常见问题
现在还忙?您可以随时在应用程序中轻松阅读此帮助,即使在离线状态下。
- 什么是 Delta Chat?
- 群组
- 加密和安全
- 端到端加密使用了哪些标准 ?
- 我如何知道信息是否经过端到端加密?{#whene2e}
- How can I get guaranteed end-to-end encryption and green checkmarks?
- What does the green checkmark and “guaranteed end-to-end encryption” mean?
- A contact “sent a message from another device”, what can i do?
- Are attachments (pictures, files, audio etc.) end-to-end encrypted?
- Is OpenPGP secure?
- Did you consider using alternatives to OpenPGP for end-to-end -encryption?
- Is Delta Chat vulnerable to EFAIL?
- Is a message exposed in cleartext if end-to-end encryption is not available?
- How does Delta Chat protect metadata in messages?
- How to protect metadata and contacts when a device is seized?
- How can i check encryption information?
- How can I check the encryption status of messages?
- Why do I see unencrypted messages?
- How can i get an end-to-end encrypted chat with a Delta Chat contact who sometimes uses webmail or another non-Autocrypt e-mail app?
- How can I ensure message end-to-end encryption and deletion?
- Does Delta Chat support Perfect Forward Secrecy?
- Is end-to-end encryption of Delta Chat as safe as Signal?
- 我可以重复使用现有的私钥吗?
- 我无法将现有的 PGP 密钥导入 Delta Chat。
- Was Delta Chat independently audited for security vulnerabilities?
- 多客户端
- webxdc apps
- 实验性功能
- 杂项
- Delta Chat 需要哪些权限?
- Delta Chat 可用于 我的 电子邮件提供商吗?
- I want to manage my own e-mail server for Delta Chat. What do you recommend?
- 为什么我必须在 Delta Chat 中输入我的电子邮件密码? 这样安全吗?
- 使用电子邮件的 Delta Chat 真的是 即时 通讯工具吗?
- 哪些消息会在 Delta Chat 中出现?
- Delta Chat 支持 HTML 电子邮件吗?
- Can I set the E-Mail Subject with Delta Chat?
- “给自己发送副本”设置有什么用处?
- 为什么我可以选择监视“已发送”文件夹?
- 为什么我可以选择不监视 DeltaChat 文件夹?
- Delta Chat 与 Protonmail / Tutanota / Criptext 兼容吗?
- 如何删除我的账户?
- 我对技术细节很感兴趣。能告诉我更多吗?
- Delta Chat 的开发是如何被资助的?
什么是 Delta Chat?
Delta Chat 是一个新的聊天应用,它通过电子邮件发送消息,并在条件允许情况下使用 Autocrypt 对其进行加密。您不必在任何地方进行注册,在 Delta Chat 中使用您现有的电子邮件帐户即可。
如何找到可以聊天的人?
通过 Delta Chat,您可以发消息到每个现有的电子邮件地址——即使收件人没有使用 Delta Chat 应用。不需要像其他通信软件一样,要收件人安装和您一样的应用。
与其他通信软件相比,Delta Chat 有哪些优势?
- 独立 于任何公司或服务。您 拥有您的数据。
- 您的数据不会保存于中央服务器,除非所有用户都在使用同一个电子邮件服务器。
- 您不会将通讯录分发给任何人。
- 快速——使用 Push-IMAP。
- 最广泛的用户基础——也可以与 不 使用 Delta Chat 的收件人进行联系。
- 没有垃圾信息——默认情况下仅显示已知用户的消息。
- 端到端加密——通过 Autocrypt。
- 基于 著佐权 与 标准 的自由软件。
- 身份灵活,内置多账户支持。
如果希望收到我从未发送过消息的人的消息,该怎么办?
- 来自未知联系人的消息会作为请求出现。您需要在回复之前先接收他的请求。
- 如果现在不想和他聊天,您也可以“删除”请求。这只会在设备上而 不会 在服务器上删除这条消息。所以您仍可以使用其他电子邮件应用来处理它。
- 删除了请求后,来自同一联系人的后续消息仍会作为聊天请求出现,所以您有机会来改变主意。如果您真的不想收到那个人的消息,那么可以考虑 屏蔽 他。
Delta Chat 支持图像、视频和其他附件吗?
-
是的。除纯文本外,所有电子邮件附件均显示为单独的消息。发出消息会根据需要自动获得附件。
-
为了提高性能,默认情况下会对图像进行优化并以较小的尺寸发送,但您也可以将其作为 “文件 “发送,以保留原始图像。
如何添加账户或在多个账户之间切换?
Tap the profile image in the upper left corner to switch accounts. You will also find Add Account there.
您可能还想了解 如何为多个设备添加账户。
谁会看见我的个人资料图片?
-
您可以在设置中添加个人资料图片。如果您给您的联系人发消息或者通过二维码添加他们,他们会自动看到您的个人资料图片。
-
不使用 Delta Chat 的联系人不会看到个人资料图片(不过,他们可以安装 Delta Chat :)
-
出于隐私原因,在您向他们发送消息之前,没有人会看到您的个人资料照片。
-
您的个人资料图片并非随每条消息一起发送,但发送的频率足够高。因此即使您的联系人添加了新设备,也能够重新收到您的个人资料图片。
我可以为 Delta Chat 设置签名文本/状态/格言吗?
是的, 您可以在“设置 > 个人资料 > 签名文本”下执行此操作。 使用 Delta Chat 的联系人查看您的联系方式时将会看到它。 对其他所有人来说, 它将显示为在您所有消息文本下方的电子邮件签名。
固定、静音、归档是什么意思?
