I have been using Signal for two years now and I love it.
However I really, really hope they can work on a good backup and restore process as losing my message history because I have to reinstall the app on my desktop[1] or have to reset my phone is a horrible experience.
Just build an encrypted blob and zip it up and pop it on my iCloud or Google Drive or leave it local and let me deal with it but I need something. As my Signal use moves from just messages with friends and family to business contacts I need a reliable way to backup my messages!
[1] I should state I mean losing the desktop copy as it starts "fresh" and does not import any messages from the phone.
Edit: I should probably clarify I am talking about the iOS/macOS applications as these are what I use. iOS does have a migration feature but that doesn't help if your phone is lost/damaged. I need a proper backup and restore process as well as the ability to import messages from the phone to the desktop app.
> However I really, really hope they can work on a good backup and restore process as losing my message history because I have to reinstall the app on my desktop[1] or have to reset my phone is a horrible experience.
I've tried to report bugs and talk to developers about this but there's one fundamental problem here - the Signal team fundamentally does not value chat history the same way a lot of people do. They think that destroying all chats is a reasonable thing to do when things get hard - which is the exact opposite to many WhatsApp users, which deeply value images and texts sent to them on that platform.
As such, they've been very very resistant at making the backup process for Signal easy for people. This is also why deskop app regularly happily just trashes all its state and fails to resync. This is why they will never let you make the backup process easy and portable.
It's not a technical issue - they just think you're wrong when you want to keep your conversations.
Unfortunately that's can also be a significantly bigger issue than privacy for a lot of people.
I think it's astute of you to point out that the Signal developers do not value chat history the same way many people do, but I am not sure I track with this:
> It's not a technical issue - they just think you're wrong when you want to keep your conversations.
as much.
When you are treating security as a number one priority I think there are a lot of things that become technical issues which aren't typically. Transferring or backing up history between disparate devices, which become trusted at different times, is one of those things that I think _is_ difficult to do without sacrificing security.
For example, in the classic case when a user adds a new device and wants history to be available on both you can't let the devices controlled by one person simply sync with one another. To do so would be making a security concession to the other members of the chat in that they no longer verify every destination of their message. If you are unwilling to make a security concession everything in this area becomes magnitudes more difficult. I wouldn't say it is impossible, but it's definitely not trivial.
My gut reaction is also that it is difficult to _guarantee_ history in this type of security first mindset. If you add a new device and someone doesn't approve/verify/trade encryption keys with the additional client then there isn't much you can do besides not make that data available no? So I don't think it unreasonable for developers to hold the mindset that history is not a priority for a security first application.
I mean what is the point of obsessing about the security of the messages if you don't value the messages themselves?
Some people[1] clearly value message history far beyond the transfer point to chat itself, and making people choose between being spied upon and not having message history, I think many people will choose trusting that they won't lose their messages.
[1] Myself included. I check with Signal[2] every six months to see if they have a backup option, then switch back to WhatsApp when I see they don't. Phones die. My messages are more important than my phone.
He actually seemed annoyed that everyone insisted on using it for everything :-)
If you need bulletproof cryptographically verifiable encryption - use Signal.
If one wants to plan dinner, use whatever fits your bill.
(And if in addition to the same supposedly bulletproof encryption as Signal you also want NSA^HGoogle to back up your messages and Facebook to know who you talk to and when so they might better customize their ads^H^H^H your experience you can also use WhatsApp :-)
The downside of that attitude is that if a chat program is only used for what governments consider subversive activities then it will be targeted to be shutdown. It is much better to have a general-purpose, secure chat program that IS mainstream making it more difficult for oppressive regimes to target.
There is still value in being able to securely communicate in the present even if you are not able to maintain a permanently searchable log of all activity.
There's value, that's why some niches migrated to Signal.
But the general population seems to think they are losing features, instead of gaining, that's why they don't migrate/are upset and surprised when they lose history
I think it is fair to expect Signal to support a solid encrypted backup/sync mechanism. They can allow users to manage the encryption keys out of band. Users can use a password manager (or a piece of paper) to save the encryption key.
Anyone who is security/privacy conscious to use Signal is also using a solid password manager and not reusing passwords as well as following good secure data backup practice, I hope.
> For example, in the classic case when a user adds a new device and wants history to be available on both you can't let the devices controlled by one person simply sync with one another.
> To do so would be making a security concession to the other members of the chat in that they no longer verify every destination of their message.
You can't "verify every destination" with Signal anyway. Maybe the message is going to my phone, maybe it's going to my phone and my desktop - the sender can't tell.
Sure, if you are trying to add an entirely new recipient to a conversation, then of course you can't send them the entire conversation history - but nobody is asking for that.
What people want is the ability to add a new device for an existing recipient, and have the history sync across.
With Signal I can already add a new device and continue existing conversations without the other participants being notified that I've added a new device. Adding conversation history doesn't diminish anything from a security perspective.
> With Signal I can already add a new device and continue existing conversations without the other participants being notified that I've added a new device.
Just today I had a group chat notification that said:
"More than one member of this group is no longer marked as verified. Tap for options"
Tapping brought me to a menu that said:
"Safety Number Changes -- The following people many have reinstalled or changed devices. Verify your safety number with them to ensure privacy"
At which point I was given the option to re-verify (e.g. via a provided QR code), but also the option to manually mark "verified". That is to say something does notify participants of changes to recipient devices.
Signal still had a single primary device, your phone. What you describe happens when someone installs Signal on a new phone (or reinstalls on the current one).
Linked devices are different. There is no notification when someone adds a new linked device. That's because the only way to add a linked device is to scan a QR code on the device with your phone, then confirm you want to add the device. The device is implicitly trusted, because only a trusted device can add it. (It is also possible to trigger the re-verification from the desktop manually by clicking "reset secure season" in the conversation menu, but that's separate from adding a device.)
Aside: Implicit trust like this is a great trade-off, because otherwise you'd have to verify each of their devices from each of your devices, which means approximately nobody will ever do it. Ask anybody who used Matrix/Element E2EE prior to a couple months ago ;D.
> the Signal team fundamentally does not value chat history the same way a lot of people do
This is the core problem as why many projects don't get mainstream. They have 2 options: they can focus on what they think is a priority, or on what the public thinks is a priority.
I'm not saying Signal is wrong on doing what they are doing, as they are being successful among some niches (i.e: tech). But to grab Whatsapp users, they need feature and UX parity, at least to some level
I fundamentally distrust any program which claims E2E encryption and is capable of recovering my chat history onto a new device. This means that Telegram is technically able to recover my chat history, making the "E2E" bit of the encryption smoke-and-mirrors.
I can be wrong, but on Telegram E2E is not default. Those are used only in 'secret chats', which I believe are not recoverable.
So you can use regular texting for everything you don't care much about, like sending youtube videos and memes to your friends, and use the secret chat to things that re more sensitive. That's great for most people that currently use Whatsapp
* normal ppl care about chat history more than encryption, and telegram can be accessed from many devices without tethering from one (a la whatsapp). If you want E2EE anyway, you can use E2EE chats.
* Whatsapp is closed source, so you can't tell if the encryption is true anyway (what if they are transmitting your private key?). Telegram has open source implementation and API.
