←back to thread

Signal Secure Backups

(signal.org)
988 points keyboardJones | 1 comments | 08 Sep 25 16:43 UTC | HN request time: 0s | source
Show context
X-Istence ◴[08 Sep 25 17:42 UTC] No.45171338[source]
I already pay Apple for storage, please just back up my chats/media to iCloud.
replies(3): >>45171386 #>>45171398 #>>45171798 #
vigilans ◴[08 Sep 25 17:46 UTC] No.45171386[source]
This BS is why I completely stopped donating to the signal foundation.

The messages are mine, not theirs, and yet they refuse to allow me to handle them how I deem fit.

replies(2): >>45171702 #>>45175120 #
palata ◴[08 Sep 25 22:48 UTC] No.45175120[source]
> The messages are mine, not theirs, and yet they refuse to allow me to handle them how I deem fit.

"They refuse to allow me" meaning "they don't add the features I want for free to the app they provide for free, so I complain".

The messages are yours, of course. But don't forget that you use their work for free. If you're not happy, go use the free work of someone else, I guess?

replies(1): >>45177977 #
Y-bar ◴[09 Sep 25 05:59 UTC] No.45177977[source]
They are somewhat correct though, Signal has written code explicitly to prevent iOS users from including Signal data in Apple’s encrypted local and/or cloud backups.

Allowing encrypted backups was free for Signal, but they spent time and money to prevent it for iOS users.

Part of the code the wrote to prevent backups in question:

https://github.com/signalapp/Signal-iOS/blob/5590f09c3643f12...

replies(1): >>45179379 #
palata ◴[09 Sep 25 08:55 UTC] No.45179379[source]
It would be interesting to have Signal's justification for that, but I can totally imagine that it is a security feature.

As in: they may not want their users to inadvertently share their Signal messages with Apple.

replies(1): >>45180500 #
Y-bar ◴[09 Sep 25 11:26 UTC] No.45180500[source]
Lot's of people have requested justification in related Github issues there, but Signal has not given a clear answer. If there was a security problem with the encryption process I believe a CVE or similar would have been in order because it would affect millions of users.
replies(1): >>45180685 #
palata ◴[09 Sep 25 11:54 UTC] No.45180685[source]
I was not talking about a security flaw.

I was saying that maybe, Signal did not want to push their users to trust the Apple backup by default.

Signal is a nonprofit foundation, it's not like they are trying to squeeze their users with their own secure backup.

replies(2): >>45181051 #>>45193374 #
AnonC ◴[10 Sep 25 04:42 UTC] No.45193374{5}[source]
> I was saying that maybe, Signal did not want to push their users to trust the Apple backup by default.

The gap in understanding here is that Signal already trusts iOS by providing an app. It trusts it even more by providing notifications (with sender and content) that go through Apple’s systems. It integrates with CallKit to work with the Phone app. Putting iCloud alone in a separate bucket doesn’t make sense. They could’ve done this same backup with a 64 character recovery key and stored the data in iCloud. Signal made an intentional choice not to allow backups on iOS.

One can only hope that the point about supporting other backup endpoints/storage gets implemented sooner rather than having to wait several more years.

replies(1): >>45196382 #
1. palata ◴[10 Sep 25 11:54 UTC] No.45196382{6}[source]
> They could’ve done this same backup with a 64 character recovery key and

Again: they could have, but it would have taken time and resources. The complaint here is not that Signal doesn't want to allow backups: they are just announcing a secure backup feature.

The complaint is that Signal did not do it earlier, and instead decided to prevent what they considered an insufficient solution.

> Putting iCloud alone in a separate bucket doesn’t make sense.

Of course it makes sense. What you say is akin to saying "end to end encryption makes no sense, because if you have to trust iOS anyway, you may as well trust the server".

Because I trust Android and run Signal there does not mean that I want it to auto-upload my messages to Google Drive. I don't see what makes it so hard to understand.

> One can only hope that the point about supporting other backup endpoints/storage gets implemented sooner rather than having to wait several more years.

Yes, I hope that too. On top of hoping, one could donate, to slightly contribute to paying the developers that work on it.