使用这些工具来管理您的聊天,让其井然有序:
-
已固定聊天会呆在聊天列表顶部。您可以利用其快速访问最喜欢的聊天或临时记下某些东西。
-
静音聊天,如果您不想再得到关于它们的通知。被静音的聊天会呆在原地,并且您可以固定被静音的聊天。
-
如果您不想再在聊天列表中看到聊天记录,请归档聊天。 已归档的聊天仍可在聊天列表上方或通过搜索访问。
-
当被归档的聊天接收到一条新消息,除非其被静音,它会从归档中弹出并返回聊天列表。 被静音的聊天会保持被归档的状态,除非您手动解档它们。
要归档或固定一个聊天,可以长按(Android)、使用聊天内部的菜单(Android/桌面版)或者左滑(iOS); 要静音一个聊天,可以使用聊天内部的菜单(Android/桌面版)或者通过聊天概要(iOS)。
绿色圆点代表什么?
- 自 Delta Chat 1.34 版起,您有时可以在联系人头像旁看到一个 “绿点”。 绿点。这意味着他们 “最近被看到”。
- 具体来说:这意味着在过去 10 分钟内,Delta Chat 看到过他们:
- 因为他们直接给你发了消息、
- 因为他们在你们都是成员的群组里写了什么、
- 因为他们向您发送了您所写信息的读取回执、
- 或者因为他们通过使用 webxdc 应用程序 向您的 Delta Chat 应用发送数据。
- 因此,这并不是实时在线状态 – 如果有人没有立即回复,即使他们看起来是在线的,也不要担心,给他们一些空间 ;-)
- 另一方面,别人也不会总是 “看到你在线”。如果您关闭了读取收据功能,他们就不会看到绿点,直到您给他们发消息或给他们所在的群组写信。
消息定时销毁是如何工作的?
您可以在聊天窗口右上角的聊天设置中通过选择 1 分钟到 5 周之间的时间跨度打开“消息定时销毁”。
Until the setting is turned off again, each chat member’s Delta Chat app takes care of deleting the messages after the selected time span. The time span begins when the receiver first sees the message in Delta Chat. The messages are deleted both in each email account on the server, and in the app itself.
Note that you can rely on disappearing messages only as long as you trust your chat partners; malicious chat partners can take photos, or otherwise save, copy or forward messages before deletion.
Apart from that, if one chat partner uninstalls Delta Chat, the messages will not get deleted from their email account. They will most likely also not be decryptable anymore (as long as they were encrypted in the first place).
群组
创建群组
- 从右上角的菜单中选择新建聊天,然后选择新建群组或在 Android/iOS 上点击相应的按钮。
- 在随后的屏幕上,选择群组成员并起一个群组名称。您也可以选择一个群组头像。
- 当您在群组中发送第一条消息时,所有成员都会被告知新群组的信息并可以在该群组中应答(只要您不在群组中发送第一条消息,那么群组对成员就是不可见的)。
添加成员到群组
- 每个群组成员均拥有与其他成员相同的权限。因此,每个人都可以删除成员或添加新成员。
- 要添加或删除成员,请在聊天中点击群组名称。
我不小心删除了我自己。
- 由于您不再是群组成员,您无法将自己加入到群组中。但是,问题不大,只需在普通聊天中请求其他群组成员将您重新加入即可。
我不想再收到某个群组中的消息了。
-
从成员列表中删除自己,或者删除整个聊天。如果您之后想再加入该群组,请让其他群组成员添加您。
-
另外,您也可以“静音”群组——这样做意味着您会收到所有消息并且仍可以编写消息,但不会再收到任何新消息的通知。
显示在发出消息旁边的对勾表示什么?
- 一个对勾表示消息已成功发送给您的服务提供商。
- 两个对勾表示至少一个接收者的设备对接收该消息进行了回报。
- 接收者或许会禁用已读回执,所以即使您只看见了一个对勾,消息也可能已被阅读。
- 反过来说,两个对勾也不一定表示某个人类已阅读或理解了该消息 ;)
打开“从服务器删除旧消息”后,会发生什么?
-
默认情况下,Delta Chat 会在本地设备上存储您的所有消息。如果您,例如,想要节省邮件提供商处的存储空间,那么可以选择开启自动删除旧消息。这些消息还将保存在您的设备上(除非您在设备上删除它们)。
-
To turn it on, go to Delete Old Messages → Delete Messages from Server in the “Chats and Media” settings. You can set a timeframe between “At once” and “After 1 year”. All e-mails received by Delta Chat will be deleted from the server after this timeframe.
-
注意:如果在多台设备上使用 Delta Chat,请将消息在服务器上保存足够长的时间,以便其他设备能够下载消息。在这种情况下,您应当根据其他设备的使用频率,将自动删除设置到“一天后”或相似的选项上。
打开“从设备删除旧消息”后,会发生什么?
- 若要节省设备上的存储空间,可以开启自动删除旧消息。
- 找到“聊天与媒体”设置中的“从设备删除旧消息”,在从“一小时后”到“一年后”的一系列选项中选择一个。这样,设备上 所有 比所选择时间长度老的消息将被删除。
加密和安全
端到端加密使用了哪些标准 ?
Autocrypt is used for automatically establishing end-to-end encryption with contacts and group chats. Autocrypt uses a limited and secure subset of the OpenPGP standard. End-to-End encrypted messages are marked with a padlock .
Secure-Join protocols are used for establishing chats with guaranteed end-to-end encryption which protects against network attacks and compromised servers. Chats marked with a green checkmark guarantee end-to-end encrypted messages.
我如何知道信息是否经过端到端加密?{#whene2e}
All end-to-end encrypted messages carry a padlock:
End-to-end encryption is guaranteed if there is a green checkmark next to the chat title:
How can I get guaranteed end-to-end encryption and green checkmarks?