* Facebook will not have your metadata. The subject of these events is basically FB having too much of data about you.
In my case, I care more about being able to use it without depending on my phone, than E2E. The single thing I hate the most on any messenger is my phone having to be on and online, for me to send/receive messages on my computer
I am unaware of Telegram's implementation, but this is not necessarily true. The app could use a secret you provide and only you know (most obviously, your password) to store and restore chat history.
> I fundamentally distrust any program which claims E2E encryption and is capable of recovering my chat history onto a new device.
I would expect a Signal implementation of this to allow recovering chat history if you restore a backup onto the new device and if you re-enter your PIN.
Your pin is not your key, even through a KDF. That would allow guessing with only 10**4 guesses. Signal exports an unencrypted backup to a formatted text file, which can then be imported by another signal instance.
I don't mean a network backup. I mean a device-to-device data transfer, for which the device passphrase and the Signal PIN together should be sufficient.
(Also, your Signal PIN can be an alphanumeric passphrase.)
That's ok. I care about data hygiene. Signal cares about data hygiene. I don't want old data lying around and ready to be used by nefarious third parties at any point in the future. I'm sticking with Signal as long as they stay true to their values. I don't need it to be #1.
I don't either, but a chat app is useless if I can't use it to chat with people and almost nobody I know will consider Signal. It's either WhatsApp, Telegram, or SMS (horrible).
Telegram is really good for this, in my experience, and similar to Signal.
But you're right, Signal is designed for secure communication between parties. Allowing messages to be exported or archived should at worst leave only your own messages (and remove all others including media) and at best not exist at all.
Sure, let me just single handedly backup our conversation and send it to the HK police...
You should be aware that if you can read messages on the screen with an open source app they can be exported. There's no way around this, if the app is closed source it might be initially harder to export but just as possible.
>...the Signal team fundamentally does not value chat history the same way a lot of people do.
Keeping around old messages more or less negates the value of forward secrecy. The Signal Protocol is obsessively forward secret. So it would be reasonable for those that have put so much work into getting rid of old messages for good would not value them.
It's not reasonable to expect it to be a defacto messenger if you can't save chat history. Full stop.
If I want a conversation to be private, I set expiring messages, for the rest of it, I want to be able to go back and reference things all the time. Whether it be digging up a song link I sent a buddy, or looking up the address someone sent me a week in advance.
If they can't operate or are unwilling to operate under those guidelines then they just aren't ever going to replace whatsapp with the general populace and the community should start work on something else or agree that telegram is "good enough" (I don't think it is).
This really miscomprehends what forward secrecy means. PFS prevents an adv who obtains the keys from decoding previous messages -- even with access to your unlocked phone (and the long lived keys) they couldn't obtain cleartext on any message you had deleted, even with the ciphertext. Also, having a plaintext message does not confirm it was a particular ciphertext.
But it really isn't available to the software author to know how long we want to keep a message for. If I want I can set a disappearing message timer.
Honestly I personally just want the ability to save specific messages. My friend sends me a recipe? Save. Just shooting the shit? Don't save. I don't understand why people want to save their whole chat history but I do understand why you'd want to save specific messages, and that's a big missing feature.
I don’t always know which are important messages until a while later. Someone mentions a useful service or name, so I search WhatsApp to find it. Moved phones recently, iOS backup was screwed up, and I lost some great covid memes and was looking for a specific one. Had to ask the sender to resend it to me.
The idea is to save all messages and have a good search option, so you'll only ever see the good posts when looking back into your history. No need to tag them beforehand.
Honestly I don't want all messages saved. I don't see that as useful. Not only is that noise but just makes me feel uncomfortable in the same way I would if someone pulled out a tape recorder while we were shooting the shit over beers. Then you think about how cultures change and people make a fuss over things from years ago on Twitter even when the person has changed opinions? No thanks. Not everything needs to be recorded. That's the premise of too many dystopian sci-fi stories.
You can simply keep those messages in an encrypted backup. Who knows how valuable they will be in 20+ years. And maybe you will be able to apply (local) AI to them and find out interesting things about yourself.
> I don't understand why people want to save their whole chat history
Valuable messages and conversations can happen too often that it's a hassle to save them manually. This is probably more common in group chats where lots of people occasionally share valuable stuff.
The thing is: your use case and wants seems to be different than like, 90% of Whatsapp users, as they expect to never lose their history. So... Signal is not a replacement to Whatsapp
That's fine with me. I was just pointing out that those two requests are not really related.
I don't know much about WhatsApp, and I've never lost any message in Signal, so I am not sure I am well equipped to discuss whether it's fit for that purpose. But I would certainly love to save individual messages in some sort of vault, as well.
>Keeping around old messages more or less negates the value of forward secrecy.
Why? Can you please explain as my understanding of perfect forward secrecy is that should not matter. I'm not a crypto expert so perhaps I've overlooked something?
I mean, from the perspective of the crypto it doesn't matter. But it defeats the point of building a forward-secret system.
Think of it like this: if I'm an attacker that breaks into the forward-secret chat app on your device, and you have kept a perfect record of every conversation you've ever had using that crypto system in _the same place you keep your identity keys_, then does it really matter whether the messaging system was "protected" by a forward-secret system? You might as well just have scrapped all that complexity and had non-forward-secure messages if you want to keep a perfect, eternal record of your conversations.
I actually think the Keybase guys did a great job at this. They have non-forward-secure chats by default (so that you never lose chat history), but exploding messages (which delete themselves after a short time by design) are forward-secret, since then it actually makes a difference.
I suppose it depends on your "threat model..." How do you want to use your chat system?
Chat history isn't immediately at odds with PFS. As I see it PFS first and foremost is for protecting messages in transit. This is to prevent dragnet-style surveillance.
Chat history means giving up some measure of at-rest security, but it has no impact on the in transit part. Personally I also think some compromise of at-rest is a reasonable trade-off for a lot of consumer contexts because physical capture of your device already is basically game over.
But PFS is specifically about including "my adversary may, at a later date, compromise my private key" in your threat model without giving up plaintext. If we assume that calculating a private key from the public key is ~impossible (which I hope you agree we can do), and we further assume the private key never leaves the device, then forward secrecy is what lets us know the only way to get plaintext is by stealing it from an endpoint. Maybe I'm failing to see the adversary you're defeating with PFS if they're never going to access your device and siphon off private data...
I'm no expert, but if all you care about is transit security, I don't think you need PFS (in E2EE messaging! TLS is a different story, because you have to trust the server). Just protect your private key. But if you're carrying multiple device's worth of accumulated messages _right alongside_ your private key, then what's the point of rotating ephemeral keys after each message?
EDIT: I agree about a compromise on PFS/chat history being reasonable in most scenarios. But I also think that defaults are really important, especially as the contents of chat history can be leaked by other participants, whose chat backups you can't really control. It's a tough problem to solve for everyone.
> But PFS is specifically about including "my adversary may, at a later date, compromise my private key" in your threat model
I'm no crypto expert but that "later date" when talking about PFS is to avoid an external dragnet recording all your ciphered streams and then deciphering them once they have your non-PFS secret key.
