Basically I am looking for a messaging platform like signal or? but with anonymous signup, perfect forward secrecy, capable of video chat, sending photos the usual uses in today’s life. But with a panic button. So that any party member could use said button to wipe all other members devices of any data instantly inside the messaging app. So if one member gets compromised, or lost their device, stolen device ect, any other member could wipe all chats, call log, and any other data strictly inside the messaging client instantly for everyone involved. Disolving the group like it never existed rendering the data unrecoverable. Amazons Wickr used to have most of these features but it is being discontinued December 2023 and who trusts amazon with their data. Does something like this exist? Sorry if I’m not explaining it well I’ll do my best to clarify and update this post. I am not trying to delete the whole device. Just the data inside the messaging app. If that does not exist. What about a separate app that could delete the entire messaging platform from the device when triggered. Assume all necessary requirements are met and this is for daily use. Between a group of trusted parties.
Updated wording to clarify the objective as replies where getting misunderstood.
If a device is recovered by authorities or stolen by spies, assume you’ll never get a signal to it before the flash storage is dumped, possibly with the decryption key as well. It’s trivial to put a phone into a Faraday cage and cut off all communication.
In theory you could have an app that tries to wipe itself when it detects a complete lack of signal, but then you’re one annoyingly long power outage away from losing all of your messages.
Remote wipe is available for Google and Apple devices and will wipe all data, not just messenger data. The device owner needs to log in and click the wipe button and that’s the best you can hope for.
On Android you could use work profiles to give a group of people remote access to a “work profile” manager which will let you wipe the apps remotely through Google’s API. That will leave some details intact (everything outside the work profile most likely) but it’ll work for any chat app inside such a profile.
I’m not sure of Apple’s MDM features allow for the same capabilities, but it’s worth looking into.
I hate relying on anything big corp for privacy. Thanks for the reply and I’ll keep this in mind. It seems so far matrix chat is the only e2e chat that can remove the conversation from an individuals device once their removed from a room. I will have to do deeper research into matrix to see it it fits my use cases. I’m just not sure how it stacks up against other big name chat platforms as far as security/privacy goes. I’ve heard of it before. Never deep dived into the data.
I would recommend reading up on Matrix if you’re going to use it in some kind of oppressive regime or whatever. E2EE works but compared to alternatives like Signal it sends a LOT of plaintext metadata.
I believe there used to be alternative solutions for dealing with MDM and remote wipes, but I’m not sure if that’s still allowed with modern API protections. Prey used to offer a kill switch, but I don’t think they still do on mobile devices. Perhaps there are others, I’m not very familiar with these apps. They mostly target businesses and business owned devices, but perhaps you could look for something that still offers a data wipe feature.
Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?
[This comment has been deleted by an automated system]