Meet your chat partner outside Delta Chat, preferably in person but a second channel like a video chat or a different messenger is fine as well. Perform the following QR show/scan procedure with your chat partner. One of you is the “Inviter”, the other is the “Joiner”.
Inviter side:
-
Group invitation: Tap the chat group title to see its member list, and select “QR Invite code”. Share the QR image with the other side either in person or through a second channel.
-
Direct 1:1 chat invitation: Tap the QR Code icon on the Delta Chat app main screen. Share the QR image with the other side either in person or through a second channel.
Joiner side:
-
Tap the QR Code icon on the Delta Chat app main screen.
-
Choose “SCAN QR CODE” and scan the QR Code that you see from your chat partner in a second channel.
-
Tap “OK”
If the QR code scanning doesn’t work in your situation, you can also Share (or Copy to Clipboard) an equivalent invite link to the other person through a second channel.
Both Inviter and Joiner:
Wait while Secure-Join network messages are exchanged between both devices.
-
If both devices are online, both sides will eventually see a (group or direct) chat with a green checkmark next to the title.
-
If one of the devices is offline, the green checkmarks will only appear later when the device is internet-connected again and the Secure-Join network protocol completed.
Congratulations! You now will automatically use guaranteed end-to-end encryption with this contact and both of you can add each other to green-checkmarked groups , thereby automatically spreading guaranteed end-to-end encryption among its members.
What does the green checkmark and “guaranteed end-to-end encryption” mean?
Chat titles with green checkmarks mean that all messages in the chat will be end-to-end encrypted and can not be read or altered by compromised e-mail servers or Internet providers. Joining green-checkmarked group chats safely spreads everybody’s encryption information (and green checkmarks) in a manner that guarantees end-to-end encryption in the group and among members.
Contact profiles with green checkmarks mean that messaging a contact is currently guaranteed to be end-to-end encrypted. Every green-checkmarked contact either did a direct QR-scan with you or was introduced by a another green-checkmarked contact. Introductions happen automatically when adding members to groups. Whoever adds a contact to a green-checkmarked group becomes an introducer to those members who didn’t yet know about the added contact. In a contact profile you can tap on the “Introduced by …” text repeatedly until you get to the one with whom you directly did a QR-scan.
Note that in a contact profile you may see and tap introducers but there is no green checkmark in the profile title. This usually means that the contact “sent a message from another device”.
For more in-depth discussion of “guaranteed end-to-end encryption” please see Secure-Join protocols and specifically read about “Verified Groups”, the technical term of what is called here “green-checkmarked” or “guaranteed end-to-end encrypted” chats.
A contact “sent a message from another device”, what can i do?
Your chat with a contact lost guaranteed end-to-end encryption. The green checkmark was removed for this chat and contact when you see this warning. If you find the sudden drop of guaranteed end-to-end encryption surprising for this contact then don’t accept the warning! Instead check with your contact through a second channel like a video call, other messenger or a phone call, to find out what happened.
If your contact actually caused the drop of guaranteed end-to-end encryption please see the next paragraphs for common reasons and their mitigations. Regardless, all other green-checkmarked chats remain guaranteed end-to-end encrypted even if the contact is a member there.
Your contact is using Delta Chat on a second device (phone or laptop)
If they have another device with a Delta Chat app running, they should remove the account from the new device and add it as a second device as described here. As soon as they message you afterwards, the warning will be gone and guaranteed encryption is established with both devices of your contact.
Your contact reinstalled Delta Chat using their old account login
If they have a backup file, they should remove the account from the new device and rather import the backup file to re-create their account. As soon as they message you afterwards, the warning will be gone and guaranteed encryption is re-established for this contact.
If they don’t have a backup file, it’s best to perform a QR scan with your chat partner to re-establish guaranteed end-to-end encryption.
Your contact sent a mail through a webmail interface or another e-mail app and will get back to using Delta Chat soon again.
If you are sure that the contact sometimes uses webmail, or another mail app lacking end-to-end encryption, then you may accept the warning. As soon as your contact uses Delta Chat again, guaranteed end-to-end encryption will be automatically re-established.
Your contact stopped using Delta Chat entirely
Sometimes remaining in contact is more important than end-to-end encryption. “Transport Layer Encryption” (TLS) may still meaningfully protect the confidentiality of your messages between your device and the e-mail server. But without end-to-end encryption you and your contact are trusting your e-mail server to not read or manipulate your messages, and to not hand them to third parties.
In any case, you can not do much else than accept the warning. Please also remove the contact from any active green-checkmarked group which you can find in “Shared chats” in the Contact profile. This spares your contact from getting “unreadable” messages.
If the contact removed Delta Chat because of buggy or undesirable behaviour, please consider posting to our support forum to help us identify and address common problems. Thanks!
Are attachments (pictures, files, audio etc.) end-to-end encrypted?
Yes.
When we talk about an “end-to-end encrypted message” we always mean a whole message is encrypted, including all the attachments and attachment metadata such as filenames.
Is OpenPGP secure?
Yes, Delta Chat uses a secure subset of OpenPGP and only displays a padlock security indicator on a message if the whole message is properly encrypted and signed. For example, “Detached signatures” are not treated as secure.
OpenPGP is not insecure by itself. Most publically discussed OpenPGP security problems actually stem from bad usability or bad implementations of tools or apps (or both). It is particularly important to distinguish between OpenPGP, the IETF encryption standard, and GnuPG (GPG), a command line tool implementing OpenPGP. Many public critiques of OpenPGP actually discuss GnuPG which Delta Chat has never used. Delta Chat rather uses the OpenPGP Rust implementation rPGP, available as an independent “pgp” package, and security-audited in 2019.
We aim, along with other OpenPGP implementors, to further improve security characteristics by implementing the new IETF OpenPGP Crypto-Refresh which was thankfully adopted in summer 2023.
