.
Depends on VPN and operating system, everything is potentially leaky. It is a problem of VPN if it leaks DNS requests, Delta Chat just uses system DNS on desktop.
If you want to have stream isolation with Tor, you can configure IsolateSOCKSAuth (on by default) and use different SOCKS5 username:password pair for each account. Delta Chat supports SOCKS5 authentication, so this should be enough to separate streams.
This depends on the VPN application, VPN application can leak something to your local provider. Make sure to use trustworthy VPN or test it youself.
There are no plans to have Tor integration in Delta Chat other than SOCKS5 support.
as long as you don’t use the experimental map/location-streaming feature it should not leak. (also as link2xt said above first login/setup might also leak)
maybe for local network transfers, but should not if your vpn is for all apps
compartmentalisation of accounts is not really integrated, but you could
use different socks5 proxies for each account
disable syncing of all accounts in desktop and switch the network when you switch the account
same as for 3. would maybe be possible to build in into dc, but right now it is not implemented
even in tor that feature is relatively new, so not all implementations of tor already have it, I guess it needs application support, but I also don’t know exactly how this tor application compartmentalisation works.
yes no plans, but if someone is interested in bringing this forward we would be happy. also there is a work in progress rust implementation of tor which we could probably integrate into deltachat core in the future when it has enough features.
This can be improved in the future, but right now there is nobody actively caring for this.
Generally everything can be leaky also android and iOS are high value targets, so if someone is reading your messages they might as well already have remote full access to your phone. So you should use some special tor OS, but even then your hardware might be hackable and spy on you, so really depends who you want to hide from.