Hello Arelor!

** On Saturday 25.12.21 - 07:03, Arelor wrote to August Abolins:

 >> DeltaChat doesn't seem to have that problem (EOL,
 >> unsupported, etc..)   Everything is self-contained using
 >> one's own existing email servers.

 A> Well, what I mean is that you may end up running a
 A> supported, secure version of DeltaChat on a phone with an
 A> obsolete, insecure baseband. Or an obsolete, insecure
 A> Android version.

Yeah.. but if the content is encapsulated in a PGP BLOCK, then  
what's the worry?

 A> Or a supported, insecure Android version (after all, Google
 A> has root access to your phone if you have any Google
 A> Service enabled).

The rooting part sounds confusing. Can't you change the root  
credentials so that only you have access?

 A> If I have to give DeltaChat the password for one of my
 A> email accounts, then Android may access the email
 A> credentials. I find it unaceptable because email accounts
 A> are used for many non-communication critical activities -
 A> such as password recovery for online banking.

Yes.. that aspect of DeltaChat had me worried. You really have  
to trust the app that it won't broadcast the login credentials  
outside your knowledge.  But the code is open-source, and  
surely the skeptics have analysed it for any untoward  
potential?

 A> Iç'd work if I used DeltaChat with an email account which
 A> I used for nothing important. For example, an email account
 A> created specifically for using DeltaChat over it. I would
 A> not consider it safe, but damage would be contained in case
 A> of compromise.

Having played with DeltaChat a bit myself (exporting the public  
key for someone to use in their OpenGPG keyring), I see that it  
would be best to use it with its own dedicated email account  
inorder to avoid multiple keys for the same email address.
--
  ../|ug

--- OpenXP 5.0.50
 * Origin: (} Pointy McPointface (618:250/1.9)