Did you consider using alternatives to OpenPGP for end-to-end -encryption?
Yes, we are following efforts like MLS or Saltpack but adopting them would mean breaking end-to-end encryption interoperability with all other e-mail apps that typically support OpenPGP encryption. So it would not be a light decision to take and there must be tangible improvements for users.
Delta Chat takes a holistic “usable security” approach and works with a wide range of activist groupings as well as renowned researchers such as TeamUSEC to improve actual user outcomes against security threats. The wire protocol and standard for establishing end-to-end encryption is only one part of “user outcomes”, see also our answers to device-seizure and message-metadata questions.
Is Delta Chat vulnerable to EFAIL?
No, Delta Chat never was vulnerable to EFAIL because its OpenPGP implementation rPGP uses Modification Detection Code when encrypting messages and returns an error if the Modification Detection Code is incorrect.
Delta Chat also never was vulnerable to the “Direct Exfiltration” EFAIL attack
because it only decrypts multipart/encrypted
messages
which contain exactly one encrypted and signed part,
as defined by the Autocrypt Level 1 specification.
Is a message exposed in cleartext if end-to-end encryption is not available?
Even if your messages are not guaranteed to be end-to-end encrypted, they are still protected from Internet providers like cell or cable companies. However, your and your recipient’s e-mail providers may read, analyze or even modify your messages, including any attachments, if they are not end-to-end encrypted.
Delta Chat by default uses strict TLS encryption which secures connections between your device and your e-mail provider. All of Delta Chat’s TLS-handling has been independently security audited. Moreover, the connection between your and the recipient’s e-mail provider will typically be transport-encrypted as well. If the involved e-mail servers support MTA-STS then transport encryption will be enforced between e-mail providers in which case Delta Chat communications will never be exposed in cleartext to the Internet even if the message was not end-to-end encrypted.
Note that maintaining guaranteed end-to-end encryption on top of TLS encryption provides pervasive safety between your and the recipient’s devices. Not even your e-mail or Internet provider will be able to read or modify your messages.
How does Delta Chat protect metadata in messages?
Delta Chat protects most message metadata by putting the following information into the end-to-end encrypted part of messages:
- Subject line
- Group avatar and name
- MDN (read receipt) requests (
Chat-Disposition-Notification-To
) - Disappearing message timer (
Ephemeral-Timer
) Chat-Group-Member-Removed
,Chat-Group-Member-Added
Secure-Join
header containing secure join commands- Notification about enabling location streaming
- WebRTC room URL
E-Mail servers do not get access to this protected metadata but they do see the message date as well as the message size, and, more importantly, the sender and receiver addresses. E-mail servers need receiver addresses to route and deliver messages to recipient’s devices.
How to protect metadata and contacts when a device is seized?
Both for protecting against metadata-collecting e-mail servers as well as against the threat of device seizure we recommend to use a Delta Chat optimized e-mail server instance to create pseudonymous temporary accounts through QR-code scans. Note that Delta Chat apps on all platforms support multiple accounts so you can easily use action-specific “1-week” or “1-month” accounts next to your “main” account with the knowledge that all temporary account data, along with all metadata, will be deleted. Moreover, if a device is seized then contacts using temporary e-mail accounts can not be identified easily, as compared to messengers which reveal phone numbers in chat groups which in turn are often associated with legal identities.
How can i check encryption information?
You may check the end-to-end encryption status manually in the “Encryption” dialog (user profile on Android/iOS or right-click a user’s chat-list item on desktop). Delta Chat shows two fingerprints there. If the same fingerprints appear on your own and your contact’s device, the connection is safe.
How can I check the encryption status of messages?
A little padlock in a message bubble denotes that the message was properly end-to-end encrypted from the given sender. If there is no padlock, the message was not properly end-to-end encrypted most likely because the sender uses an app or webmail interface without support for end-to-end–encryption.
Why do I see unencrypted messages?
If a contact uses a non-Autocrypt e-mail app, all messages involving this contact (in a group or 1:1 chat) will not be end-to-end encrypted, and thus not show a “padlock” with messages. Note that even if your contacts use Delta Chat on their account, they might also use a non-Autocrypt e-mail app on that account which then may cause intermittently unencrypted messages. Replying unencrypted to unencrypted messages is mandated by Autocrypt to prevent unreadable messages on the side of your contacts and their non-Autocrypt e-mail app.
How can i get an end-to-end encrypted chat with a Delta Chat contact who sometimes uses webmail or another non-Autocrypt e-mail app?
If you need a safely end-to-end encrypted chat with a contact who is using their account both with Delta Chat and non-Autocrypt apps (e.g. webmail), it’s best to setup guaranteed end-to-end encryption with them and then create a guaranteed end-to-end encrypted group chat with you two as members. In this group chat all messages will be end-to-end encrypted even if the direct chat between you two has a “… sent a message from another device” warning.
How can I ensure message end-to-end encryption and deletion?
The best way to ensure every message is end-to-end encrypted, and metadata deleted as quickly as possible is using chats with guaranteed end-to-end encryption and turning on disappearing messages.
Guaranteed end-to-end encrypted chats protect against MITM attacks and turning on disappearing messages deletes the messages on the server after a user-configured time.
If you don’t need a longer-lived copy of your messages on the server, you can also turn on “delete messages from server automatically”.
Does Delta Chat support Perfect Forward Secrecy?
No, Delta Chat doesn’t support Perfect Forward Secrecy (PFS). This means that if your Delta Chat private decryption key is leaked, and someone has collected your prior in-transit messages, they will be able to decrypt and read them using the leaked decryption key.
Note, however, that if anyone obtains to your decryption keys, they will typically also be able to obtain your messages, irrespective if Perfect Forward Secrecy is in place or not. The typical real-world situation for leaked decryption keys is device seizure which we discuss in our answer on metadata and device seizure.
