Does this exist?? Messaging platform with a panic button from any member.

Basically I am looking for a messaging platform like signal or? but with anonymous signup, perfect forward secrecy, capable of video chat, sending photos the usual uses in today’s life. But with a panic button. So that any party member could use said button to wipe all other members devices of any data instantly inside the messaging app. So if one member gets compromised, or lost their device, stolen device ect, any other member could wipe all chats, call log, and any other data strictly inside the messaging client instantly for everyone involved. Disolving the group like it never existed rendering the data unrecoverable. Amazons Wickr used to have most of these features but it is being discontinued December 2023 and who trusts amazon with their data. Does something like this exist? Sorry if I’m not explaining it well I’ll do my best to clarify and update this post. I am not trying to delete the whole device. Just the data inside the messaging app. If that does not exist. What about a separate app that could delete the entire messaging platform from the device when triggered. Assume all necessary requirements are met and this is for daily use. Between a group of trusted parties.

Updated wording to clarify the objective as replies where getting misunderstood.

dontblink, (edited )
@dontblink@feddit.it avatar

I mean theoretically if you are hosting your own chat server, for example on Matrix, you can easily make all the chats unaccessible from the clients by issuing a command to shutdown your server or simply the chat server service if there’s no content cached locally.

I think you can do this pretty easily with a raspberry pi by connecting via ssh…

Just use a shell script that changes the static ip to something else after the command to shutdown the service/wipe out the data (depending on what your goal is) has been issued, or use a vpn or something like that if possible, because anyone issuing the command would need to know your server ip.

And issuing a command by ssh to a remote server both from smartphone or pc should be as easy that you can actually build a very small app for that, or use some app that creates shortcuts that directly connects and issue custom commands.

That way you are forced to give people your new ip every time chats become unaccessible/deleted and someone can’t connect back even if wanting to without talking to you, unless you decide you can use the older ip for whatever reason.

Of course not using your real ip but using some service like a vpn or proxy (or tor?) would be much better here, but i don’t really know how.

That can give you full power on the chat history and create the said “panic button” for every client involved.

OhVenus_Baby,

Wouldn’t chats be stored locally though? So even if the service was shutdown the app and its local contents would remain. Or does the service load chats after connecting to the home server, then your scenario plays correctly. Matrix doesn’t offer ephemeral messaging which would be a stop gap in this case if stored locally. I’m not familiar with Matrix.

fred,

There’s no way to prevent someone from retaining data once they have it. The clients would have to voluntarily cooperate.

cyclohexane,

Are there matrix clients that do this? Only fetch messages from server when needed and not store locally?

dontblink,
@dontblink@feddit.it avatar

I guess probably, because Matrix is thought for private chatting, i guess someone else might have had this same idea, i think matrix is opensource so there must be some client that does this.

fred,

Even if there is, though, that would only affect you and the messages you read. If you sent it to others, they could still do what they wanted with it.

dontblink,
@dontblink@feddit.it avatar

Yeah sure, you have to trust your users

skullgiver, (edited )
@skullgiver@popplesburger.hilciferous.nl avatar

deleted_by_author

    •
    OhVenus_Baby,

    I hate relying on anything big corp for privacy. Thanks for the reply and I’ll keep this in mind. It seems so far matrix chat is the only e2e chat that can remove the conversation from an individuals device once their removed from a room. I will have to do deeper research into matrix to see it it fits my use cases. I’m just not sure how it stacks up against other big name chat platforms as far as security/privacy goes. I’ve heard of it before. Never deep dived into the data.

    skullgiver, (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    deleted_by_author

    •
    OhVenus_Baby,

    Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?

    RandoCalrandian,
    RandoCalrandian avatar

    Best I can suggest is keybase with an auto destroy message timer on conversations, so anything after a day or week is automatically wiped

    OhVenus_Baby,

    This is called ephemeral messaging. A good feature of many apps. But doesn’t serve the same purpose for which I am asking. Thanks for mentioning another option other than the usual messenger apps. This is the description for others copied from a basic browser search.

    Keybase is a key directory that maps social media identities to encryption keys (including, but not limited to PGP keys) in a publicly auditable manner. Additionally it offers an end-to-end encrypted chat and cloud storage system, called Keybase Chat and the Keybase Filesystem respectively.

