Yes it's the SGX PIN backdoor stuff. I'm not "yelling uninstall x right now" but it's clear that Signal needs to be treated as user-hostile and a replacement sought in the mid to long term.
Conversation
2
No, maybe I should have. But the escalating pressure and finally hard refusal to run until I add a PIN is so user-hostile I'd have a hard time trusting Signal even if it's fixed.
2
1
11
We're trying to add support for identifiers that aren't phone numbers, since that's what we've heard from users. If we do that, your signal contacts can't live in your address book anymore. Every other app just stores that in plaintext on their servers, which we don't want to do.
3
13
They absolutely can if you're fine with backing them up yourself locally or not doing that and losing them all if you lose your device. That's what we want and why we chose Signal to begin with.
2
1
14
Problem is there won't be anything to "add" to your address book anymore, which is the only non-app storage space. There's no OS concept of "back up locally" on iOS, and won't be for long on Android. And if we did it now on Android it'd require something much longer than a PIN.
5
1
4
Backing up locally via SAF works fine. No need for the deprecated Storage permission. The app can request persistent access to a directory for backups and the user just chooses the backup directory via SAF and the app. Can't something similar be done on iOS via their equivalent?
1
1
7
This is absolutely correct. The SAF allows the user to open or create files to the device or via a remote service WITHOUT REQUIRING ANY EXTRA PERMISSIONS. The act of picking or naming the file IS the permission grant. developer.android.com/guide/topics/p
1
4
Yes, and the Storage permission has been deprecated. This form of bulk access to shared storage is disabled for the current API level (29) and apps have to opt into the legacy model. The next API level removes the opt in for anything but an existing app install already using it.
1
5
For many years, it has been possible to take an approach to shared storage access respectful of user consent and control over their files. It's sad even security/privacy apps need to be forced to do better. It makes it a better feature too: they can use other storage providers.
1
4
So, in the case of backups, the user can choose to use a directory provided by a file sync service, etc. to have encrypted cloud backups with the provider of their choice or their own self-hosted service. Apps just have to implement this via the proper API giving users a choice.
They use the SAF in AttachmentManager, and (though they do not need it) request & require the device-wide WRITE_EXTERNAL_STORAGE perm. After they're granted access, they never takePersistableUriPermission() for any files they might need to access again. ๐ค github.com/signalapp/Sign
1
3
Check out this underrated talk from 2015. Back then, it was a strongly recommended way to no have to ask for storage permissions. Starting w/ Android 11, this is how everyone pretty much is gonna HAVE to do it.
4