Skip to main content

mastodon - Link to source

Telegram is an extreme security risk for its users, its developers and operators, holding data and metadata for over a billion people on central servers!

Our decentralized zero-metadata messaging approach is diametrically opposed to such big-platform designs delta.chat/en/2026-03-31-zero

But there is more: #chatmail relays are zero-state: you can wipe the relay's disks, create a new fresh setup, and users just continue chatting. Operators have actually done this. An *actually* state-less server :)


Delta Chat: Zero metadata, group descriptions, native audio/video calls and much more!

With the latest 2.48+ releases, a chat message reveals close to zero metadata to servers. For cryptographers and messenger enthusiasts, here are the key points on how we turned email very close to ...
delta.chat
#chatmail
in reply to Delta Chat

Michael Vilain
mastodon - Link to source
Michael Vilain
Luckily the only thing I used Telegram for was to send me a link to download F-Droid.
in reply to Delta Chat

Bjornsdottirs
gotosocial - Link to source
Bjornsdottirs
wouldn't that be state-optional technically?
in reply to Bjornsdottirs

Delta Chat
mastodon - Link to source
Delta Chat
@bjornsdottirs maybe! or "ephemeral-state-only" or "automatic state-loss recoverability"? When we get to do a full architecture/security doc, we will need to refine terminology , for sure.
@bjornsdottirs
in reply to Bjornsdottirs

Nova Rivera
mastodon - Link to source
Nova Rivera
@bjornsdottirs delta.chat/en/ they use PGP over email which is well known to leak metadata like a mother trucker. Bad actors can use a modified DeltaChat client to ignore all the client side safety mechanisms, if the email server is compromised so is your metadata.

Delta Chat: Delta Chat, decentralized secure messenger

Delta Chat is a decentralized and secure messenger app 💬 Reliable instant messaging with multi-profile and multi-device support ⚡️ Sign up to secure and interoperable chatmail relays 🥳 Interactive ...
delta.chat
@Bjornsdottirs
in reply to Nova Rivera

Bjornsdottirs
gotosocial - Link to source
Bjornsdottirs
That assumes that Received: headers on a compliant Delta relay include IPs.
in reply to Bjornsdottirs

Bjornsdottirs
gotosocial - Link to source
Bjornsdottirs
Of course there is other metadata, but I think you're fearmongering - most people avoid putting sensitive details on the envelope if they are using encrypted email.
in reply to Bjornsdottirs

Nova Rivera
mastodon - Link to source
Nova Rivera
@bjornsdottirs I'm not fearmongering, they are. There is no mechanism for blocking noncompliant servers. I can run a malicious Delta Chat server. Sometimes the fact that two people are talking is the sensitive information. In some cases it leaks the emails of people involved.
@Bjornsdottirs
in reply to Nova Rivera

Delta Chat
mastodon - Link to source
Delta Chat
@novarivera @bjornsdottirs our first pinned post here goes to a detailed description of (no) metadata in messages, including openpgp handling. The way #chatmail and #deltachat works and handles encryption and metadata-minimization is quite different from how email clients of the last ten years did it.
#deltachat #chatmail @Bjornsdottirs @Nova Rivera
in reply to Delta Chat

Nova Rivera
mastodon - Link to source
Nova Rivera
@bjornsdottirs did you disable the feature of using normal email servers for deltachat?
@Bjornsdottirs
in reply to Nova Rivera

Delta Chat
mastodon - Link to source
Delta Chat
@novarivera @bjornsdottirs No, but it is discouraged. There are situations where you need to (or want to) use a classic mail address for relaying, even if it doesn't offer good metadata protection. It depends on the threat model of the people involved whether it is risky.
@Bjornsdottirs @Nova Rivera
in reply to Delta Chat

Nova Rivera
mastodon - Link to source
Nova Rivera
@bjornsdottirs what steps have you taken to mitigate the fact that OpenPGP accepts known weak encryption? I downloaded your Linux Client and it accepted an MD5 signed 3DES encrypted message.
@Bjornsdottirs
in reply to Delta Chat

coltn
mastodon - Link to source
coltn
amazing work! delta chat works incredibly well on my non-touch sonim X320. I really hope that keeping the chat client working with non-touch devices is seen as an accessibility feature. Since the latest release it actually fixed some of the issues I had without touch screen. I'll send a small donation, and I recommend delta chat to all of my friends.
in reply to Delta Chat

STP_KITT
mastodon - Link to source
STP_KITT
I used Delta Chat since it's invention, but I just deinstalled it, since I gave up hope for it to get an option to prevent others deleting messages on *my* devices!!! The other thing that prevented adoption at least for group chats is that there can't be firm admins for groups. There's great work in Delta Chat & it made huge progress over the years, but forcing remote message deletion & unlimited editing onto all users is an absolute no-go.
in reply to STP_KITT

Delta Chat
mastodon - Link to source
Delta Chat

@STP_KITT We actually also got a lot of people being thankful that they could remove messages they had sent to the wrong chat, sometimes with sensitive info. See also typing.com/br/articles/making-…

As to editing one's own messages, we didn't hear many complaints although in theory it could be problematic. Mostly it's used for typo-fixing and fixing some grammatical nonsense, or some inline web-link. #deltachat is meant for usage with somewhat trusted people, not unknown people who try to trick you.

Making Digital Mistakes

Exploring People's Most Memorable Communication Blunders
www.typing.com
#deltachat @STP_KITT
in reply to Delta Chat

Nils Bonfils
mastodon - Link to source
Nils Bonfils
the more I read about #deltachat the more I like it! Really happy to see so much progress.
Do you welcome contributions? I've been a bit annoyed by the unability to mute live location sharing notifications every minutes. Deltachat really is the only viable #FOSS option for live location sharing between Android and iOS that I could find, thank you so much for that!
#foss #deltachat