Navigation

    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    Encryption and Privacy for Chat

    Feature wishes app
    3
    2
    150
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      niederfuchs last edited by

      Dear Church Tools Team,
      I would like to endorse the comments made by some previous speakers in the German Forum. End to End Encryption of Communication of Church Tools (Chat), is not a "Nice to Have," it is an area that belongs to your first duties just as a comercial provider in this highly sensitive area.

      I would like to briefly discuss why these communication tools should not be offered unencrypted from the outset. And in addition, there is some reason for not using clear names in the matrix structure behind it.

      A)
      In congregations, information is often exchanged that is not particularly sensitive within the congregation itself (donation calls, reports of missionary activities, calls to support persecuted Christians, etc.) that could make a CT server attractive for bad actors or corrupt governments in the medium to long term. Assuming that your own server infastructures is beyond being attacked is an unrealistic point of view that you can't afford and shouldn't afford.

      B )
      Users who understand the chat as a means of pastoral care and as low-threshold offer, write messages in emotional distress, rightly assume without notice that their communication is A) E2E encrypted and takes into account B ) Perfect Forward Secrecy - since this meets common standards today. If your app cannot offer this (which, as explained above per se, would not be desirable/acceptable in the long term), the app should at least inform the user that the content is not encrypted and is in plain text on the CT servers.

      C)
      In addition to the risks of hacking from outside, it should be noted that one can never guarantee the confidentiality of the persons entrusted with server systems. It can happen in all institutions that confidential information is sometimes misused and even leaves the maintained/entrusted systems.

      The only effective protection:
      You ensure from the outset that you never get this data in plain text. And please consider how you can protect any existing clear names/passwords/emails from compromise...

      Dear developers let us hear how you think about it...!

      Thank you for taking the topic seriously and your community...

      B 1 Reply Last reply Reply Quote 5
      • B
        BeMiGro @niederfuchs last edited by

        Thanks @niederfuchs for filing this FR and discussing the backgrounds. I fully support your view (and the FR, of course).

        For point C) I'd like to add that this does absolutely not mean anything like general distrust against CT as a company or any individual working at CT!
        Apart from the fact that I have experienced persons who did strange things while suffering from (temporary & unexpected) mental health issues, loss of confidentiality may simply occur due to (unintended) errors, even if well-crafted processes to prevent them might be in place.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post