It is possible that Delta Chat evolves to support Perfect Forward Secrecy, because OpenPGP is just a container for encrypted messages but encryption key management (and thus key rotation or key “ratcheting”) could be organized in flexible ways. See Seqouia’s PFS prototype for existing experiments in the OpenPGP implementor community.
Is end-to-end encryption of Delta Chat as safe as Signal?
It depends on what is important to you. Delta Chat does not support PFS like Signal does but it provides guaranteed end-to-end encrypted chats that are safe against compromised servers or corrupted networks. Signal and most other PFS-supporting messengers do not provide a practical scheme for protecting chat groups from network attacks which are arguably more worrysome than a potential attacker who seizes your phone and private encryption setup but somehow not your messages, yet has a full record of all past encrypted messages.
In any case, Delta Chat’s end-to-end encryption uses a secure subset of OpenPGP which has been independently security-audited.
我可以重复使用现有的私钥吗?
Yes. The best way is to send an Autocrypt Setup Message from the other e-mail client. Look for something like Start Autocrypt Setup Transfer in the settings of the other client and follow the instructions shown there.
Alternatively, you can import the key manually in “Settings -> Advanced settings -> Import secret keys”. Caution: Make sure the key is not protected by a password, or remove the password beforehand.
If you don’t have a key or don’t even know you would need one - don’t worry: Delta Chat generates keys as needed, you don’t have to hit a button for it.
我无法将现有的 PGP 密钥导入 Delta Chat。
最可能的原因是您的密钥被加密了和/或使用了密码。Delta Chat 不支持这样的密钥。您可以移除密码,之后再尝试导入。如果想保留密码,您 需要创建电子邮件别名来使用 Delta Chat ,这样 Delta Chat 的密钥是绑定到这个电子邮件别名上的
Another common error is having the wrong file ending.
Use the ASCII armored format and an .asc
file ending.
Delta Chat 支持常见的 OpenPGP 私钥格式。然而,不可能使每种来源的私钥都被完整支持。这不是 Delta Chat 的主要目标。实际上,大多数新用户在使用 Delta Chat 之前根本没有密钥。不过,我们确实在尝试支持尽可能多的私钥来源。
移除私钥密码的操作取决于您用于管理 PGP 密钥的软件。对于 Enigmail,您可以在密钥管理窗口中将密码设为空值。 对于 GnuPG,您可以通过命令行来进行设置。对于其他程序,您应该能在网上找到解决方案。
Was Delta Chat independently audited for security vulnerabilities?
The Delta Chat project underwent four independent security audits and one independent security analysis, from most recent to older:
-
2024 March, we received a deep security analysis from the Applied Cryptography research group at ETH Zuerich and addressed all raised issues. See our blog post about Hardening Guaranteed End-to-End encryption for more detailed information.
-
2023 April, we fixed security and privacy issues with the “web apps shared in a chat” feature, related to failures of sandboxing especially with Chromium. We subsequently got an independent security audit from Cure53 and all issues found were fixed in the 1.36 app series released in April 2023. See here for the full background story on end-to-end security in the web.
-
2023 March, Cure53 analyzed both the transport encryption of Delta Chat’s network connections and a reproducible mail server setup as recommended on this site. You can read more about the audit on our blog or read the full report here.
-
2020, Include Security analyzed Delta Chat’s Rust core, IMAP, SMTP, and TLS libraries. It did not find any critical or high-severity issues. The report raised a few medium-severity weaknesses - they are no threat to Delta Chat users on their own because they depend on the environment in which Delta Chat is used. For usability and compatibility reasons, we can not mitigate all of them and decided to provide security recommendations to threatened users. You can read the full report here.
-
2019, Include Security analyzed Delta Chat’s PGP and RSA libraries. It found no critical issues, but two high-severity issues that we subsequently fixed. It also revealed one medium-severity and some less severe issues, but there was no way to exploit these vulnerabilities in the Delta Chat implementation. Some of them we nevertheless fixed since the audit was concluded. You can read the full report here.
多客户端
我能同时在多个设备上使用 Delta Chat 吗?
Yes. Delta Chat 1.36 comes with a new, experimental function for using the same account on different devices:
-
Make sure both devices are on the same Wi-Fi or network
-
On the first device, go to Settings → Add Second Device, unlock the screen if needed and wait a moment until a QR code is shown
-
On the second device, install Delta Chat
-
On the second device, start Delta Chat, select Add as Second Device, and scan the QR code from the old device
-
Transfer should start after a few seconds and during transfer both devices will show the progress. Wait until it is finished on both devices.
In contrast to many other messengers, after successful transfer, both devices are completely independent. One device is not needed for the other to work.
故障排除
-
Double-check both devices are in the same Wi-Fi or network
-
On Windows, go to Control Panel / Network and Internet and make sure, Private Network is selected as “Network profile type” (after transfer, you can change back to the original value)
-
Your system might have a “personal firewall”, which is known to cause problems (especially on Windows). Disable the personal firewall for Delta Chat on both ends and try again
-
Guest Networks may not allow devices to communicate with each other. If possible, use a non-guest network.
-
Ensure there is enough storage on the destination device
-
If transfer started, make sure, the devices stay active and do not fall asleep. Do not exit Delta Chat. (we try hard to make the app work in background, but systems tend to kill apps, unfortunately)
-
Delta Chat is already logged in on the destination device? You can use multiple accounts per device, just add another account
-
If you still have problems or if you cannot scan a QR code try the manual transfer described below
Manual Transfer
This method is only recommended if “Add Second Device” as described above does not work.
