Conversation

This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@chrisrohlf
@signalapp
and
@moxie
Hopefully as a toggle so that it's still possible to have a registration lock PIN without contact syncing, as it was before this was introduced. Most people are going to use the defaults so that's what really matters, and a user-generated PIN + SGX is not a secure approach.
1
6
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@chrisrohlf
and 2 others
twitter.com/DanielMicay/st By the way,
@moxie
blocked me for this tweet. I think that says a lot. As I feared, the toggle is for the PIN feature as a whole. It also doesn't address that they're still going to be encouraging using a weak PIN for a remote backup/sync feature.
Quote Tweet
Daniel Micay
@DanielMicay
Replying to @chrisrohlf @signalapp and @moxie
Hopefully as a toggle so that it's still possible to have a registration lock PIN without contact syncing, as it was before this was introduced. Most people are going to use the defaults so that's what really matters, and a user-generated PIN + SGX is not a secure approach.
1
3
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@chrisrohlf
and 2 others
It's also confusing to have multiple backup implementations. The existing backup implementation covers all the data stored by the app with strong encryption. Also, seems like a valid complaint that the registration lock PIN feature got gobbled up into a feature that does sync.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@chrisrohlf
and 2 others
A lot could be done to make that existing backup implementation more usable: seed phrase instead of numbers, support for easily cloning a Signal installation to another device via QR code pairing instead of manually transferring the backup and entering the backup seed on it, etc.
1
2
Show replies