←back to thread

Signal Secure Backups

(signal.org)
988 points keyboardJones | 1 comments | 08 Sep 25 16:43 UTC | HN request time: 0.228s | source
Show context
IshKebab ◴[08 Sep 25 18:24 UTC] No.45171913[source]
> Losing it means losing access to your backup permanently, and Signal cannot help you recover it.

Oof... That's going to be tough to explain to normal users. "Sorry you've been paying for backups all this time, but you should have written down this code that you will only ever use once somewhere safe and remembered where it is. All your data is gone."

Not the right security trade-off for most people.

replies(7): >>45171934 #>>45171967 #>>45171974 #>>45172013 #>>45172031 #>>45173040 #>>45174666 #
1. kelnos ◴[08 Sep 25 19:49 UTC] No.45173040[source]
If you're using Signal, of all things, that's probably a reasonable security/usability trade off.

Granted, I'm sure there are a lot of people out there who just use Signal because one of their more security-conscious friends/family members told them to install it, and so you're probably right for those people.

But, frankly, I can't see how else they could do it. Offering an unencrypted option, or weakening the encryption (by storing a copy of the key on Signal's servers) would make Signal not Signal.