carlwheezerrSep 13, 2025
Delta Chat

What if a state tries to mandate us as #deltachat app devs/distributors to shut down a chat profile?

Nothing. It can't be done.

We have no list of chat identities, have no handle or data about them, and don't mediate the message transfer.

However, EU #Chatcontrol politicians and Russian authorities would want us to insert backdoors into our FOSS code. But that is nothing than can happen overnight, and we are fine with friendly forks already. Resilient private internet communication ftw :)

Sep 13, 2025 at 7:52amWeb
Show threadzaire arcanaSep 13, 2025
@delta you’re basically like signal but ran in good faith <3
Show threadDelta ChatSep 13, 2025
@soop we believe that signal is run in good faith and has excellent cryptography but it falls way short on resilience and federation. It would struggle to resist takedown requests from the US government. For more details see https://delta.chat/en/2025-08-04-encryption-v2#ps-the-chatmail-ecosystem-is-moving
Delta Chat: Delta Chat V2: a major security upgrade, beautified contact profiles, new email action and direct app access in chats

With Delta Chat Version 2, chats are end-to-end encrypted, always and by default. Previously it was possible that chats without green checkmarks could contain messages without end-to-end encryption...

Show threadAvocaSep 13, 2025

@delta @soop

I think "it would struggle to resist takedown requests" is a HUGE understatement.

In fact, I don't think they could refuse.

Given the current political climate, it's one of the main reason's I jumped-ship to Delta Chat and, to a lesser extent, Session.

Decentralisation holds the key to the future.

IMHO...

Show threadGabriel Sep 13, 2025
@avoca @delta @soop If the current US government tries to take down your Signal profile, or even worse, ban Signal, you know when to start the much needed coup d'état
Show threadzaire arcanaSep 13, 2025
@Gabriel @avoca @delta the best time is now, the next best time is 1 second from now
Show threadAAUFL3Sep 13, 2025
@delta do these governements contact you ?
Show threadDelta ChatSep 13, 2025
@mufle yes russia certainly did, see this press release https://merlinux.eu/press/2025-05-14-russia-deltachat.pdf and https://www.heise.de/news/Delta-Chat-in-Russland-vor-Gericht-Urteil-gegen-deutsches-Entwicklerteam-10435648.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege
Show threadAvocaSep 13, 2025

@delta

Right on ...

Show threadmaxmoon 🌱Sep 13, 2025

@delta So are there already backdoors or are you open for implementing them?

The last sentense of you is pretty sus.

Show threadDelta ChatSep 13, 2025
@utopify_org um, serious question? we are not open to implement backdoors. What would be the point of it all if we would implement back doors? How would we hide them among the contributors and security auditors, or.against just someone monitoring network traffic on their device? While "backdoor" is just a word it requires substantial work to realize one in our case and could hardly go undetected.
Show threadmaxmoon 🌱Sep 13, 2025
@delta good… good… 💪
Show threadNot a Spring OnionSep 13, 2025

@utopify_org @delta

I wonder if this could become an approach (in a dystopic future that hopefully never comes):

"In compliance with local laws, we were forced to add a backdoor into this source file over there, line 233-235.
As this is open source, people could obviously remove those lines before building..."

(I wonder if the Hackerparagraph also applies if the developer/company of the app points out how to 'hack' it.  )

Show threadAtiOct 4
@delta @utopify_org Hey there. Side topic but "same struggle" I'd say 😅️. I see some of us DeltaChat users migrating phones from degoogled AOSP based roms to mobile linux distros among recent aggresive Google policies. For me I'm on PostmarketOS now. DeltaChat desktop Linux app works here no problem and scales perfect. Thx👍️ One thing that could be improved is notifications. Is there a chance you could make Linux app notifications have "im.received" category? To make feedbackd deamon play a sound?
Show threadsaraSep 13, 2025
@delta You are awesome, thank you so much!
Show threadMausmaki 🇧🇷🇻🇪Sep 13, 2025
@delta yes, we all hope for the best. Unless governments decide to define "terrorism" as an act of not "cooperating" with governmental authorities... We need to stay alert!!!
Show threadWeraweltSep 13, 2025

