Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
IshKebab 7 days ago

> Losing it means losing access to your backup permanently, and Signal cannot help you recover it.

Oof... That's going to be tough to explain to normal users. "Sorry you've been paying for backups all this time, but you should have written down this code that you will only ever use once somewhere safe and remembered where it is. All your data is gone."

Not the right security trade-off for most people.

tgsovlerkhgsel 7 days ago | parent | next [-]

Absolutely the right security trade-off for Signal users. Anything else would devalue the entire product.

Whatsapp chose a different approach (which is reasonable for their user base) but that means that there is an escrow key. Regardless of your choices, messages that you sent may end up "end to end encrypted" but in reality stored in the cloud with a key escrowed to Meta...

The backup feature seems to be opt-in, i.e. the requirement to write the key down won't be too surprising.

elvisloops 7 days ago | parent | prev | next [-]

The implementation feels uncharacteristically crude for Signal. Instead of seamless protections, you just get handed 64 characters you’re told to “store securely.” That’s not realistic: most people will screenshot it, and those screenshots will end up in unencrypted cloud backups.

fastest963 6 days ago | parent [-]

Sure but the key is still in a separate location from the backup. Signal can't decrypt the backup and if Signal is hacked someone would still need to get your screenshot to decrypt the backup. Not perfect but far better than an unencrypted backup.

staplers 7 days ago | parent | prev | next [-]

It's this way, or it's not encrypted. The whole premise of their privacy model requires this.

Signal opens themselves up to government coercion and ruined reputation otherwise.

arccy 6 days ago | parent | prev | next [-]

when you're shown the code, it has 2 buttons: copy to clipboard and save to password manager. if you choose password manager you should be relatively safe...

fastest963 6 days ago | parent [-]

I have 1Password installed and it prompted to save in 1Password. Worked perfectly. It even let me paste from 1Password on the verification screen. It was the most seamless password manager experience I've ever had.

iamtheworstdev 7 days ago | parent | prev | next [-]

there are more than a few backup providers that do this security trade off with user acceptance of the risk. if this trade off isn't good for the user, they can use any other number of insecure backups.

kelnos 7 days ago | parent | prev | next [-]

If you're using Signal, of all things, that's probably a reasonable security/usability trade off.

Granted, I'm sure there are a lot of people out there who just use Signal because one of their more security-conscious friends/family members told them to install it, and so you're probably right for those people.

But, frankly, I can't see how else they could do it. Offering an unencrypted option, or weakening the encryption (by storing a copy of the key on Signal's servers) would make Signal not Signal.

0x457 7 days ago | parent | prev [-]

If they were able to recover backups for you, then it wouldn't be secure. Right trade-off.