I mean, in your definition basically all the messages should be ephemeral on your device and on each recipient device to have PFS.
In the first, a global adversary (say, NSA) records all your interactions via a chat service. This chat service does not use PFS. At a certain point, they capture the private key from one of your devices that uses the service, and is able to decrypt all your messages.
In the second, the same global adversary records all your messages, but this time from an otherwise identical service that DOES use PFS. The adversary captures your private key but can only use it to MitM attack you going forward. However, before discarding your device, they check your conversation history -- because your diligent backup and transfer of all your conversations since you signed up for the chat service, they now have all your messages. PFS did not help.
Now, you could change scenario #2 to where you don't have an option to back up and transfer message history (or simply choose not to), and that's essentially Signal. In that case, the adversary is pretty much hosed except for the messages your device just happened to have on it. Adversary steals message backup == adversary steals private key w/o PFS
This is what PFS is all about: it is about noticing that keeping your private key secret is really hard and admitting you're probably not going to be able to do it.
But even so, when it leaks, the attacker won't be able to use it to unlock the ciphertexts of all your previous conversations that he meticulously recorded. This property is PFS.
There is no need for the attacker to have access to your device in order to execute this attack against systems which don't have PFS.
Sorry, I'm probably explaining myself poorly. I much prefer chat systems with PFS because it mitigates the blast radius of a key leak, I get that. What I'm saying is, if you store a message history that contains the plaintext that Mallory wants, and it's stored in the same way the identity key is, PFS doesn't get you much.
The attacker who has all your ciphertexts needs the decryption key to get the plaintext (which she wants). Now, with a PFS scheme the key gets deleted as soon as I receive and decrypt the message, so the attacker is out of luck, basically (even if she gets my long-term key). However, PFS only moves the target to my plaintext message database...which is stored the same way my key is (as I understand it). So really, unless I purge my message history with some regularity (I do), then the stakes are the same -- don't let the attacker get access to the device.
But most people prefer to have all their chat history available and searchable, at which point individual decryption keys don't matter and therefore PFS doesn't, in my opinion, help much.
> you have kept a perfect record of every conversation you've ever had
The other side of this coin is deniability. If you break into my secure location and steal my chat logs, but you can't tell which are real and which are fake, you've still got work to do.
The Signal protocol has you covered, here. After the fact (ie, as long as you don't watch me receive the message), there is no way to cryptographically prove which of the two participants wrote the message[0]. Thus, it is technically possible to forge a bunch of chat history, or claim that someone else's is forged. Cryptographically, the "spirit of forward secrecy" is secure.
That said, this is far out of the reach of the average person. Even if the only evidence is a screenshot, that conversation probably happened. So in practice yes, you've got a point. That's why I think it would really behoove Signal to add a "forge a conversation" feature. Make it trivial for either person to add a message to their local history that looks like it came from any of the participants, at a specific date/time. Now you've got practical deniability, too.
> But it defeats the point of building a forward-secret system.
Such thinking defeats the actual purpose of the program: to serve users. I don’t want to delete at least some of my history. It’s like Windows, which know better than the users what they want.
I might see why they think that way, but I'll have a harder time sympathizing when the parent's use case starts being more prominent: what happens when your app grows in usage, gets out of the "niche curiosity" category for the mass public, and people start wanting to use it for "serious" matters?
Not being able to back some conversations up is not an option. It would be very ironic if the answer to this was "well, then don't use Signal, because we don't care", and people who cared about the WhatsApp stuff ended up being pushed into Telegram (which seems to be the only other popular alternative, by a wide margin).
I originally didn't write "mass public" but ended adding it to somehow convey that currently is already being used for "serious business", no doubt, but it has been far from widespread adoption so far.
Interesting piece of information. I'm one of the people that values the chat history. Mostly as there are often occasions where I would look up something like a product or a website someone sent me. Also for nostalgia.
It would be perfectly fine if exporting/importing chat history would be a manual process via encrypted files and if it was disable by default. But not having it at all is an issue for me.
That said: It isn't exactly easy with other messengers. WhatsApp does have some backup/restore. But afaik it is limited to the platform you are using (Android or iPhone). The export is limited and cannot be imported again. Telegram has all the messages on their servers... which... ah well, let's just leave it at that.
Makes me think that I need some private third party database that just ingests and consolidates all my chat data for me. With something like that it might be okay just having a few days worth of chat history on the phone.
Signal's devs, for better or worse, are very opinionated. If you don't do it moxie's way then you're doing it wrong. I was once shut down on HN by the Signal posse because I said that I'd like to have a Signal client library that I could use to write my own custom lightweight client. Apparently I'm not worthy and clearly incapable of writing secure code. Meanwhile I have to use that crappy, gigantic official electron app that cost them at least one serious security vulnerability in the past (JS injection, if memory serves).
If you want to make a nerdy niche chat client that's probably a good mindset, but if you hope to appeal to the masses you'll have to put some water in your wine eventually. I managed to convince a couple of my groups to migrate away from WhatsApp lately, but unfortunately always towards Telegram. Signal is just not there yet if you want a drop-in replacement.
> I'd like to have a Signal client library that I could use to write my own custom lightweight client.
You already have that. Signal-cli is based on a standalone Java library distributed as part of the Signal codebase. Of course it is an unofficial client and the Signal team would really prefer you not use it, but if the Signal-cli team can develop something from that library, you probably could too.
This right here is the definition of a technicality -- so much so, that (on second thought) I wonder if this was meant to be tongue in cheek. If so, bravo.
Nope, and that’s the biggest blocker for me. I own multiple smart phones (work and personal), iPad, and two computers (windows and Mac). So far Facebook messenger is the only reliable way to do messaging across all of them, which is a shame because I hate Facebook and I don’t particularly like messenger. But I have not found a single other solution that works cross-device and cross-platform. It also helps that basically everyone is on Facebook messenger, but I’d be willing to put effort into trying to migrate people to other chat solutions if there was literally anything else out there that works well on multiple devices.
I use Element (Matrix) on Ubuntu, Windows 10, and Android. It works great so far, with a few exceptions such as sharing videos from reddit, for example.
Unlike WhatsApp, the desktop app receives messages when the phone is off. Also unlike WhatsApp, messages received on the phone before you paired the desktop app do not get transferred to the computer.
The Signal protocol is forward-secret. I don't know the nitty-gritty specifics of the protocol, but the essence is this:
You don't want someone getting access to your account two years from now to be able to access every old message. Consider every message a separate object that gets encrypted. The keys are changed/updated each time a new device is added to an account. That new device only knows the new key(s), and thus can only decrypt new messages.
>You don't want someone getting access to your account two years from now to be able to access every old message.
The messages I don't want people getting ahold of are either created with expirations or I manually delete them. I couldn't care less if someone 2 years from now can read a chat log between me and my mom if it means that I can actually read them 2 years and multiple devices away from now as well.
What I don't want is to be forced to message with one app for secure chat and something completely different for daily driving. It's a pain, and nobody in my circle is willing to do it (and I don't blame them).
