I've been a user and supporter of Signal for years. I've disagreed with various design decisions, but there has always been sensible reasoning behind their decisions based on facts and logic. I only used to disagree on certain priorities and had faith in them. No longer the case.
Conversation
Replying to
I'm well aware of that. It doesn't address anything that I've talked about. My thread was posted with the full awareness that they are making PINs optional. I suggest reading twitter.com/DanielMicay/st, my other earlier posts and this thread.
Quote Tweet
Replying to @chrisrohlf @signalapp and @moxie
Hopefully as a toggle so that it's still possible to have a registration lock PIN without contact syncing, as it was before this was introduced. Most people are going to use the defaults so that's what really matters, and a user-generated PIN + SGX is not a secure approach.
Replying to
This feature was previously only a registration lock PIN. It should be possible to set a registration lock PIN as before without it enabling remote backup / sync with it used to derive an encryption key. It also matters that users are encouraged to use a weak PIN for remote sync.
1
2
Replying to
Needing to work around dark patterns to use the app securely does not fit Signal. It's supposed to be about bringing privacy/security to the masses. Most users are going to use the app as intended. It guides people to set a weak PIN and then does remote backup / sync using it.
1
3
Show replies