I get that WhatsApp is not a platform to use if you care about your privacy, but WTF is “Delta Chat” and why would I switch to it rather than say Signal?
I agree that Signal is nice, but I think the point here is that Delta Chat is decentralized
So is Matrix and it’s way more popular. But recommending anything other than Signal at this point is a waste. Fediverse chat is a more complex conversion for many who are still in the connect via phone number stage for chat. Fediverse is an easier story for other platforms.
Imo it’s already difficult enough to convince friends and family to use Signal. Delta Chat would be even more difficult to pull off.
How is it different? In my experience it’s easier as they’ve already heard of email.
The difference is signal has millions of users and most people have already maybe heard of it.
The other difference is that promoting more and more obscure, useless shit ruins your credibility for when you’re trying to get them to Lemmy or Signal or Mastodon.
Signal is an absolutely fine product and doesn’t need to be decentralized right now.
As I’ve understood, Delta chat is based on the IMAP protocol and uses the infrastructure of your email provider. Thus, it uses no own server infrastructure, but has the also the downsides of the protocol and some issues with many email providers.
Wikipedia.de - Delta Chat (no English version available yet)
some issues with many email providers
This turned out to be the deal-breaker for me. GMX kept locking me out of my account because of the DeltaChat messages. They’re (of course) full of cyphertext and to email providers this must look a look like spam.
The open-to-abuse nature of email claims yet another victim.
Because delta chat is using an open protocol (email) and you can run your own servers meaning it is decentralized unlike Signal. Also it is actually anonymous unlike Signal, so you don’t need to give anyone your phone number and people can’t find where you live just by knowing your username.
If you use your email, it’s anonymous but you have to use your email which is almost never anonymous and has your phone number. Also you sometimes have to “Create an app-specific password” that delta chat will use and gain full access to your email account, which is way worse than signal or any other application. And for some accounts, you have to use your real password, and maybe disable the spam protection.
Am I wrong somewhere or is that a really stupid idea?
If you struggle making a new email address, this is not for you.
Which applies to 99% of people making Delta Chat not a viable alternative to WhatsApp.
The Fediverse has the same problem that Linux, and Open Source in general, struggles with. The barriers to entry and network effects work against widespread adoption.
Until technology is packaged in a way that makes it dead simple and/or unavoidable, people won’t make the effort to move en masse.
Our words must be dead simple too.
‘Open source’ is a very ambiguous, confusing, phrase that makes it too easy for anti-libre software to scam.
Because delta chat is using an open protocol (email)
So not an instant messaging protocol but rather a technology that the whole world would do differently if they could go back in time?
Could you be more concrete? In what relevant way do you think it does not work as an instant messenger? Keep in mind that Delta Chat is not a theoretical thing and it works as well as any other messenger.
Regarding SMTP:
SMTP (Simple Mail Transfer Protocol) is a foundational technology for email, but it has some limitations. Here are some ways it could be improved:
- Security: SMTP was designed in a time of less pervasive security threats. It lacks built-in encryption and authentication mechanisms, making it vulnerable to eavesdropping, spoofing, and spam. While extensions like TLS/SSL and authentication methods exist, they are not universally implemented or enforced.
- Efficiency: SMTP is a “chatty” protocol, meaning it involves multiple back-and-forth exchanges between the client and server. This can lead to latency and increased resource consumption, especially for large emails or bulk sending.
- Deliverability: SMTP doesn’t have mechanisms to guarantee email delivery. Emails can get lost, delayed, or filtered as spam. While techniques like SPF, DKIM, and DMARC help, they are not foolproof.
- Features: SMTP is primarily designed for sending emails. It lacks features for managing email content, tracking delivery status, or handling complex email workflows. Possible Improvements:
- Mandatory Encryption: Enforcing TLS/SSL encryption for all SMTP connections would protect email content from interception.
- Stronger Authentication: Implementing more robust authentication mechanisms would prevent spoofing and ensure that emails originate from legitimate senders.
- Enhanced Deliverability: Developing mechanisms to track email delivery, provide feedback on delivery failures, and reduce spam filtering would improve deliverability.
- More Efficient Communication: Exploring alternative protocols or extensions that reduce the “chattiness” of SMTP could improve efficiency.
- Integration with other technologies: Integrating SMTP with other technologies like REST APIs or message queues could enable more complex email workflows and features.
It’s important to note that some of these improvements are already being addressed through extensions and best practices. However, there is still room for improvement in making SMTP a more secure, efficient, and reliable technology.
