It only backs up contacts, profile, etc. but it's a lot different from the original purpose and it's not adequately explained in the app. Also, a weak PIN is not sufficient for deriving a proper encryption key. They do let you to set a strong passphrase, but it's not encouraged.
Conversation
So, generate a strong random passphrase and you don't need to rely on sketchy SGX integration for throttling key derivation. Back up the passphrase in a password manager and turn off reminders. The problem is the UX, lack of explanation, dark patterns and their response.
1
There isn't really a technical reason to stop using Signal based on this. It's an extra thing to deal with to use the app with the same privacy properties as before though. They're adding a way to opt out but registration lock is important since people don't check safety numbers.
1
And it appears you won't be able to use a registration lock without this kind of contact/profile backup/sync anymore. Can use a strong passphrase so that it's not a problem. I've just lost a huge amount of my trust in them based on how they did this and their response...
1
I think a lot of what they've said in response to justify it is misleading or inaccurate. Also, they can't take back that they spent weeks (months?) gradually making this more and more annoying until it became completely mandatory. Everyone was forced to set it up now.
1
Their existing encrypted backup feature on Android generated a strong key itself and had you back it up on paper. That backs up more sensitive information (keys for safety numbers, messages) but it also overlaps with this. Backs up contacts, profile, settings, etc. like this too.
1
It'd be more usable if they used a BIP39 seed phrase (12 words from a list of 2048 standard words, providing a 128-bit key, where the first four letters of each word unambiguously identify them) and BIP39 also allows an optional passphrase that's not recorded with the seed.
1
Instead of doing something like moving forward with that existing design, they've got this partially overlapping alternative encouraging weak PINs. If they just did that without replacing registration lock + pushing it so hard + making it mandatory, it wouldn't be a big scandal.
1
It would just be a questionable design that I disagree with for an optional partial backup / sync feature alongside the full backup feature with strong encryption. Full backup/restore might be Android only and isn't perfect but it's the only way to migrate to new devices sanely.
1
It's the only way to move to a new device without having all your safety numbers change. Even now that it's available, it needs a lot of polish and promotion + a lot of the damage from constantly changing safety numbers is already done. People don't check largely due to this.
1
Sounds like that existing backup feature is at risk of going away and never being done for iOS because they don't seem to want to use a modern approach for accessing storage where the user controls it + doubt they want to provide hosting for those encrypted backups (lot of data).