Messages
Messages copied to clipboard
Option to disable auto-rendering of MMS images (tap to render).
Checklist
- [x] I made sure that there are no existing issues - open or closed - to which I could contribute my information.
- [x] I made sure that there are no existing discussions - open or closed - to which I could contribute my information.
- [x] I have read the FAQs inside the app (Menu -> About -> FAQs) and my problem isn't listed.
- [x] I have taken the time to fill in all the required details. I understand that the request will be dismissed otherwise.
- [x] This issue contains only one feature request.
- [x] I have read and understood the contribution guidelines.
Feature description
I would like to disable automatic rendering of images in MMS. This is different from disabling auto-downloading of the MMS message itself. I would like text-based group messages and the text portion of 1:1 MMS messages containing an image to be rendered, but the image itself would be a placeholder until I tap it.
Why do you want this feature?
Image rendering is a unique attack surface for security threats. A bug in the rendering library could result in a zero-click vulnerability. This would be a straightforward way to allow the user not to load an image if the message is unexpected or otherwise suspicious.
Additional information
I would not expect this to be the default behavior, but an opt-in setting for security-conscious users.
An alternative solution would be to only auto-render images from known or favorite contacts, but I'd prefer the render-on-click option since it gives me more control.
I think it's probably possible for a malicious payload to be contained in the non-image portion of an MMS, but disabling auto-downloading of MMS entirely makes group conversations extremely awkward. You have to go to the 1:1 chat with the sender, download the message, then the message moves to the group thread. This feature would be a nice compromise to reduce the image rendering attack surface while accepting some risk from the rest of the MMS payload in exchange for usability.