Neither you nor any Signal dev knows what I want (i.e., what security vs convenience tradeoffs I am willing to make). I will choose the tool that allows me to use it in the way I want to use it.
I wanted to use Signal as my primary messenger. I really did. But I had a ton of sync problems between my phone and my desktop client, tried to report them, and the developers didn’t care. Then one day I got a new phone and discovered I’d lost my old Signal identity and there was no way to export my messages from my old phone. And the developers didn’t care about that, either.
They always had some excuse for why it was the “right” behavior and the user’s fault. For example: clients just can’t sync more than 1000 messages, and if you go this long without using your desktop client, well, you’re out of luck, and you should have realized this.
I just can’t recommend a platform on which the developers don’t care about usability.
Matrix has this. You can save your recovery key somewhere to recover your chats on a brand new device.
You can actually just use another logged-in device (e.g. your desktop) to recover your chats by scanning a QR code to trust the new device. Recovery key is just in case this isn't an option.
Signal has a method to backup chats, at least on Android. It's under Settings > Chats and media > Chat backup. Baffling if this feature isn't available on iPhone.
As mentioned elsewhere in the discussion they now provide a way to migrate data from one iPhone to a another, but that's assuming that you have the old device still.
I have an old device which I have saved because the messages on it are emotionally important to me, but that device is too old to transfer to my new device.
Main problem being you don't have access to the file structure on an iphone. So you can't simply drop a backed up folder in there like you can on Android. You are stuck needing the previous device.
Since iOS 12 or so, iPhone has a built in files app. Every app can integrate with that. So when I create a file (let’s say chat backup) in app A, I can put it in the files app. Then in app B (or app A on a new phone) I can easily open that file from the same files app.
iOS has had a Files app for years, locally. You could easily export an encrypted .zip from Signal and save it locally, just like how Signal on Android saves it to your internal storage.
For some reason, the Signal devs won’t even acknowledge this possibility and continue to say “we can’t enable iCloud backup” - which is fair enough, but nobody is asking for that and they’re simply putting their fingers in their ears.
It's super hacky but this [0] bit of code I adapted from some other hacky code will let you export to MarkDown/HTML. No hope of getting the messages back on my phone, but at least I have an archive of messages and media.
Why would you want this? You don't save history for other types of chats, like in person conversations or phone calls (even though you could, with your phone recording in your pocket or call recorder apps). If something important comes up, like an address or recipe, copy/paste it into your notes app. Otherwise set your messages to expire after a month and be done with it.
I used to be a message-hoarder too, but I recently realized it was all utterly useless and the cost of maintaining and transferring that history around everywhere wasn't worth the twice-a-year I actually wanted to search for something.
Because I have repeatedly dug out useful information from chats, days, weeks, months, or years later.
> If something important comes up, like an address or recipe, copy/paste it into your notes app.
You're assuming that 1) you know what's important at the time, rather than realizing later, and 2) you want to take the time, at the time, to figure out somewhere to file it.
> I used to be a message-hoarder too, but I recently realized it was all utterly useless
That's your choice, but that doesn't make it the right choice for everyone. Your preferences are not universal. (And descriptions like "hoarder" deride the choices of others.)
> Signal isn't email.
People advocate using Signal in place of email, for security.
I cannot advocate Signal to anyone I know until it learns to treat user data as incredibly valuable and irreplaceable.
If people want to mark their messages as transient, or even mark all their messages as transient, so be it; that's their choice. But if a message is not marked as transient, it must be possible to securely and easily preserve that message for longer than the lifetime of any one device.
How about multimedia? Photos, videos? Docs that I may not wish to read now but have available at a later date if needed? Most of those I would rather leave 'archived' in context than pick and choose which to download to device storage and then have to further sort and annotate.
> You don't save history for other types of chats, like in person conversations or phone calls
There are more than a few conversations I would absolutely love to be able to revisit, but I can't. Like those small, ordinary moments with my Grandma, of which I remember just very little, I didn't think much of them at the time. With those people I've lost who did leave chatlogs, they have been helpful at times.
I find it also can be very insightful to be able to drop into ten-years-ago me's life, just to find how much I've changed in some respects – or how little. It's a great source of self-reflection for me.
If keeping chat logs is something you personally don't value, that's great, you do you. But keep in mind that people are wildly different and lots will have needs, preferences and principles that are the opposite of yours, and just as valid.
Exactly. Keeping message history is a liability. There is no need to keep all old messages beyond one week. If there is something specific worth saving, there are apps for taking/pasting notes.
I can think of many reasons full message history is valuable.
- a friend says something that you don’t realise is important until months later and need to reference
- a friend or partner dies and you wish to revisit old times by reading your messages
- a couple wish to nostalgically re-read random conversations from their early time together
- a group chat for work or students shares valuable resources that you wish to reference, but is impractical to make copies of the dozens of messages
- legal reasons if somebody accused you of saying or doing something you did not do
- you’re going to an address (for example) that somebody sent you a week prior, but you forgot to save it
People are forgetful, people are emotional and nostalgic, and people are argumentative. All very good reasons for a chat history. Disappearing messages are simply always opt-in precisely because most people do not want it.
I'm sympathetic to all of these, but I do remind myself that sentimental reasoning is probably as close to diametrically opposed to Signal's goals as you could be.
Well for example here Whatsapp is the main communication medium with your landlord. It's useful to keep that full communication history in case any disagreement comes up.
Doesn't Signal already have backup? IIRC, when enabled it once per day saves all messages (encrypted with a backup key, which you have to write down somewhere) to /sdcard/Signal, and you can then use Syncthing or something similar to copy it to a new phone. If you put that /sdcard/Signal folder there before starting Signal for the first time, it'll ask to restore from that backup. WhatsApp has an identical local backup and restore flow (except that it gets the backup key from their servers, instead of requiring you to write it down).
It's a backup which demands that you WRITE down a very long numeric code, then manually copy files off and then hope your family doesn't lose all of it.
It's a horrible user hostile process which isn't even implemented for iOS.
To be fair (to iOS users, not to Signal), the device transfer procedure on Android is somewhat more cumbersome as a result.
iOS gets the smooth new device-to-device direct transfer of the backup while Android users need to copy the encrypted blob (~2GB for me) to the new device and enter the encryption key. Admittedly, it does still allow for more flexibility than on iOS.
It is nice that the iOS version has that, but it a major pain say, if you are asked to reset your phone and restore from backup.
The recent issue with the Apple Watch not syncing health data meant that to get anywhere I had to wipe my phone, I had no where to transfer my Signal data too, thus - all gone.
It's not ideal when dealing with members of your family who really don't want to lose data, and is probably one of the few things that stops me in my own situation going over.
I do understand that in some cases this is actually a feature too, so I am not discounting it - just in my case this specific reason makes it really hard to justify a move over.
Just annoying that there isn't really a viable alternative anywhere at the moment :(
If iOS had that same option of a encrypted blob option then that would have solved my issue with the phone restore!
The lack of options to backup and restore from Android to iPhone was extremely frustrating. I convinced my mother to use Signal as her default SMS app on Android, and when I bought her an iPhone, all her SMSs were lost (except to open up the old device). Not the worst problem in the world, but it leaves a very nasty taste.
