Security First

Security & Privacy

Every byte of communication is secured before it leaves your device. No cloud, no accounts, no telemetry — ever.

Enterprise-grade security.
Built for your LAN.

Every byte of communication is secured before it leaves your device. No exceptions.

AES-256 Encryption

Every message packet is encrypted before transmission using AES-256. No plaintext ever touches the wire — not even metadata. Keys are derived per-session.

No Cloud, No Servers

Everything stays on your local network. No accounts required. No telemetry. No third-party servers anywhere in the communication path. Works air-gapped.

MAC-Based Identity

Messaging identity is derived from your device's hardware MAC address. Survives OS reinstalls, prevents duplicate entries, no registration or account creation needed.

How the security model works

Encrypted Backup

All message exports use AES-256 encrypted .elmbackup files. A passphrase is required to restore — no plaintext ever written to disk during export.

Local SQLite Database

All message history is stored in a local SQLite database — no external database server required. FTS5 full-text search runs on the same local file.

Admin Passphrase Protection

Admin unlock uses a SHA-256 hashed passphrase stored locally. Unlocking admin mode is required every session — it is never persisted in plaintext.

Session Timestamps

All screen share and silent view sessions are logged with start/end timestamps for audit purposes. Useful for compliance and IT governance reviews.

For IT Administrators

Silent monitoring,
zero disruption

Admin-mode unlock with SHA-256 passphrase. The Silent View feature lets IT administrators view any device screen instantly — no popup, no notification on the monitored device. Full audit-ready oversight.

  • Admin unlock via hidden gesture + passphrase
  • SHA-256 passphrase protected access
  • View-only mode — no remote control in silent mode
  • Audit-ready with session timestamps
  • Dedicated TCP port 54552 for secure frame stream
Advanced Options
Admin Unlock
••••••••••
Unlock
Admin Features
Silent View
View any device — no notification
Locked
Broadcast Alert
Send to all devices
Locked
License Management
Transfer, import, export
Unlocked

Coming in v2.0

Security hardening planned for the next major release.

ECDH P-256 Key Exchange

Every TCP connection will derive a unique ephemeral AES-256 key via Elliptic-Curve Diffie-Hellman, replacing the current static shared key.

HMAC-SHA256 Packet Integrity

Each packet will carry a 32-byte HMAC tag. Tampered packets will be rejected before decryption using constant-time comparison.

SQLCipher At-Rest Encryption

The message database will be encrypted at rest using AES-256-CBC with a key derived from device ID + PBKDF2, transparent to the application layer.