Basically I am looking for a messaging platform like signal or? but with anonymous signup, perfect forward secrecy, capable of video chat, sending photos the usual uses in today’s life. But with a panic button. So that any party member could use said button to wipe all other members devices of any data instantly inside the messaging app. So if one member gets compromised, or lost their device, stolen device ect, any other member could wipe all chats, call log, and any other data strictly inside the messaging client instantly for everyone involved. Disolving the group like it never existed rendering the data unrecoverable. Amazons Wickr used to have most of these features but it is being discontinued December 2023 and who trusts amazon with their data. Does something like this exist? Sorry if I’m not explaining it well I’ll do my best to clarify and update this post. I am not trying to delete the whole device. Just the data inside the messaging app. If that does not exist. What about a separate app that could delete the entire messaging platform from the device when triggered. Assume all necessary requirements are met and this is for daily use. Between a group of trusted parties.

Updated wording to clarify the objective as replies where getting misunderstood.

  • OhVenus_Baby@lemmy.mlOP
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    11 months ago

    I hate relying on anything big corp for privacy. Thanks for the reply and I’ll keep this in mind. It seems so far matrix chat is the only e2e chat that can remove the conversation from an individuals device once their removed from a room. I will have to do deeper research into matrix to see it it fits my use cases. I’m just not sure how it stacks up against other big name chat platforms as far as security/privacy goes. I’ve heard of it before. Never deep dived into the data.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      arrow-up
      5
      ·
      11 months ago

      I would recommend reading up on Matrix if you’re going to use it in some kind of oppressive regime or whatever. E2EE works but compared to alternatives like Signal it sends a LOT of plaintext metadata.

      I believe there used to be alternative solutions for dealing with MDM and remote wipes, but I’m not sure if that’s still allowed with modern API protections. Prey used to offer a kill switch, but I don’t think they still do on mobile devices. Perhaps there are others, I’m not very familiar with these apps. They mostly target businesses and business owned devices, but perhaps you could look for something that still offers a data wipe feature.

      • OhVenus_Baby@lemmy.mlOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        11 months ago

        Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?

        • Skull giver@popplesburger.hilciferous.nl
          link
          fedilink
          arrow-up
          2
          ·
          11 months ago

          User account data is stored on the homeserver, yes, but the plaintext metadata that gets transmitted to every other server will allow an attacker to deduce what people are talking to what other people how often in what rooms, and in some cases it’ll also leak metadata like “this message is a reply to thst other message”.

          There’s no technical requirement for storing all data on the client device (in theory you could write a slow client that will download messages every time) but in most clients the messages get stored in a local database. E2EE search requires a local database that gets indexed on the client side.

          Restarting the server without old rooms will trigger failure states in clients. The rooms may be gone on the server but they will still be known on the client, and how the client deals with that isn’t reliably specified. The UI may or may not hide the rooms, but I have no idea if the underlying database is actually cleared when that happens. You wouldn’t want your entire account to get cleared our when the server admin mistypes the path to a key file during maintenance, so I’m guessing the data is kept for the same amount of time it takes for a server key to get invalidated (days).

          There have been prototypes of peer to peer Matrix setups, where every phone runs its own server, but those lack your panic button requirement.

          It’s not finished yet, but in terms of forensic protection and privacy perhaps something like Veilid Chat serves your needs better. It’ll work peer to peer over a network with Tor-like security.

          On Android you could also try finding apps that work with Ripple which is intended to be a panic button other apps can integrate with (though you’ll have to grab it from F-Droid because it hasn’t been updates for ages). Perhaps you can convince the Veilid devs or Matrix devs to integrate with Ripple? I don’t know how open they would be to your use case, you may need to write the code yourself.