Never mind that transitioning between iPhones (we almost bought her a new phone this year) has the same problem. That this is not supported invalidates Signal as a replacement for SMS or Whatsapp for many many non-technical users.
For this and a few other problems I ran into with Signal early in its lifespan -- problems that burned not just me but people I persuaded to adopt it -- I'll never put my neck out for this software again.
Reliability and a lack of surprises are the absolute most important features for the 21st century extension of the good ol' Plain Old Telephone Service, and it's sad and frustrating that anyone delivered chat software without getting that first.
I'd at least settle for having the messages sync properly between my devices. When I used Signal ~1 year ago on Linux desktop and Android phone, if I had it open on my mobile I would get the messages there, and then if I later opened the desktop client I didn't get the same messages there. Sometimes I purposefully move from phone to desktop because _typing on a small touchscreen sucks_ and I want to type on a keyboard. But fragmenting the message history just ruined usability for me. Hopefully it is better now.
Agreed. I don't understand why iCloud backup is not a thing. When I broke my phone and needed a replacement, I lost all my groups.
It's not even the message history I care about. It's the fact that people sent me texts in the group while having no idea I was no longer receiving them. If there was a way to back up just the group memberships, that would be great.
It won’t be baffling but appalling to see how the Signal team (moxie in particular) have responded to requests for a backup and restore feature. They’re user hostile and prefer to do things their way. On iOS, Signal has always prohibited its data from being backed up with iTunes (doesn’t matter whether your iTunes backup is encrypted and protected by a password or not). Even now there’s only a recent “transfer data” feature from one phone to another in real time.
Putting aside the complaints people have that this feature was flakey and didn't really work, this one use case isn't sufficient, as I usually switch to a new phone because my old one was destroyed... and I imagine this is the only reason people poorer than me get a new phone. Users need the ability to do non-transfer backups (which it sounds like this feature doesn't support).
The reality is that my iTunes (encrypted) backup should include my chat message history. That the Signal client on iOS (and maybe even on Android, as while it has backup I think it is a bespoke backup) has decided that somehow Signal chat message history isn't something one can backup at all (much less do using the user's standard backup and restore process) is kind of ridiculous.
I dont use Signal myself so I’m not inclined to put in the work for that but just wanted to point out that given what you said and the fact that Signal is open source [0] it should then be possible to figure out how they do transfers and adapt that code in order to sync data from Signal on iOS onto your computer. Unless it ties into some feature of iOS itself that provides data transfer between phones in which case it will be more difficult to work out.
I also use Signal but the thing that kills me about it is the lack of RCS support. I love everything on the Signal side but there just is not a realistic way to get people to migrate to it unless they can seamlessly transfer over from Google Messages or the other OEM message apps.
Yeah I just looked into switching to Signal away from WhatsApp after the recent data sharing announcement - but not being able to export/archive messages is a dealbreaking misfeature.
I will not enter important data into any system that I cannot get it out of.
The issue with Signal that annoys me most is the complete lack of any meaningful backup/export on iOS. I lost my entire chat history when I got a new phone because their bizarre "proximity based" solution failed.
Really, this. And this is the problem that I have also with WhatsApp: i lost all my messages when transitioning between Android to iOS since the backup of Android (that is just a dump of the database) is not compatible to the one of iOS.
At the other side there is Telegram, where the conversation are saved on the cloud, which is great, but everyone can delete or edit a message even years after it was sent! And thus even on Telegram you need backups (with is inconvenient, but can be avoided with a script that exports all your conversation scheduled to run every once in a while)
I would actually use Signal (or whatever other application) if they would have a simple way to export and also import messages. Best thing would obviously be to make a standard interoperable, at least shared by open source applications, like is done with the mailbox format for emails, so you can take your chat, export them, and import them on another system if you want to migrate from one to another.
For me, they literally mean "history". Some conversation with a friend who passed away, chats with an ex-lover, remembering school years, tons of memories. I believe at this point those messages are an important part of my past.
In other words, if I had a chance to record, search and navigate through real life conversations, I would have done that too; it is way better to have records than to try to remember things.
I totally understand what you mean and I also frequently look up older conversations to enjoy again the in-jokes, banter and actually useful information of my chats.
However to avoid 1) having to manually delete things and 2) accumulating hundreds of megabytes of messages and 3) to not be swamped by months and years of "can you call?", "alright, see you later" and other ultimately meaningless stuff, I have conversations in Signal with my frequent interlocutors set to expire after a month.
To save things, I currently simply screenshot the relevant parts of the conversation or forward them to my "Notes to myself" thingy for later. It's a bit manual, but at least it's simple to remember: what I don't actively save disappears. Screenshots leave out audio messages and gifs (to a certain extend) but it is at least something. (And I just realised that with Signal it's actually possible to download individual audio messages and video so that a later reconstitution is possible if tedious.)
However, what would be great is to indeed have a way to backup messages including stickers, audio, videos etc. in a more high-fidelity way to relive important converations.
Personally all I want is a way to save specific messages. Like my friend recently sent me a recipe. That's nice to save. Everything else I'm fine cutting off at like 500 messages or something. I guess a lot of this saving doesn't bother me because back in the T9ing days you couldn't save many messages and no one batted an eye. I'm surprised at the major paradigm shift, but also most communication happens through text now which is also interesting.
I vouched for your comment, because your experience is still a valid data point.
As a counter to that, I lost a close friend to suicide. It was really good to be able to reflect back on the conversations we had and relive the lighter moments we shared together. I agree that dwelling on those things can be unhealthy, but they can also be a valuable part of the healing process.
I went through the same in my 20s, grieved and moved on.
For what ever reason, reconnecting to it just makes me mad and depressed now. He’s not dealing with environmental collapse, political unrest, economic inequality, racism...
I find leaning into my anger over reality now leads me to be more productive than ennui over people no longer around to concern themselves with those issues.
Great for you. I happen to have spent my life talking to people using messaging apps instead of email, including business contacts and family. If you think your email is somehow valuable and my instant messaging logs aren't, that feels quite a bit insulting.
They're different mediums with different expectations of ephemerality. Chat history sits somewhere between speaking IRL and sending letters (but to be clear, is not a simple combination; it's its own thing) and nobody burns their letters when they move to a new house.
People do burn their letters for valid reasons (or use more naturally ephemeral media like phone calls, talking IRL, or Signal's disappearing messages) but those reasons are orthogonal to moving house or getting a new phone.
In any case, if people want to save chat history, the appropriate response is to support that requirement rather than to tell users that no, we've decided that they actually do not want to do that.
... particularly given that Signal does have this feature--maybe not as smooth or easy as it should be, but still totally functional--on Android; so it isn't even a consistent argument that "we've decided they actually do not want to do that"!
>nobody burns their letters when they move to a new house
Actually that's usually when I finally make the effort to burn old mail that I can't just throw away. (insurance payment paperwork, credit card bills, etc)
I just never delete messages. Chat histories are an integral part of my past, and my past is what makes me, me.
That said, I deleted my WhatsApp account today just because some organizations assumed that this was an acceptable and convenient way of reaching me if I gave them my phone number. Didn't use it much anyway.