@delta
#DeltaChat nutzt das Email-Protokoll kann von daher als Email-Anbieter verstanden werden, auch wenn man vom Layout her damit chatten kann.
Email-Anbieter sind keine Anbieter von digitalen Diensten:
"Laut OLG ist ein E-Mail-Anbieter schon kein Anbieter von digitalen Diensten im Sinn des § 21 TDDDG. Danach sei ein digitaler Dienst als ein Dienst im Sinne des Art. 1 Abs. 1 b) der Richtlinie (EU) 2015/1535 definiert, mithin als "elektronisch erbrachte Dienstleistung". Laut OLG folgt aber aus Art. 1 Abs. 3 der Richtlinie i.V.m. Art. 2 c) der RL 2002/21/EG klar, dass TK-Dienste keine digitalen Dienste im Sinn des § 21 TDDDG sind. "
https://rsw.beck.de/aktuell/daily/meldung/detail/e-mail-anbieter-muss-keine-auskunft-ueber-nutzerdaten-geben
Von daher muß ein Email-Anbieter keine Nutzerdaten ausliefern.

So sieht es für Deutschland/EU aus.

#Nutzerdaten #Datenschutz

E-Mail-Anbieter muss keine Auskunft über Nutzerdaten geben

Laut OLG München bietet ein E-Mail-Anbieter keinen digitalen Dienst an, er müsse daher keine Auskunft nach § 21 TDDDG geben. Der Plattformbetreiber konnte der Firma nur die E-Mail-Adressen geben.

Aktuell
Show threadJules EnriquezSep 14, 2025

@werawelt

Assuming that the English translation is correct, in summary:

@delta being based on email means that chatmail relays don’t have to provide user data, since email providers aren’t classified as digital service providers.

If this understanding is correct, then even with chat control Delta Chat has a loophole that will exempt it from the worst aspects?

Show threadDelta ChatSep 14, 2025
@w8l @werawelt the "Online Safety Bill" and the US american equivalent indeed make exceptions for e-mail. For the EU's chat control it's unclear. Werawelt was refering to a different legal happening that allowed an e-mail provider to not hand out user data to other private entities. State authorities can still get data as far as we understand.
Show threadWeraweltSep 14, 2025
@w8l
Ja, das ist richtig.
@delta
Show threadLinSep 13, 2025

@delta

Actually, they can, by just blocking nine.testrun.org, they can stop most new users.

Show threadDelta ChatSep 13, 2025
@linrui it depends. One and a half states currently try to block the default onboarding server and fail so far. Not sure what they are doing wrong? :) in any case, "Use other server / list chatmail relays" is just a click away during onboarding. To be sure, we are aware that more work is needed to obtain scalable fluid resilience than is currently available. See our earlier posts about multi-transport. https://chaos.social/@delta/115170821538800260
Delta Chat (@[email protected])

#deltachat is being used in virtually all world regions where one or more other messengers fail to work. We recently released a major milestone (V2 security hardening releases) that prepared the ground for chat profiles to have multiple #chatmail relays at once ... failure or blocking of a single relay would not disrupt chatting anymore. But multi transport also helps with the "centralization problem in decentralized systems" ... https://delta.chat/en/2025-06-04-surge-donations#funding-for-a-globally-scaled-chatmail-relay-network (Funding is looking good currently btw!)

chaos.social
Show threadLinSep 14, 2025

@delta

Consider a stateless message queue transport layer similar to simplex.chat, automatically using multiple temporarily generated email accounts to hop between multiple servers.

Webxdc is perfect, you have the potential to become a truly open WeChat/Telegram alternative, seize it.

Show thread𝙻𝙴𝚅𝙸  Sep 13, 2025
@delta the app gives a kinda scary warning when I'm about to share my profile link, "only share with people you trust", does this mean that the app isn't suited for use with random/unknown users? on Matrix I can share my handle or link to my profile and when I'm DM'ed by a stranger, it gives me the options to accept or deny that request, SimpleX has the ability to write profile BIOs, very handy feature to be able to tell if someone is a troll or bad faith actor.
Show threadDelta ChatSep 13, 2025
@levi right now there is no manual confirmation when someone joins via the invite link, hence the warning. Originally, these links were not meant to be distributed, see https://securejoin.delta.chat for background. We are currently discussing in the usable security team to change the protocols to better meet today's practises wrt to invite links. Will take some time. Fyi some like @wq publish invite links but use another second profile for actual private chatting. See their recent blog post also
SecureJoin: Protecting chat messaging against network adversaries — SecureJoin 0.20.0 documentation