because there's real usability tradeoffs. Signal's local encryption means there's no history sharing on new devices and essentially loss of the data should you ever lose the device/key, and that for many people is a deal breaker.
because there's real usability tradeoffs. Signal's local encryption means there's no history sharing on new devices and essentially loss of the data should you ever lose the device/key, and that for many people is a deal breaker.
It doesn't help that the non-security aspects of Signal are garbage. I have several years of data in my phone that I want to backup, but it's a painful process because Ihave to export every media file manually and then transfer it over to an SD card. My phone is low on internal storage space, but Signal won't let you choose where exported media get saved to, so I have to play Towers of Hanoi shuttling media files in and out of my limited vacant space and then deleting them in Signal after they've been safely copied to the SD card.
The app is full of tiny annoyances like this. For sending photos there are some editing/cropping tools - a fun and somewhat useful innovation, but while the crop handles work from the corners of an image they don't work properly from the sides. I was a busy evangelist for the product in its early days, now I hate using it.
> Signal's local encryption means there's no history sharing on new devices and essentially loss of the data should you ever lose the device/key
To be clear, Signal now allows secure backups to the cloud. If you don't use a strong password, and much as the public won't, it's not perfect but they maximize the security. (And you can always choose to not use the backup.)
Do they? On Android all it does is backup to another directory on my phone.
Hmmm ... looking around, isn't the following implemented?
https://signal.org/blog/secure-value-recovery/
(It's also relevant to the OP.)
SVR doesn't do full backups (yet?)
> To be clear, Signal now allows secure backups to the cloud.
No, it doesn’t, at least on iOS. There is no backup option on iOS. The only way to retain information when using a new device is to have the old device close by and transfer it by running Signal on both of them. Anyone who loses their device or does not have it with them when getting and setting up a new device will lose all the messages from the older/previous device.
Oh, does it work for desktop?
I know only enough about crypto to be dangerous, but it's never been clear to me why that's such a hard technical limitation. my password manager is very easy to set up on a new device if I have another authenticated device on hand. if not, it's still not too onerous to set up the first sync. why wouldn't the same approach work for signal?
Indeed it's possible, though judging by the release dates, it's not trivial to do right:
- Apple implemented iMessage E2EE sync across devices back in 2011. But be careful not to save your chat keys in iCloud backups (local backups are fine), unless you enable E2EE for iCloud backups as well, which is an option rolled out in 2023.
- WhatsApp appears to have rolled out a form of E2EE device sync in 2023 as well. WhatsApp Web complicates the question of how secure is the E2EE though.
It does, if you set up Signal Desktop it involves scanning a QR code. It doesn't sync old messages, theoretically they could do that over a local network transfer.