That said, it looks like Delta Chat doesn’t actually use SMTP, having scanned through the website. Though I’m honestly unsure either way as it was only a scan.Never mind:
Delta Chat doesn’t use its own proprietary protocol. Instead, it cleverly leverages the existing email infrastructure for message delivery. Here’s how it works:
- Core Protocol: IMAP/SMTP - Delta Chat primarily uses the standard Internet Message Access Protocol (IMAP) for receiving messages and Simple Mail Transfer Protocol (SMTP) for sending them. These are the same protocols your regular email client uses.
- Encryption: Autocrypt & OpenPGP - To ensure secure and private communication, Delta Chat implements end-to-end encryption using the Autocrypt standard and the OpenPGP standard. This means your messages are encrypted in such a way that only the intended recipient can decrypt and read them.
- Secure Key Exchange: SecureJoin - Delta Chat also utilizes the SecureJoin protocol for secure key exchange. This helps to prevent man-in-the-middle attacks and ensures that only authorized parties can establish secure communication. In essence, Delta Chat works by:
- Sending encrypted messages as emails: When you send a message in Delta Chat, it’s actually sent as an encrypted email to the recipient’s email address.
- Receiving encrypted messages as emails: Delta Chat constantly checks your email inbox for new encrypted emails that are meant for you.
- Decrypting and displaying messages: When a new encrypted email arrives, Delta Chat decrypts it and displays it to you in the chat interface. This approach has several advantages:
- Decentralization: No central server is required to store your messages, making it more resistant to censorship and single points of failure.
- Openness: It leverages existing email infrastructure, making it interoperable with any email provider.
- Security: End-to-end encryption ensures that your messages remain private and secure.
If you’re interested in learning more about the technical details, you can check out the cryptographic analysis of Delta Chat available on the Cryptology ePrint Archive: https://eprint.iacr.org/2024/918
I asked specifically for relevant issues and you just link general issues with smtp that have no impact on Delta Chat?
SMTP is not secure
Delta Chat sends encrypted messages over it so that’s irrelevant.
SMTP is not efficiency
Your phone can run LLMs, it can send a couple packets. Also this “chattyness” can be seen as an advantage as it is extremely robust and works on any network however inconsistent.
SMTP doesn’t have a way to ensure stuff is delivered
Yeah duh? It’s decentralized. You can’t ensure that the recipient doesn’t take down their server?…
Etc. I feel like I’m wasting my time replying to all these because it seems you didn’t even take the time to read them yourself.
As a heads up, the person you’re arguing with seems to be using an LLM to generate text.
I would down vote and move on. It’s not a real discussion.
Downvote for what? What part is wrong?
I’m resigned to friends and family being almost impossible to get off WhatsApp. Despite being Meta it is also quite difficult to enshittify. If they manage it, I might be able start a conversation but until then it has to stay.
For everything else Fediverse related I’m using Matrix as most Lemmy business happens there (Lemmy uses it for secure DMs so it makes sense). I will try and move people across from other chat platforms to Matrix on an ad hoc basis.
with these its more about whos using it
Matrix has bridges for every other chat service, so all your friends who refuse to switch don’t have to.
Did anyone tell the WhatsApp users?
Frankly it’s the first time I hear about Delta chat
SimpleX is the best alternative right now, email is a very bad protocol
@[email protected] currently I try to get my Employer to the fediverse. He would use TikTok to promote the profession with the help of trainees
You want them to shill to the fewer people here? That sounds bad for both sides.
there’s also session
unfortunately privacy and usability are inversely related. session is private. I loved it. but I had no one to chat with 😃
I had no idea if any of my contacts were on session or not.
Doesn’t delta use email under the hood, an insecure protocol?
You’re better off using something like Matrix, XMPP, SimpleX or Signal.
The protocol doesn’t really matter when you send encrypted messages over it like Delta Chat. Signal is not private nor decentralized and SimpleX doesn’t have encrypted group chats last time I tried
The protocol doesn’t really matter when you send encrypted messages over it like Delta Chat
Maybe. My comment was based off of what i understood from the website
Signal is not private
Could you elaborate on this? haven’t heard of this point (is it due to the jurisdiction on a 5 eyes country?)
SimpleX doesn’t have encrypted group chats last time I tried
It actually does now. It’s a very solid choice i’d say :)
You need a phone number to sign up which requires identification in most countries.
Also anyone who knows your username can ping where you are at any time: https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
You are confusing privacy with anonymity. You aren’t anonymous because your user is linked to a phone number, but your communications are private due to how their encryption works.
On the location attack: it is a matter of configuration and your location will be as ambiguous as thousands of miles.
Finessing the terms does not stop them demanding a phone number.
Never heard of DeltaChat why not signal??
Because Signal is not decentralized nor anonymous
