I used Gajim on Whonix with Conversation on Android. Everything was well.
Gajim does not download or decrypt any history from server if you disable it (at the Gajim settings). An attacker can do this if he received:
- password of JID
- private GPG key
- password of GPG key
This is result of physically accessing to powered-on computer or hacking the system.
And such attacker can also download the entire OMEMO-history. Messages, time, senders, recepients are visible in OMEMO logs. OMEMO texts cannot be read.
OMEMO does not allow Workstation booting from the clean snapshot. It’s great issue. You are obliged to save all changes which were made while using the chat. For example, you received a dangerous file or you opened a dangerous link. Can you restore the last clean snapshot? Yes but you will stop receiving OMEMO messages from the contacts.
GPG allows booting from clean snapshots. This is a very good.