- On the old device, go to “Settings -> Chats and media -> Export Backup”. Enter your screen unlock PIN, pattern, or password. Then you can click on “Start Backup”. This saves the backup file to your device. Now you have to transfer it to the other device somehow.
- On the new device, on the login screen, instead of logging into your email
account, choose “Import Backup”. After import, your conversations, encryption
keys, and media should be copied to the new device.
- If you use iOS: and you encounter difficulties, maybe this guide will help you.
- You are now synchronized, and can use both devices for sending and receiving end-to-end encrypted messages with your communication partners.
有推出 Delta Chat Web 客户端的计划吗?
- 目前没有计划,但有一些初步的想法。
- 有 2-3 种途径来实现 Delta Chat Web 客户端,但是它们都需要巨大的工作量。目前,我们专注于将稳定的版本作为本地应用程序发布到所有应用程序商店(Google Play/iOS/Windows/macOS/Linux 仓库)。
- 如果是因为不能在工作的电脑上安装软件而需要一个 Web 客户端,您可以使用便携版的 Windows 桌面客户端,或者在 Linux 上使用 AppImage 版。您可以在 get.delta.chat 找到它们。
webxdc apps
In Delta Chat, you can share webxdc apps, attachments with an .xdc
file
extension. They can do very different things, and make Delta Chat a truly
extendable messenger.
How private are webxdc apps?
- webxdc apps can not send data to the Internet, or download anything.
- A webxdc app can only exchange data within a Delta Chat chat, with its copies on the devices of your chat partners. Other than that, it’s completely isolated from the Internet.
- The privacy a webxdc app offers is the privacy of your chat - as long as you trust the people you chat with, you can trust the webxdc app as well.
- This also means: it can be a privacy risk to open webxdc apps in chats where you don’t trust the members - as you know it from e-mail attachments, where you only open attachments from senders you trust, and not from spammers.
Where can I get webxdc apps?
- In general, anyone can share webxdc apps with each other without restrictions.
- You can send ‘hi’ to xstore@testrun.org to see an experimental webxdc appstore. All of the apps are open source and for free.
- Many people write their own webxdc apps and post them to the Delta Chat forum.
How can I create my own webxdc apps?
- webxdc apps are just zip files containing html, css, and javascript code.
- You can extend the Hello World example app to get started.
- All else you need to know is written in the documentation.
- If you have question, you can ask others with experience in the Delta Chat Forum.
实验性功能
We are very grateful for feedback on these features - do you want to share your ideas? Join the Forum to contribute. You may conveniently login via Delta Chat and a QR code scan, another rather stable experiment we run on the side (sic!).
怎样在 Delta Chat 中使用音频/视频通话?
- To turn on audio/video calls, go to the “experimental features” section in the advanced settings and choose a “Video Chat Instance”.
- When you invite others to a video chat, it is opened in your browser/app at once. The others receive an e-mail with a link to the video chat. This way, it is also compatible if your chat partners don’t use Delta Chat.
- Note that there is no ring tone on the other side, and your chat partners will not get interrupted by a video chat invite.
- You can use any video chat service which allows joining by link. Just add the link in the settings.
- For example, to use the flagship Jitsi Meet instance, you could enter
https://meet.jit.si/$ROOM
. The$ROOM
variable will be a random value; this way, you will have a new random jitsi room every time you call someone.
什么是广播列表?怎样使用它们?
- 使用广播列表,您可以一次性将一条消息发送给多个接收者;当他们回复您时,回复会出现在您与他们的直接 1 对 1 聊天中。 接收者之间无法相互看到。
- 从技术上讲,它是密件抄送了许多收件人的电子邮件。
- 您可以在高级设置的“实验性功能”部分启用该功能。启用后,您便能在“新建聊天”对话框中新建广播列表了。
- 在使用多台设备的情况下,目前广播列表不会在它们之间同步。
- 发送到广播列表的消息不会被加密。加密会使接收者们知道还有谁收到了消息,进而破坏了匿名性(出于发送速率限制和网络消耗的原因,向每个人发送单独的邮件会更糟)。
如何与聊天伙伴分享位置?
- 您可以在高级设置的“实验性功能”部分打开位置流。
- 如果您想在聊天中分享位置,找到“附件”然后选择“位置”。现在,在 5 分钟到 6 小时之间,设置一个将您的位置传输给聊天伙伴的时间长度。
- 在您的位置发生变化时,聊天中的其他人可以在地图上看到它。
- 要看到地图和他人的位置,您需要在高级设置中打开该功能。
- 此功能不会与您的聊天伙伴以外的任何人分享您的位置。 但是:为了显示地图,我们需要从 mapbox.com 下载地图图块。所以,当您 查看 地图时, mapbox.com 会收到下载特定区域地图的请求。 如果这对您来说是隐私风险,那么这项功能可能不适合您。我们正在寻找 Mapbox 的去中心化替代品。
- 在桌面端,操作系统通常不能确定您的位置。不过您可以在地图上右键,然后描述一个位置;这个位置会作为一条消息发送到聊天中,同时也会出现在地图上。
实验性的数据库加密到底保护了什么?
- 目前,数据库加密仍处于高度试验性状态。不要依靠它来提供保护。如果操作系统提供了加密,您还应当使用它。
- 数据库加密目前只加密了数据库的行与列,没有加密二进制数据块。这多少意味着您的消息是安全的,但您的附件不是。
- 对于 iOS 和 Android,加密密钥存储在系统钥匙串中。这意味着加密安全性和所运行在的操作系统安全性一样。
- 由于没有标准方法在不同平台上存储加密密钥,Delta Chat 桌面客户端尚未提供数据库加密。
为什么我可以选择只监视 DeltaChat 文件夹?
