Basically I am looking for a messaging platform like signal or? but with anonymous signup, perfect forward secrecy, capable of video chat, sending photos the usual uses in today's life. But with a panic button. So that any party member could use said button to wipe all other members devices of any data instantly inside the messaging app. So if one member gets compromised, or lost their device ect, any other member could wipe all chats, call log, and any other data instantly for everyone involved. Disolving the group like it never existed rendering the data unrecoverable. Does something like this exist? Sorry if I'm not explaining it well. I am not trying to delete the whole device. Just the data inside the messaging app. If that does not exist. What about a separate app that could delete the entire messaging platform from the device when triggered. Assume all necessary requirements are met.
You can never guarantee that other client's data will be deleted. Assume that once your data gets sent, it can potentially be archived forever.
I understand your point of view. I share that philosophy to some degree. However nothing is a guarantee. But a high degree of certainty is achievable. But that doesn't answer my question. Is there a messaging platform with a panic button that deletes the chat log and call logs from all user involved which can be triggered from any member. Edit wording.
First things first, there is no app like you describe. You have to take my word for it. Let’s say a certain country’s law enforcement might be very interested in taking to me if it knew role in certain events.
I examined many messaging and chat platforms, and the closest to what you’re asking for are custom Telegram clients that go a longer way to ensure that TG’s local data gets deleted properly (by default it doesn’t, easy peasy to get data from the local DB, half cleansed chats from 6 months ago pop up in exports or even the UI, etc).”, has a built in double bottom for accounts, etc. An example of what I am talking about is here: https://github.com/wrwrabbit (check the repos yourself).
Secondly, you must understand that when the law enforcement seizes a phone, upon initial quick examination (sometimes using brutality to force you to unlock it), they will shut it down to ensure it is not connected to the Internet. And then criminalists will use a special black box device sold by an Israeli cybersec firm (its name always escapes me, but I think the product might be called Pegasus) to extract all data for offline analysis.
So thirdly, you must not rely on any app that conditionally removes data from a device. You must not entrust your well-being to it. Which leaves you basically the only choice: only ephemeral messaging capabilities which are available only when you are in the app, through the server over which you have full control.
Or your messaging sessions must take place only when you’re in a secure location. And even then you should have a “wipe all button” in case the police come after you unexpectedly.
Man just settle down that what you are asking for is not available on the market off the shelf.
It’s probably not an open discussion to talk about your actual scenarios.
I mean theoretically if you are hosting your own chat server, for example on Matrix, you can easily make all the chats unaccessible from the clients by issuing a command to shutdown your server or simply the chat service.
I think you can do this pretty easily with a raspberry pi by and connecting via ssh..
Just use a shell script that changes the static ip to something else after the command to shutdown the service/wipe out the data (depending on what your goal is) has been issued, or use a vpn or something like that if possible, because anyone issuing the command would need to know your server ip.
That way you are forced to give people your new ip every time chats become unaccessible/deleted and someone can't connect back even if wanting to without talking to you, unless you decide you can use the older ip for whatever reason.
Wouldn't chats be stored locally though? So even if the service was shutdown the app and its local contents would remain. Or does the service load chats after connecting to the home server, then your scenario plays correctly. Matrix doesn't offer ephemeral messaging which would be a stop gap in this case if stored locally. I'm not familiar with Matrix.
You can use matrix/element and if someone loses her phone, you can remove her from the room. The room will disappear from the other phone if it's connected to the internet
I've been interested in looking at matrix due to its decentralyzed nature, and self host capability. But as much as I love to self host certain things. Self hosting isn't always the shining example its portrayed as. That comes with its own security/privacy flaws. I will do some reading on matrix and learn about the features. Thanks for shedding some light on the actual topic at hand.
Edit for matrix info which can be found here for those wanting to learn more. -> https://matrix.org
You don't have to selfhost. You can use anyone's server. It's all e2e. The social graph may be visible. Selfhosting is easy. Look for an install with docker.
Will do thanks. I don't care about social graph being visible so long as there isn't identifiable info during sign up. I'd much rather self host as needed. But what if matrix was self hosted on a hostile network. Under VPN from both sides. Say matrix was running from a hotel WiFi. How would one secure the service.
I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. well said
you can also look into hosted services like EMS but I don't know if you have to provide identifiable info.
But what if matrix was self hosted on a hostile network.
it's all encrypted on the client -> e2e. even if it was http and no SSL
Say matrix was running from a hotel WiFi.
you have to provide a domain, I'm not sure how easy it would be to run it without and only locally on a LAN. IT's possible but the experience wont be good. you also can't federate. It's much easier to use a hosted server.
How would one secure the service.
the same way like you'd do it with a publicly exposed host.
BUT I think I'd go with p2p matrix before going the LAN route.
Here's a p2p matrix built https://drive.google.com/drive/mobile/folders/1uK_BcHGiAYHkN6OAA7P73obAquwShRg5
look into the matrix room for more info p2p:matrix.org.