That is a liability. Imagine if every word you have ever uttered to anyone is permanently recorded and can be used against you any time in the future, forever.
Some people use chat software for more than just chitchatting and want the history as a memory.
This is the reason why mattermost exists - the devs lost their chat history of some enterprise solution and thought: never again. So they created mattermost.
This. Signal devs should understand that different people have different use cases as well as different tolerances for (theoretical) secrecy/privacy. Some convos/groups are worth keeping history for, others probably not. Signal does not have anyway to know which so should let the user decide and allow for an easy(ier) backup/restore option.
You imply that they don't understand this. Are you sure this is the case? It could be that their priorities are simply elsewhere. Things will take time, even with funding because any crypto/security mistake will be so incredibly more damaging for them than for any other software shop. This goes especially for conversation backups.
I see it like more like email history (I don't really delete emails either) -- if someone sent me something, I like to be able to reference it later. It's not something I do super often, but it's nice to be able to do.
Do you take photos and keep those around or you just don’t use cameras? If you do preserve photos, why? Before cameras were invented, most people (who couldn’t paint or pay a painter) had experiences and events only in their memories. You could follow that for photos and videos too. Or get a camera that shows the photo you took for a few seconds and then erase it permanently.
I’m not trolling either. The point is not whether you value something to look back on in the future or not. It’s that a lot of people value that and would use a service that aligns with those needs. Chats can also have photos and videos that someone else shared. It’s not easy or clear to many people that they should save or offload those from an (unreliable) chat app if they want to look back at those later.
Serious question, really? Like when you're just having beers with your friends? Why? Does it make your friends feel uncomfortable? What's the benefit to you?
I mean work/project meetings, not "social gatherings". Essentially, when an encounter serves more that just a social purpose and information is shared, I either want a record of that meeting (information) to be kept or for that meeting not to take place at all if there is nothing noteworthy (again, does not apply to meetings that have a predominantly social function).
I believe it's because they are not stored on a server. They only disappear if you delete all the messages. I suppose it could keep an index of groups locally to the phone though.
From time to time, I stumble across some old message; typically an email, photo, chat or even a physical object, and I'm profoundly reminded of some part of my past I had completely forgotten about.
People I have lived with, adventures I've been on, jobs I've done, projects I've engaged with, academic papers I'm an author on, and especially special moments and times with loved ones. Intimate conversations. Photos with great stories behind them.
Bear in mind also that some special photos, long personal messages and even videos and voice recordings only exist in chat platforms these days. Although I find it is mainly text that has the most profound triggering of memories.
I can't make a long enough list of the kinds of things I don't realise are in my memory until it's jogged, and I can't emphasise enough how rich the tapestry of past life parts seems to be.
I simply forget how rich my life has been. How much I've done with other people (despite the fact I don't spend much time with people). How many places I've been, how many wonderful people I've been with.
When reminded, by accident, it's an amazing feeling, like having a whole past self come to life for a few minutes.
I'm, like, "wow, I'd completely forgotten", and enjoying the full VR-in-my-head experience while myriad connections are activated.
It's an immensely touching and pleasurable thing to have things like that brought back, and it's completely different from ordinary remembering. It's much more vivid, accompanied by wow feelings, and just does not happen with ordinary recall.
In an interesting comparison to day to day thinking, it tends to be very consistently good feeling too. Most things day to day feel like a grind. There are many awful past experiences. But the kinds of memory activation I'm talking about tend to be associated with immensely positive, glad feelings - it's as if those feelings need years to pass and change to happen to "brew" into something that is felt in a different way.
Dwelling in the past excessively is unhealthy. But occasionally stumbling across something that awakens a completely forgotten and yet cherished long-lost memory-network is like getting to know myself, who I am now and who I was then, and be amazed at how much larger my life has been than I normally think of it day to day, no matter what I'm doing each day.
It only happens about twice a year I guess, if that. When it does I'm also reminded how much larger must the set of other things be that are not being remembered, that would completely and vividly transform my view of my life, and feelings about my life, if they were to be activated. I feel a sense of awe to recognise that my perception of myself in the present is, in some sense, tiny, blinkered and mundane compared to my actual real life, and not at all representative of the fullness of who I am, have been, and therefore will probably be in future.
I'm trying to say that, for me, some kinds of accidentally prompted memory-networks are incredibly valuable for obtaining perspective on life; my life, and life of people in general.
For me that helps me to connect better to people here and now, and I think it makes me a better person to others, in the now, to be reminded of such things.
Their solution (as documented here: https://support.signal.org/hc/en-us/articles/360007059752-Ba...) requires that you place the devices "nearby" and wait for them to detect one another. For whatever reason, neither phone ever "saw" the other one (despite them being on the same network and physically next to one another). I tried this about 10 times before I finally gave up. (iPhone SE / iPhone 12 Pro)
What made it more irritating was that you only get one "phone detection" attempt per account transfer process, and you're rate-limited on the server side, so I got soft-banned for 24 hours after several attempts.
Yeah, bummer. There were some iOS 14 changes that made this stop working as reliably, which was unfortunately right around the time people were getting new devices. It should be better now, and we're working on more stuff in this area.
With respect, as I otherwise feel you’ve made an amazing app on Android and iOS, why do you allow local backups to internal storage on Android but not iOS?
Enabling a backup on iOS, even if buried in advanced settings, that lets me export an encrypted .zip (for example, similar to Android) to my internal storage via the Files app would be tremendous. As it stands, I lost a very large amount of message history when an old iPhone broke.
I totally understand your reasons for not enabling iCloud backup, but why not a local encrypted backup via the Files app, just like Android?
Even if you feel this goes against your ethos, though I do not understand why that would only apply to iOS, it would be far better to go through a few warning messages and back up my messages than to lose years of conversations with a friend or partner who passed away. There’s hundreds upon hundreds of anecdotal stories where people value this or were burned by Signal on iOS, so clearly it is important to a large part of your existing and also potential userbase.
Have you contacted their support? I did, and they informed me they'd fixed the bug in the app update that was published the next day. It might have been a coincidence, but at the very least they were responsive and knowledgeable.
(I had the same issue migrating from an iPhone SE to an iPhone 12 mini.)
There definitely isn't an App Store rule against making your content backup-able: almost all other apps--and notably WhatsApp--have support for this in some way (if not the standard way). (If anything, I am surprised that Apple doesn't make "backup and restore via at least an iTunes encrypted backup correctly replicates your data" a requirement, given how it hurts their ability to sell new phones and undermines their own work making this seamless.)
From what I've read on the forums, by the developers, is that the backup and restore process on Android has been a technical nightmare for them and it's fragile as it is. I presume that since they have limited resources they can only put so much effort into adding the feature to iOS (and improving it on Android) and have been concentrating on improved groups, group calling, Desktop calling, user name support, etc.
Yes, I'll just backup our chat and send it over to the HK police.
At worst a backup from Signal should only be your messages and at best it should not exist. Signal is designed for secure communication not archiving communications you wish to be secure. If you want a texting app try Telegram or something more focused on user experience vs secure communication.
