Basically I am looking for a messaging platform like signal or? but with anonymous signup, perfect forward secrecy, capable of video chat, sending photos the usual uses in today’s life. But with a panic button. So that any party member could use said button to wipe all other members devices of any data instantly inside the messaging app. So if one member gets compromised, or lost their device, stolen device ect, any other member could wipe all chats, call log, and any other data strictly inside the messaging client instantly for everyone involved. Disolving the group like it never existed rendering the data unrecoverable. Amazons Wickr used to have most of these features but it is being discontinued December 2023 and who trusts amazon with their data. Does something like this exist? Sorry if I’m not explaining it well I’ll do my best to clarify and update this post. I am not trying to delete the whole device. Just the data inside the messaging app. If that does not exist. What about a separate app that could delete the entire messaging platform from the device when triggered. Assume all necessary requirements are met and this is for daily use. Between a group of trusted parties.

Updated wording to clarify the objective as replies where getting misunderstood.

  • OhVenus_Baby@lemmy.mlOP
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?

    • User account data is stored on the homeserver, yes, but the plaintext metadata that gets transmitted to every other server will allow an attacker to deduce what people are talking to what other people how often in what rooms, and in some cases it’ll also leak metadata like “this message is a reply to thst other message”.

      There’s no technical requirement for storing all data on the client device (in theory you could write a slow client that will download messages every time) but in most clients the messages get stored in a local database. E2EE search requires a local database that gets indexed on the client side.

      Restarting the server without old rooms will trigger failure states in clients. The rooms may be gone on the server but they will still be known on the client, and how the client deals with that isn’t reliably specified. The UI may or may not hide the rooms, but I have no idea if the underlying database is actually cleared when that happens. You wouldn’t want your entire account to get cleared our when the server admin mistypes the path to a key file during maintenance, so I’m guessing the data is kept for the same amount of time it takes for a server key to get invalidated (days).

      There have been prototypes of peer to peer Matrix setups, where every phone runs its own server, but those lack your panic button requirement.

      It’s not finished yet, but in terms of forensic protection and privacy perhaps something like Veilid Chat serves your needs better. It’ll work peer to peer over a network with Tor-like security.

      On Android you could also try finding apps that work with Ripple which is intended to be a panic button other apps can integrate with (though you’ll have to grab it from F-Droid because it hasn’t been updates for ages). Perhaps you can convince the Veilid devs or Matrix devs to integrate with Ripple? I don’t know how open they would be to your use case, you may need to write the code yourself.