    Website here for those interested in reading about it -> keybase.io

    LWD, (edited )

    deleted_by_author

    •
    RandoCalrandian,
    RandoCalrandian avatar

    This part about the zoom acquisition is true, but to date no sketchy things have been committed to the client repos, they’re open source

    Personally I think the acquisition was to disrupt development, not to hijack it. You’re right that dev work essentially stopped at that time, outside of security fixes.

    Also, it doesn’t track you, it allows you to post public proofs so you can choose to let the people you connect with verify your identify. It’s not mandatory.

    gribodyr,
    @gribodyr@lemmy.ml avatar

    First things first, there is no app like you describe. You have to take my word for it. Let’s say a certain country’s law enforcement might be very interested in taking to me if it knew role in certain events.

    I examined many messaging and chat platforms, and the closest to what you’re asking for are custom Telegram clients that go a longer way to ensure that TG’s local data gets deleted properly (by default it doesn’t, easy peasy to get data from the local DB, half cleansed chats from 6 months ago pop up in exports or even the UI, etc).”, has a built in double bottom for accounts, etc. An example of what I am talking about is here: github.com/wrwrabbit (check the repos yourself).

    Secondly, you must understand that when the law enforcement seizes a phone, upon initial quick examination (sometimes using brutality to force you to unlock it), they will shut it down to ensure it is not connected to the Internet. And then criminalists will use a special black box device sold by an Israeli cybersec firm (its name always escapes me, but I think the product might be called Pegasus) to extract all data for offline analysis.

    So thirdly, you must not rely on any app that conditionally removes data from a device. You must not entrust your well-being to it. Which leaves you basically the only choice: only ephemeral messaging capabilities which are available only when you are in the app, through the server over which you have full control.

    Or your messaging sessions must take place only when you’re in a secure location. And even then you should have a “wipe all button” in case the police come after you unexpectedly.

    OhVenus_Baby,

    deleted_by_author

    •
    gribodyr,
    @gribodyr@lemmy.ml avatar

    Man just settle down that what you are asking for is not available on the market off the shelf.

    It’s probably not an open discussion to talk about your actual scenarios.

    netchami,

    Using Signal with disappearing messages set to a really short time is probably the closest thing you can get. You can use a VOIP number from Cloaked behind a VPN to sign up anonymously.

    GravitySpoiled,

    You can use matrix/element and if someone loses her phone, you can remove her from the room. The room will disappear from the other phone if it’s connected to the internet

    OhVenus_Baby, (edited )

    I’ve been interested in looking at matrix due to its decentralyzed nature, and self host capability. But as much as I love to self host certain things. Self hosting isn’t always the shining example its portrayed as. That comes with its own security/privacy flaws. I will do some reading on matrix and learn about the features. Thanks for shedding some light on the actual topic at hand.

    Edit for matrix info which can be found here for those wanting to learn more. -> matrix.org

    GravitySpoiled,

    You don’t have to selfhost. You can use anyone’s server. It’s all e2e. The social graph may be visible. Selfhosting is easy. Look for an install with docker.

    OhVenus_Baby,

    Will do thanks. I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. I’d much rather self host as needed. But what if matrix was self hosted on a hostile network. Under VPN from both sides. Say matrix was running from a hotel WiFi. How would one secure the service.

    GravitySpoiled,

    I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. well said

    you can also look into hosted services like EMS but I don’t know if you have to provide identifiable info.

    But what if matrix was self hosted on a hostile network.

    it’s all encrypted on the client -> e2e. even if it was http and no SSL

    Say matrix was running from a hotel WiFi.

    you have to provide a domain, I’m not sure how easy it would be to run it without and only locally on a LAN. IT’s possible but the experience wont be good. you also can’t federate. It’s much easier to use a hosted server.

    How would one secure the service.

    the same way like you’d do it with a publicly exposed host.

    BUT I think I’d go with p2p matrix before going the LAN route.

    Here’s a p2p matrix built …google.com/…/1uK_BcHGiAYHkN6OAA7P73obAquwShRg5

    look into the matrix room for more info p2p:matrix.org.

    nutshell7827,

    Check out gitlab.com/Nulide/findmydevice But it will delete evrrything, I think.

