The final list based on Dino’s answers. There are new issues.
-
Dino prohibits Onion servers and manual configuration of hostname and port. This issue has been discussed for several years (#115). Users asked to allow these settings. The developers refuse.
-
Dino does not allow to disable the download / decryption of old history.
GPG. Dino downloads, fully decrypts and saves the entire GPG-history from the server every time when Dino starts. Most public jabber servers stores history from a week to a month.
OMEMO. Dino downloads both OMEMO and GPG chats. Messages, time, senders, recepients are visible in OMEMO logs. But OMEMO texts cannot be read.
Gajim and others provides an option to disable history downloading. The developers of Dino do not want to make this option (#953).
-
Let’s say you are running Dino from secured and cleared Whonix snapshots with zero history. This makes correct OMEMO encryption impossible. If you use OMEMO chat, you cannot run Dino many times from one Workstation snapshot. You are obliged to save all changes and all received files, even if the file contains a trojan. Or you cannot use OMEMO chat (#977). This is not a Dino bug but a security feature of OMEMO. But this feature creates a very big issue with Dino because of point 4 and point 5.
-
Dino saves chat logs to disk. There is no log encryption. It’s impossible to disable saving. Returning to a snapshot with a clean history is not decision (point 3). Users have been asking to disable logs during for three years (#67). The developers informed (#953) that they may disable logging in the future. It is not yet clear when and how the log management will be changed.
-
Dino does not allow you to disable or stop receiving files. Dino receives and saves to disk any file sent to the user. Returning to the previous snapshot causes a crash in the entire OMEMO-chat (point 3). The developers have included canceling file transfers to the wishlist (#955).
-
The developers refused to make the option to hide or show system time, hide or show or spoof OS and client name. The reasons are described in the discussion (#954).
I suppose points 1, 3, 4, 5 will be critical for most Whonix users. Point 2 is very serious for some. The developers are not ready to change anything in points 1, 2, 3, 6. This should be understood by every Whonix user.