A lot has changed since 2014, and this might actually be possible now. It could be tough to do this right and figure out what to do with the edge cases like importing a WA conversation that overlaps with an existing Signal conversation, or handling things like quoted replies, but this could be a fun project if anyone here wants to take a shot at coding it up.
Are these things so important that we should give up the easier maintainability (and potentially, security) that comes from centralization and the standardization of user clients? I absolutely think projects like Matrix are worthwhile, but it seems foolish to me to argue that there are no benefits that come from doing things the way Signal does. Besides, as sexy as decentralization is, in the wild it is not really practiced. Mastodon is decentralized, but last I heard ~50% of users were on 3 nodes [0]. I'm assuming it's a similar situation for Matrix.
In my opinion an ideal position is somewhere between the two extremes - promote the use of a single official client and server and let 99% of users use just that, but allow the development of alternatives for those that want them.
There are more possible stances than just "we disallow third party clients" and "we strongly encourage third party clients".
Federation is not an extreme, it’s the only choice sustainable in the long term. Where will Signal get money to support, say, 1 billion people? It’s just another walled garden. Telegram is already starting to show ads for this reason.
Note that the plan for Matrix is to implement support for full decentralisation by bundling a lightweight server with a client. A longer term plan is to also decouple accounts from servers, so that you can migrate an account to a different server even after creation.
Both of these will probably have a further decentralising effect.
Why does Signal require a phone number, after all these years? It's a gigantic red flag that they unnecessarily require a tie-in to the primary governmental communication surveillance system. I've seen multiple attempted explanations, but nothing convincing.
I think it’s for contact discovery. I agree that it would be better to have it not be tied to another system. However, sharing your new ID is a source of friction for messaging apps and everyone wants to grow their app as quickly as possible.
This is blowing up quite big now and I have managed to shift a lot of my friends to Signal now, I wonder if WhatsApp will go back on its decision.
As we stand now even Signal is not safe because of the business model.
I wonder what's the model on messaging apps that will work. I don't want the OS creators to own the messaging platforms as well by virtue of subsidising it through OS/hardware.
Moving a few close friends to another app is easy. Moving acquaintances, people you just met, businesses, organizations, etc. is another thing entirely.
"As we stand now even Signal is not safe because of the business model."
?
Ok, good, but you do realize that this is the most existential concern of them all?
Why does FB so aggressively pursue personal data?
For advertising. Because 'that's the business model'.
Do you think that any entity would be in that position if say, people were willing to actually pay $3/month for what seems to be very obviously a highly useful service?
Maybe, but probably not.
If people would pay for value, there at least would be considerably less incentive to have personal data.
People seem to be willing to pay Apple and AT&T through the nose, oddly, not for those creating the services themselves.
But that is the thing. WhatsApp used to be a payed app, and the promise was that they would never sell our use your data for adds. Then they sold to Facebook and broke that promise. I used to pay for WhatsApp because I believed them then. And it got big because of many people did that too. That is the thing that I found the most insulting about WhatsApp now.
"Then they sold to Facebook and broke that promise."
This is really a false narrative.
The 'sell out' was the 'sale to Facebook'.
A business is not really going to necessarily keep that kind of promise, they are going to do what's best for them - that's why they made the acquisition.
This idea that the WA founders could somehow hold Zuck to that 'promise' is fantasty. They are not naive, they knew what they were doing.
Not only did they know there was nothing they could do otherwise, but that there would be an existential pull from FB to push for data sharing that would be unavoidable.
The 'moral high ground' that the founders tried to take in public is really kind of despicable, because they knew exactly the cards in play when they sold.
If the 'promise' was to do with branding, or something secondary, but fine. But you don't sell drugs to a drug dealer with the promise that the dealer won't deal drugs.
Anyhow, we are where we are. People should fork over $1 month for chat. It would make a big difference.
You seem to be contradicting yourself - that is was never a good idea to believe their promise and pay for their chat service, but that also this problem would be solved if everyone paid for a chat service.
Right but WhatsApp was a paid app. There is no reason to believe that paid apps are ideal for privacy - WhatsApp is the perfect counterexample. So we need a different solution, or direct payment at leasts needs to be one part of a larger solution.
Spending the weekend building Signal for iOS so I can try to dump message contents before I send an iPhone in to Apple. Just astounding that there is deliberately no way to backup messages (which has be available on Android for some time). Definite love-hate relationship with users, which I fully reciprocate.
So great job getting WhatsApp import working. But too bad you can't export anything from Signal. Dark patterns ahoy.
It is cool that this exists, but losing WhatsApp chat history is common enough (changing from Android to iOS, failing to keep backup up to date then buying new phone, losing, having it stolen, etc) that I don’t think it is a relevant barrier for changing apps.
I seriously can't understand why a billion dollar company with hundreds of engineers can't and won't prioritize the abilitynto seamlessly transfer messages cross-OS. Its been years since the need for such a "feature", when it shouldn't even be a "feature" in the first place, it should be baked in!
But it works, surprisingly! I paid $30 for it quite hesitantly but was impressed when it could actually do what is says. Makes me think why there isn't an open-source program that does this - using something proprietary is always... shady. Lack of incentive I guess.
I agree. It should not be that seamless since it needs explicit consent to break end-to-end encryption. But to force you to use iCloud or Google Drive for backup is weird. They should have a proprietary format and hosting for it.
Not being funny, but when Signal gets enough users, what’s stopping them relenting on their promises of privacy and punting the company to Facebook just like what happened with WhatsApp? It would almost be a good business plan.
It's really annoying that WhatsApp chat export isn't available in Germany. I used to export my chats as backup and for creating fun stats for group chats with friends, but that feature got removed about a year ago.
I haven't found a way to circumvent this restriction. There were some tricks like installing a modified Russion WhatsApp APK but that risk didn't seem worth it.
It was just the last 10k lines right? That used to just be a few months of backup chats with my girlfriend. I'd have to have made about 20 different backups (and somehow time them right) over time and pieced them together to get a full picture. And then it'd still be text-only.
Was there any reason provided for the removal? I think it should in fact be essential in EU where they must follow. GDPR regulations and allow users to export their data easily.
"For example, there was a dispute about whether Whatsapp uses a technology that Blackberry holds a patent on when sending a chat history to a third party via email."
I always wondered about that. If a closed source app keeps my data in their silo, but I own the hardware their software runs on, I can't do anything with GDPR? Aren't they the controller if they run the software?
That's also my "HO" but I was more wondering how to interpret this from a legal perspective. I've read large parts of the GDPR law but don't (at least off the top of my head) remember anything that would say either way.
I believe users should demand the old payment option back from Whatsapp where they can pay for the service if they don't want their data to be used. Obviously users aren't entitled to a service free of charge.
in addition, even though the wikipedia has been operating with donations but would it also be a sustainable way to run a chat service too?
I want more features but first I donated. Also they are struggling with the sudden spike so their costs must be climbing. I couldn't add an attachment last night but they managed to fix it later.
I haven't used Signal before but this and the discussion on GitHub issues reminded me about a toy project that contains a WhatsApp chat to JSON/CSV "converter/exporter" that someone may find mildly interesting:
My issue with Signal is inability to send SMS to short codes (premium/service codes). There is a very old issue [1] which was closed by an automated cleanup bot. Every other SMS app can send SMS to short codes, Signal cannot.
