I have a question for the #DeltaChat crowd: What if someone has a quick access to one of my devices, let’s say I forget to lock my phone or laptop and an attacker adds their phone as a secondary device to my profile. Is there any mitigation possible? Could I realize it? Could I disable their access?
@lou_de_sel @delta @ArcaneChat
In Settings -> Advanced under the Server section, you have the multi-device option. Disable it to prevent syncing with your other devices. If you click on QR Code, you can select Reset QR Code from the menu. Then replace your relays by sending your new QR code/link to your contacts.hi, with the laptop it is easier to exploit, but in the case of phones it is not so easy: the pin/lock is asked when someone tries to add a second device or create a backup so they can’t just snap your profile there
besides that, to completely block access to certain apps, not only ArcaneChat/DeltaChat, android has a feature called “Private space” where you can protect with your lock/pin apps from being opened or even visible at all
in case it was in a laptop where it is much easier to steal since even if you could show an unavoidable warning about the profile transfer as discussed at https://support.delta.chat/t/dont-allow-to-delete-device-messages-chat-and-some-of-its-messages/4693 also the program data folder could be just copied, this is a problem of the low security of desktop systems, better never let anyone use your laptop in the same session as your personal session, you could have a guess session/user for such situations
if the worse happened and you suspect someone took your profile (which you would notice because some messages you didn’t read are not notified and appear as already read), there is no safe way out of it, since your identity lives in your pockets in your devices (the encryption identity) and not in a server, if someone gets it the only safe way out is to create a new profile and tell everyone to block the older contact and remove the old contact from all groups etc
@lou_de_sel highlight from previous answer about how to notice if someone took your profile (mainly if it is a non-professional spy but just some toxic partner):
you would notice because some messages you didn’t read are not notified and appear as already read
@lou_de_sel @delta @ArcaneChat
В #arcanechat не знайшов налаштувань безпеки де можна було б ввести умовний pin для блокування/розблокування самого застосунку.deleted by creator
@lou_de_sel @delta @ArcaneChat Good question! If you use a vpn which doesn’t allow LAN connections you could at least make it harder for them to add their device as second device.
Difficult to realize they have done this unless they start writing messages on your behalf and you can tell something was written that wasn’t you.
Simplest idea I would have for that would be to switch off multi-device mode, change the password and add trusted devices again
But if they had access to your device, why would they spend time on only Delta, instead of just installing a rootkit? My point being, it’s often said that if an attacker had physical access, the game is already lost
Your account is on the devices, not on the server. You can’t change your password (unless you’re using non-chatmail servers)
@lou_de_selMaybe I’m missing some detail on how DC works but you have to have an account in order to get your messages. Even in Arcane, which is aimed at being more non-technical-friendly, you can see your login and password in the “relays” settings
At this point it becomes technical jargon but “account” kinda implies storing settings, profile, and such. A relay address has none of this, it’s relay just a queue you have exclusive access to.
This setting allows you to modify the password to access the address on the relay, but you can’t change the password of the address on the relay
Hmm. So to invalidate all other accesses one would have to reach out to relay admin?
Since technically it’s an email server underneath, maybe that feature could be available via mail web ui if the relay had one?
I’m not part of the team, but that is counter to the philosophy of where chatmail relays are going, which is “no admin of mail accounts”. All administration must be doable on the device with no dependency on the server. It is important that the server can be offline, or just disappear with no warning, and that the user can still do everything.
Well, in that case administration of password change seems to not be doable on the device
@INeedMana yeah I know it’s a serious security breach but I’m not thinking about big time attacker but someone like a partner in a toxic or abusive relationship, or a treasonous friend.
Someone who you unknowingly trust but has not really the means to install a rootkit. Just open Delta chat, flash the QR code and put the phone back down.
Someone doing that with Signal/Molly or would eventually get caught or at least blocked next time I review my devices list. But that can’t happen with deltachat ?