    OhVenus_Baby,

    This is actually a really nice project. I will follow this to see how it works. However, this doesn’t follow the original scenario. Close but its only capable of factory resetting the device. Which is nice and useful under some situations. But it does not follow the original scenario. The only next best alternative is something like remote desktop. But that is very overkill and quite finnicky. Doesn’t solve the problem.

    tom42,
    @tom42@lemmy.world avatar

    Briar has that.

    OhVenus_Baby, (edited )

    Its my understanding through some quick reading briar doesn’t have a built in panic button. But briar can be configured inside ripple which is similar to what I am looking for. But ripple only triggered by the device user. I am looking for a panic button which can be triggered from outside the device. Brair is only for android as well. While I despise apple, everyone else is drinking the koolaid. When the owner doesn’t have their device, compromised, lost, stolen, ect the device user can’t possibly trigger ripple, its not designed that way. Ripple is very nice though. I’ve used it. But doesn’t fit for the use case I’m asking about.

    mojo,

    You can never guarantee that other client’s data will be deleted. Assume that once your data gets sent, it can potentially be archived forever.

    OhVenus_Baby, (edited )

    I understand your point of view. I share that philosophy to some degree. However nothing is a guarantee. But a high degree of certainty is achievable. But that doesn’t answer my question. Is there a messaging platform with a panic button that deletes the chat log and call logs from all user involved which can be triggered from any member.

    Edit wording and update. This got downvoted because of a misinterpretation of what I was saying when I said high degree of certainty. All I meant was this isn’t supposed to a fool proof blanket feature and the world doesn’t run on absolutes of course. For instance signal works with a high degree of certainty that youll be secure. I was conveying its highly probable this feature under correct parameters would function correctly. Simply a step in the chain of failsafes. None the less. Thanks for your replies.

    breadsmasher,
    @breadsmasher@lemmy.world avatar

    High degree of certainty

    I wouldn’t agree with that. Whats stopping the other user screenshotting it? Taking a photo with another device? Or even simply disconnecting from the network so the device can’t even receive the “kill switch command”?

    SendMePhotos,

    Doesn’t signal do that? I thought they had a wipe as messages are sent like snapchat where if you leave and go back, they’re gone

    Funkymatt,

    I think that’s per conversation so you have to remember to set it.

    OhVenus_Baby,

    It is per conversation but ephemeral messaging is not the same as a panic button. It does not serve the same function or purpose. Which doesn’t answer my question.

    otter,

    Note with Snapchat that, it just gets hidden

    You can find comments from people where old messages and images start popping back up because of bugs in the app. Snapchat is near the bottom of the barrel when it comes to privacy and security, despite the premise

    OhVenus_Baby,

    They have ephemeral messaging where one can set a timer to delete a message when it is read or from the time it was sent. But that isn’t always so easy to gauge with life. Often times a chat log is needed when people don’t check it often or right away. So the group must set a long timer like 24h ect ect. It’s customizable. But if a group members device gets lost or stolen ect. It is of no use. Signal by default stores all call logs in the app. Even if the ephemeral timer is short. Call logs require manual deletion and the group is still formed showing who was in that group but the chat will be empty. Edit was wording.

    BlastboomStrice,
    @BlastboomStrice@mander.xyz avatar

    Often times a chat log is needed when people don’t check it often or right away.

    I think the timer on each device starts from when the person who has the devices sees the message.

    So if you send the message and the timer is 5 minutes, the message on your account (on all of your devices) will be deleted in 5 minutes from now, while the recipient will first see the message (maybe in an hour) and then after 5 minutes it will be deleted from their devices too.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • ngwrru68w68
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • InstantRegret
  • Durango
  • Youngstown
  • everett
  • slotface
  • rosin
  • cubers
  • mdbf
  • kavyap
  • GTA5RPClips
  • JUstTest
  • cisconetworking
  • osvaldo12
  • ethstaker
  • Leos
  • khanakhh
  • normalnudes
  • tester
  • modclub
  • tacticalgear
  • megavids
  • provamag3
  • anitta
  • lostlight
  • All magazines
    •