Again, Signal already has an encrypted backup / restore mechanism (at least on Android) with a strong key generated by the app. This sync feature is only secure if users realize they can and should set a strong passphrase and do it. The app encourages a weak PIN + they make it...
Conversation
... seem like that's fine based on using SGX when it's an extremely problematic approach that's ultimately unworkable. The reliance on SGX is at serious odds with past design choices: end-to-end encryption, encrypted backup / restore with a strong key, etc. Also again, my main...
1
2
8
... issue is not these recent design decisions but rather how they've handled the response to it including valid criticism. Repeatedly making false claims, misrepresenting criticism/suggestions and responding with a holier-than-thou attitude, platitudes and fallacies. Bad look.
1
2
12
It's possible to set a strong passphrase as this PIN and avoid depending on SGX security. The issue is how they've converted an existing feature, the lack of a proper explanation for users, their dismissive response to valid criticisms about it and inaccurate/misleading claims.
1
1
11
The experience of the registration lock PIN being converted to this resembles dark patterns used by Facebook. It wasn't clear even to highly technical people what was happening and what the new PIN they were creating was doing. It is STILL a problem with them adding an opt-out.
1
2
10
They did such a good job designing features like link previews and profiles in a privacy-preserving way. Don't understand how they go from that to this. Bonus of a response resembling a cover-up hand waving away the criticism + blocking people with legitimate questions/concerns.
1
3
12
A weak PIN was fine for the registration lock feature, but it doesn't work well as a way of deriving a meaningful encryption key. Adding a way to opt-out doesn't change that they encourage doing this and it looks like you won't be able to just set a registration lock like before.
2
1
11
This Tweet was deleted by the Tweet author. Learn more
Replying to
Bypassing SGX attestation doesn't require hacking it. It only requires having a valid key for signing attestations. Those could be leaked from any hardware including the oldest supported hardware without any updates applied. Alternatively, an employee could leak them, etc.
This Tweet was deleted by the Tweet author. Learn more
Replying to
Your contacts, the contents of your profile and whatever else they end up choosing to backup this way is not just some unimportant metadata. Why have this mechanism at all when there's an existing, secure backup mechanism covering your keys, messages and overlapping with this?
This Tweet was deleted by the Tweet author. Learn more
I get that this is more convenient, but the existing backup implementation now overlaps with this in a confusing way, and the existing mechanism could be improved to offer more usability along with sync support. They already made what they need to do secure sync.
1
Show replies