I have a UI issue with signal, but other than that I think the app is rock solid. I openly write and send passwords and credit card numbers to my wife from time to time.
The interface can look better, and it would be great if it can automatically backup all messages and media to the cloud and encrypt it. There is also this annoying "verify pin" popup that shows up once in a while.
So a new privacy app called The Social App (Social) entered the domain for privacy apps and they actually allow you to directly import your WhatsApp chat into their military grade encryption backed by Virgil Security (www.thesocialapp.net). Would this help @_l4jh
Are any of the other third party apps worth looking at? I'm thinking specifically of Threema which I have but haven't really ever used since nobody else I know is using it.
That's funny. People use Whatsapp because outside US and Asia is the worldwide de facto standard for messaging. The new TOS does not state that Whatsapp is going to read your messages, actually even the non-techo-savvy population in Europe knows that Whatsapp uses end-to-end encryption (they just know that "it cannot be intercepted"), so they use it for good reasons, and will continue to do so, because 99% of people don't give a shit about Facebook sealing your profile image and list of contacts or stuff like that. So it's not going to happen that there is a mass move outside of Whatsapp anytime soon. I also find very curious that people are concerned with that, but not with the fact that Facebook and Twitter can decide who can talk and who not, to te extend that one person can be the president of US but not writing his thoughts on social networks. You will hardly find somebody more against Trump than me, but that's not the point, the point is that is a lot more concerning that social network owners can decide what "free speech" is.
My dude, the new TOS stipulate that "you grant WhatsApp a royalty-free, transferable license to use, reproduce and derive works from data you upload, send, ..."[0], which makes no sense at all if WhatsApp/Facebook did not have a way to decrypt the things people send via WhatsApp.
I think that the TOS is just terribly written and opaque, and that in the next weeks we will receive clarifications about the fact messages are protected. Otherwise if it will be the case that FB can read messages, the matter will be very different and I will agree on the switch. But so far to imply this looks far fetched.
Even without that, all the metadata which is now shared with FB and 𝙲̶𝚊̶𝚖̶𝚋̶𝚛̶𝚒̶𝚍̶𝚐̶𝚎̶ ̶𝙰̶𝚗̶𝚊̶𝚕̶𝚢̶𝚝̶𝚒̶𝚌̶𝚊̶ Friends is as sensitive as the actual transferred data. Contact lists and phone numbers are going to be correlated to Facebook profiles, messaging patterns mined, etc.
It's about time people rise up and oppose this exploitation.
Personally, I want to see more people using Matrix because it solves that exact problem, but before that can happen I think we need a really, really good, easy to use client for it that's less like a Slack/Discord clone and more similar to something like FB Messenger, WhatsApp, Signal, Etc.
Regarding your other point, while you are theoretically right that this is a dangerous precedent.
But I think this week's events were extraordinary. At the end of the day humans are running these platforms and it becomes very hard to ignore developments like these. As much as I love free speech we have seen throughout the world that there is a real human cost to not censoring these things.
I agree that it was extraordinary and extremely worrying, but:
+ Trump is not running out of channels to speak, just who supports him will believe he is censored and will develop a deeper attachment to him. Democracy works when you are able to understand somebody is fool even if you can read what they write.
+ Twitter censored his tweets partially even before what happened recently. When he claimed he didn't lost elections.
+ This time we believe it was acceptable because our political views here in HN, mostly are aligned with the ones of folks running social platforms. Next time it may be different.
> This time we believe it was acceptable because our political views here in HN, mostly are aligned with the ones of folks running social platform
There's different types of acceptable that get confused (for some people they may be equivalent, but the problem is that they fail to recognize that for other people they are distinct, and also that they fail to realize that making them equivalent is the essence of totalitarian control), specifically:
“Is it right that the private actor makes this decision?”
vs.
“Is it right that the private actor is free to make this decision?”
Twitter has made several curation decisions I thought were not acceptable in the first sense, because my political views are not aligned with Twitter's, such as deciding to lift the rules applicable to most participants from those that met a new leadership position test in response to widespread complaints about Trump’s routine violations early in its term.
But I don't find those decisions unacceptable in the second sense because I believe in freedom.of speech and the press, which exactly means that Twitter ought to be free to decide on what content it will carry, including whether and how to take the social position of the source of the content into account.
> Trump is not running out of channels to speak, just who supports him will believe he is censored and will develop a deeper attachment to him. Democracy works when you are able to understand somebody is fool even if you can read what they write.
Yeah, but what we have seen in social media is that the discourse gets polarized. Everyone hangs around in groups/channels/subreddits/blogs that are of the side they identify with. They are echo chambers which shape their own reality in many ways. So people often tend to believe one version of the events. Over the years we have seen fractures between ideologies grow deeper. So, I am not sure if this strategy works.
> This time we believe it was acceptable because our political views here in HN, mostly are aligned with the ones of folks running social platforms. Next time it may be different.
Completely agree on this. It is definitely dangerous.
> So it's not going to happen that there is a mass move outside of Whatsapp anytime soon.
I (sadly) agree with you on this. (Ciao Salvatore)
I'm surprised you're being downvoted, is it possibly because of the reference to the current POTUS being "silenced" on Twitter (despite you later state that you're anti-Trump)?
Anyway, I believe you're incorrect on your stance on the new TOS, but I'm studying it more now because I am also a bit confused and I've read conflicting interpretations.
Edit: part of the confusion might stem from the fact that TOS in Europe do not include the data-sharing part with Facebook, which is instead included elsewhere [0]
(HN user antirez is based in Europe, not in the US)
I was sure I was going to get downvoted (but that's not a problem, the interesting part is why). The fact is that here in HN there is a large group of people that think in a pragmatic way like "Trump is doing an incredible danger, it must be stopped", without giving the right weight to the other components of the issue, that is how important is that social medias are so neutral to even allow to say terrible things. American left-wing is very different than EU left-wing I identify with, and this causes a cultural mismatch that results in the downvotes.
About the TOS, to say the final word is impossible because the TOS is written in a very obscure way. But I don't believe they will, at the same time, keep implementing end-to-end encryption and, at the same time, have a TOS that states they can read your messages. Reading your messages would be completely unacceptable: then yes many would switch. IMHO it's just that lawyers tend to fail big time at their work, and that this will get clarified soon.
However I really, really hope they can work on a good backup and restore process as losing my message history because I have to reinstall the app on my desktop[1] or have to reset my phone is a horrible experience.
Just build an encrypted blob and zip it up and pop it on my iCloud or Google Drive or leave it local and let me deal with it but I need something. As my Signal use moves from just messages with friends and family to business contacts I need a reliable way to backup my messages!
[1] I should state I mean losing the desktop copy as it starts "fresh" and does not import any messages from the phone.
Edit: I should probably clarify I am talking about the iOS/macOS applications as these are what I use. iOS does have a migration feature but that doesn't help if your phone is lost/damaged. I need a proper backup and restore process as well as the ability to import messages from the phone to the desktop app.