这是提供给尝试服务器端规则的人的实验性设置。在使用某些电子邮件提供商时,您可以将所有带有”Chat-Version”头的邮件移入 DeltaChat 文件夹。并不是所有的提供商都支持此操作;通常情况下,这是由 Delta Chat 应用完成的。
启用“只从 DeltaChat 文件夹获取”是有意义的,仅当您同时完成了:
- 已经启用了将带有 Chat-Version 头的所有消息移入 DeltaChat 文件夹的服务器端规则;和
- 已将“显示传统电子邮件”设置为“不显示,仅聊天”。
在这种情况下,Delta Chat 不需要监视收件箱,只监视 DeltaChat 文件夹就足够了。
如何将我的账户迁移到一个不同的电子邮件地址?
-
Change your address in “Settings → Advanced → Password and Account” and enter the password of your new account (and if necessary, server settings). You will get an information notice about the fact that you are moving to a new address. An additional notice will also show up in your “Device messages” chat.
-
If possible, let your old e-mail provider forward all messages to your new address.
-
Tell your contacts that you changed your address. Writing to guaranteed end-to-end encrypted chats and groups, will make them notice your move automatically and they will continue chatting with you using your new address.
Note that Delta Chat will not retrieve messages anymore from your old e-mail provider. If you didn’t configure your e-mail provider to forward messages (step 2.) only those contacts to whom you sent a message in a guaranteed end-to-end encrypted chat will send messages to your new address.
To learn more about this the details behind this, read our blogpost on it.
杂项
Delta Chat 需要哪些权限?
根据使用的操作系统,系统可能会要求您向本应用授予权限。下面 Delta Chat 使用各类权限进行的操作:
- 相机(可被禁止)
- 拍照和录像:用于发送照片
- 联系人(可被禁止)
- 读取联系人:发现要与之聊天的联系人
- 位置(可被禁止)
- 访问大概位置(基于网络):用于位置流功能
- 访问精确位置(基于 GPS 和网络):用于位置流功能
- 麦克风(可被禁止)
- 录制音频:用于音频消息
- 存储(可被禁止)
- 修改或删除 SD 卡的内容:下载消息附件
- 读取 SD 卡的内容:与联系人分享文件
- 其他权限
- 更改音频设置:允许您选择通知和音频消息的铃声和音量
- 开机自启动:您不必手动启动 Delta Chat
- 控制振动:用于通知
- 查看网络连接:连接到您的电子邮件提供商
- 阻止手机进入休眠状态:您可以在 Autocrypt 设置消息中更轻松地复制安全代码
- 具有完全的网络访问权限:连接到您的电子邮件提供商
- 查看 Wi-Fi 连接:连接到您的电子邮件提供商
- 要求忽略电池优化:给希望一直接收消息的用户使用
Delta Chat 可用于 我的 电子邮件提供商吗?
- 有很大的可能性是:可以的 :) 不过,某些提供商需要一些特殊设置才能正常工作,请参阅提供商概览
I want to manage my own e-mail server for Delta Chat. What do you recommend?
- Most mail servers will work well. But what we personally recommend is a combination of mailcow and mailadm, as described in this blogpost.
- You can find an installation guide on our website.
为什么我必须在 Delta Chat 中输入我的电子邮件密码? 这样安全吗?
与其他电子邮件程序(比如 Thunderbird、K9-Mail 或 Outlook)一样,本程序需要您的密码来允许您通过它发送邮件。当然,密码仅储存在您的设备上,并只会在登录时发送给您的电子邮件提供商(无论如何,您的提供商总是能够访问您的邮件)。
如果您使用具有 OAuth2 支持的电子邮件提供商,例如 gmail.com 或 yandex.ru,则无需在设备上存储密码。在这种情况下,只有访问令牌被使用。
由于 Delta Chat 是开源的,要验证您的凭据是否被安全地处理了,可以检查源代码。我们很高兴能收到使本应用对我们的所有用户更加安全的反馈。
使用电子邮件的 Delta Chat 真的是 即时 通讯工具吗?
- 通常情况下,发送和接收消息会花费数秒。收发消息有时会花费更长时间;但是对于其他的通信软件来说,这也是真的。
- 在双方都积极使用本应用时,即时聊天反应迅速;而当应用运行在后台时,有时就会很慢。
- 由于 Android 与 iOS 经常阻止 Delta Chat 在后台运行、偶尔才会唤醒它,接收消息可能要花费数分钟。iOS 上的这种人为延迟通常比 Android 上的更糟糕。
- 另外,对于很多正常应用来说,Android 和 iOS 杀掉后台应用是一个问题。更多信息,请参阅 dontkillmyapp.com。
哪些消息会在 Delta Chat 中出现?
默认情况下, Delta Chat 会显示所有电子邮件。
At “Settings → Advanced → Show Classic E-Mails”, you can change this. You have these options:
- “不显示,仅聊天”:只显示由其他 Delta Chat 用户发送的消息和对您 Delta Chat 消息的回复。这在电子邮件地址同时用于处理普通邮件的情况下很有用。
- “全部”:Delta Chat 会显示发送到您电子邮件地址的所有邮件。用于您希望使用 Delta Chat 处理所有电子邮件的情况,这样就不会有消息被落下了。默认设置。
- “已接受的联系人”:Delta Chat 会显示已有聊天的联系人的所有电子邮件,而新聊天只会为 Delta Chat 消息弹出。可用于希望逐一决定是在 Delta Chat 中还是在“普通”电子邮件应用中对话的情况。
Delta Chat 支持 HTML 电子邮件吗?
是的,收到的 HTML 邮件会有一个 “显示完整消息 “按钮。 发出的邮件始终使用纯文本。
Can I set the E-Mail Subject with Delta Chat?
Delta Chat sets (and encrypts!) the classic e-mail subject automatically to the group name or to the sender name.
