Local messages management

Hi there,
are the local messages encrypted? messages both sent and received

Hi @jamiboy, no, I think they are stored unencrypted in an SQLite database. For instance, on Linux I think the directory is ~/.local/share/jami.

I thought everything was encrypted when you use a password on your account.
But never check it , wil look at my laptop this week

why this design? isn’t safer to use the SQLCipher?

and if there isn’t a password will be all clear text?
Check your client please

I forgot about encrypting with a password like @M1k4 said. I just tried it with a new account and the conversations in the history.db sqlite database are still unencrypted.

In the future, with swarms, conversations will be stored in a custom format that uses git, so the encryption will work differently.

I looked around, and under the directory ~/.local/share/jami. There are vcard or vcf files with user names and phone numbers (in case of SIP), plain text.

I confirm, the histry.db databases found in the jami directory are sqlite and messages and call history appear in plain text.

Did not find any password options in the Linux Jami I am using.

The password option do you found when you create a account.
But @wrycode did try it , it is not encrypt de history.db

That’s awesome. I used to use git to update my servers, awesome way to deploy, very efficient. I could see it distributing messages efficiently. Curious to see how it will work.

I did some more reading. The password is used to encrypt your archive.gz file, which contains your account certificates (plus lots of other stuff). It is not used to encrypt conversation history.

@mickymouse yeah it’s cool. There are some details at 2.3. Swarm · Wiki · savoirfairelinux / jami-project · GitLab and Swarm: a new generation of group conversations if you’re curious.

What i assumed was jami is e2ee like signal where the signal database on the local device is encrypted.
With the conversation history database in cleartext, does that mean other apps can scan and read the jami msgs?
Will jami devs encrypt the conversation history database soon if ever?

Hi @boxedup, Jami is e2ee but this is unrelated to encryption of the conversation history. To meaningfully encrypt the history we would need to ask for a passphrase every time the user starts the app. Some people might like this option, so there is potential to add it once the next generation of conversations is released. For now, the password only encrypts your Jami account. (You’d need the password to link a new device, for example.)

If you use any other app, e.g. Signal, without entering a PIN every time you open it: if you can view your message history, then it is not meaningfully encrypted. Jami is the same.

All platforms allow you to have system-level encryption (which protects you if your device is seized), including iOS and Android by default.

Not sure what you mean here. My understanding is, no other apps can read inside signal database when its idle or being actively used. Is that is same for jami, where no other app can read jami history when idle or actively being used? thanks.

The sqlite Jami message database is not encrypted on Linux, and I suspect it’s the same for macOS and Windows. Maybe someone more knowledgeable can let us know whether the Android/iOS apps encrypt the message history. @sblin?

The purpose of apps like Signal and Jami is to secure your communications, not your local storage. Usually this is left to other OS software.

As an example, it’s easy to access the full message history of Signal desktop. For Android, Signal encrypts the message history but it’s still trivial to access it if you have access to the device.

For any app that stores persistent data, unless you enter a passphrase every time you open the app, the encryption is mostly a gimmick, because the encryption key must be stored somewhere else on the device.

(It would be great to have the option to encrypt the conversation history once we transition to swarms. It’s not a bad thing at all.)

In general, access permissions and local storage encryption are OS-specific things unless we ask for a passphrase from the user and encrypt the data manually.

Also I’m just another user, so my views don’t represent the Jami developers or SFL employees.

If we implement history encryption as part of the daemon we would want to use the Android and iOS equivalent of TPM. For Android it’s called TEE and for iOS it’s called the Secure Enclave. I thought this stackexchange answer was pretty illuminating.