So if you want to set the subject yourself, for example for a formal e-mail to a business contact, you can create a group with only yourself and the recipient(s). Set the Chat Title to the Subject you want, and then send your e-mail as the first message. If the recipients don’t use Delta Chat, it will look like a normal, formal e-mail to them. You will get bonus professionalism points if you set a signature text.
“给自己发送副本”设置有什么用处?
向自己发送消息的副本可以确保您在所有设备上收到自己的消息。如果您在使用多台设备时没有打开此设置,那么您将只能看到其他人发过来的消息和您从当前设备发出的消息。
副本会被发送到收件箱,然后会被移动到 DeltaChat 文件夹;它不会被放到“已发送”文件夹里。Delta Chat 从不 将东西上传到已发送文件夹,因为这意味着上传一条消息两次(一次通过 SMTP,一次通过 IMAP 到已发送文件夹)。
The default setting for “Send Copy to Self” is “on”.
为什么我可以选择监视“已发送”文件夹?
监视已发送文件夹的唯一原因是:您在同时使用其他的邮件应用程序(比如 Thunderbird),并且想让邮件分发代理参与聊天对话。
不过,我们推荐使用 Delta Chat 桌面客户端;您可以在 get.delta.chat 下载它。监视“已发送”文件夹的选项是在还没有 Delta Chat 桌面客户端的时候引入的,这个选项可能会在未来消失。
为什么我可以选择不监视 DeltaChat 文件夹?
有些人将 Delta Chat 用作常规电子邮件客户端并希望将收件箱文件夹用于其邮件,而不是使用 DeltaChat 文件夹。如果禁用了“监视 DeltaChat 文件夹”,则还应该禁用“将聊天消息移动到 DeltaChat”。否则,删除消息或多设备设置可能无法正常工作。
Delta Chat 与 Protonmail / Tutanota / Criptext 兼容吗?
- Yes and No.
- No, you can not use your Protonmail, Tutanota, or Criptext account with Delta Chat; they do not offer receiving mails via IMAP.
- In any case you can use Delta Chat to send Messages to people who use Protonmail, Tutanota, or Criptext. Those messages will not be end-to-end encrypted, though. The end-to-end encryption those providers offer is not compatible with Autocrypt, the standard Delta Chat uses.
- Delta Chat can end-to-end-encrypt through any e-mail provider with any Autocrypt-enabled e-mail app.
如何删除我的账户?
As you use an e-mail account for Delta Chat, how you can delete your account depends on your e-mail provider. We don’t have any control over your e-mail account, so unfortunately we can’t help you with that.
If you want to keep the account, but uninstall Delta Chat, it is recommended to leave any group chat before uninstalling Delta Chat.
我对技术细节很感兴趣。能告诉我更多吗?
- 请参阅 Delta Chat 中使用的标准。
Delta Chat 的开发是如何被资助的?
Delta Chat 没有接受风险投资,也没有负债累累,更没有承受产生巨额利润或将用户及其朋友和家人卖给广告商(或更糟)的压力。我们宁愿使用(目前来自欧盟和美国的)公共资金,来帮助我们努力建立一个基于自由开源社区开发的、去中心化的、多样化的聊天消息(软件)生态系统。
具体来说,到目前为止,对 Delta Chat 开发的资助有这些来源:
-
The NEXTLEAP EU project funded the research and implementation of verified groups and setup contact protocols in 2017 and 2018 and also helped to integrate end-to-end Encryption through Autocrypt.
-
在开放技术基金 2018/2019 年提供的第一笔赠款(约 20 万美元)期间,我们显著改善了安卓应用,发布了第一个桌面测试版,并根据人权方面的用户体验研究进行了功能开发,请参阅我们的结论《需求发现与用户体验报告》。2019/2020 年的第二笔赠款(约 30 万美元)对发布 Delta/iOS 版本,将核心库转换到 Rust ,以及为所有平台开发新功能提供了帮助。
-
The NLnet foundation granted in 2019/2020 EUR 46K for completing Rust/Python bindings and instigating a Chat-bot eco-system.
-
在 2021 年,我们从两项下一代互联网提案收到了欧盟的进一步资助,即 EPPD - 电子邮件提供商可移植性目录(约 9.7 万欧元)和 AEAP - 电子邮件地址移植(约 9 万欧元)。这带来了更好的多账户支持,改进的二维码联系人和群组设置,和所有平台上的多处网络改进。
-
From End 2021 till March 2023 we received Internet Freedom funding (500K USD) from the U.S. Bureau of Democracy, Human Rights and Labor (DRL). This funding supported our long-running goals to make Delta Chat more usable and compatible with a wide range of e-mail servers world-wide, and more resilient and secure in places often affected by internet censorship and shutdowns.
-
Beginning 2023 we got accepted in the Next Generation Internet (NGI) Entrust program for our “Private Decentralized Apps” proposals. Exact amount is to be determined (around 100K EUR). This funding supports further developments of webxdc “apps shared in a chat”.
-
Sometimes we receive one-time donations from private individuals. For example, in 2021 a generous individual bank-wired us 4K EUR with the subject “keep up the good developments!”. 💜 We use such money to fund development gatherings or to care for ad-hoc expenses that can not easily be predicted for, or reimbursed from, public funding grants. Receiving more donations also helps us to become more independent and long-term viable as a contributor community.
-
最后但并非最不重要的是,数位专家与热心人在没有收到或仅收到少量金钱的情况下为 Delta Chat 的开发做出了贡献。没有他们,Delta Chat 不会发展到、甚至无法接近目前的状况。
上面提到的钱款资助主要是由在弗赖堡(德国)的 merlinux GmbH 组织的,分发给了来自世界各地的十多位贡献者。
Please see Delta Chat Contribution channels for both monetary and and other contribution possibilities.