Consensus - WTF?
For my friendship groups, the worst thing by far about keybase is that it was acquired by Zoom.
> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.
Personally I'd be most worried with the last part of that.
Being a purely communications application, governments (and their organisations) who want to interfere with it, regulate it, and track usage are clearly trying to interfere with/track speech.
They can block it, they can regulate it, but it's clear that it's about speech. There's still the issues around "Terrorists/Pedos might be using it", but so far that hasn't been hugely successful, at least to date.
With Signal adding cryptocurrency, well, now there's territory that governments can clearly stand on and say "No no, we're not trying to monitor/track/regulate speech... we just want to know that it's not being used to fund terrorists".
Australia, like the US and other countries, requires notification on large value transactions, or transactions that add up to a certain amount.
The Australian Tax Office treats cryptocurrency differently than cash, so you need to report your transactions and information on who the other party was.
Those are all things where Signal can be required to start reporting these things, and where Governments can start to impose regulation.
Sure, maybe Signal gives the Australian and US Governments a middle finger and says "We don't know, and we're not going to add capability to track it".
Non compliance will then result in Signal's application being removed from the appstore/google play store, and now your userbase drops to folks who can install an APK or like rooting iPhones. Effectively killing the utility of the network.
This is right on the back of Signal actually starting to gain popularity and having a chance of actually being able to use it to contact folks I know who I didn't directly tell to go install it.
The wallet is just one of many parts of keybases focus thrashing.
2) Convert to BTC and spend
3) Buy a gift card directly with the xlm
4) Send to someone's bank account in Brazil, Nigeria, Europe, Argentina. Normally using stellarterm or lobstr or solar wallet.
5) Setup AchorUSD wallet, convert to USD and get 10% interest
You could get an account on an exchange, send the XLM there and then withdraw it to your bank account.
Pre-mined altcoin scams have been around so long that everyone in the crypto world knows to avoid them. Building up a dedicated following of people using an encrypted messenger app was a genius way of submarining a pre-mined crypto scam into an unsuspecting userbase.
I suspect a lot of us are going back to all of the people we recommended Signal to and revising our recommendations to avoid the cryptocurrency portion of the app.
These take minutes to send (very stressful!) preventing a nice venmo-like experience. They also pollute the planet
MobileCoin is a farcical alternative to Monero, where a few “trusted” corporate nodes are run and 80% of the coin is premined.
What takes a maximum of 2 minutes on monero is waiting for your received balance to become available.
Those cryptocurrencies have a large energy consumption. I assume that part of the reason to go with MobileCoin is because it's less power hungry.
Unless the idea is that by using another coin, they don't add to the security requirements. That's a dubious line of thinking.
MobileCoin isn't a PoW coin.
Signal has always been a decent privacy/convenience tradeoff and MobileCoin is no different. Features like phone numbers and contact uploading were always a user friendly tradeoff. They also seem to trust SGX.
Monero's isn't slow by any means but isn't fast either. UI changes can alleviate the issue but being unable to spend your entire balance until the next block is a step back in UX.
ZCash's lack of privacy by default doesn't fit with Signal's E2E by default ethos.
Using most privacy coins on a mobile device with limited storage is a privacy tradeoff no matter how you cut it.
The reality is that integrating a cryptocurrency for payments into Signal was probably the actual misstep rather than their selection of which token to use.
What they've done is essentially take Monero as a base, remove mining and use Stellar Consensus then solve any new privacy issues that arise.
All that things are not necessary, they could create a separate app "Signal Pay" and everybody who wants it can use that.
It made no sense to implement everything in one app.
WeChat would disagree .
There is definitely a place for payments in a social app. Combine that with potential for increased user adoption because of that ("please download signal so I can pay you easily") and I don't see this as inherently bad. But they should have used a reputable coin instead of some scammy pyramid token.
Not in a country that has free, (de facto) instant bank transfers (Faster Payments).
If the problem there is that you need someone's bank details and not just their phone number, there's Barclays' Pingit.
What exactly is the rationale that makes payments within a chat app 'inferior' or 'unneeded' just because there are separate services available (e.g. Barclays' Pingit)?
if anything this is a progressive move that fits perfectly with their mission.
Having said that they should have used bitcoin or monero
And if the crypto features stays in there it will become another avenue for pump-and-dump schemes, so I can no longer recommend it to people without looking like a crypto hustler.
Lots of people pretty readily made the choice to move from WhatsApp to Signal when the benefits became clear. There's nothing stopping anyone from forking the client/server and running their own network - if there are meaningful benefits to end users of the fork, there should be no problem picking up traction.
I feel sad that you're apparently so angry about a piece of software.
> Nothing stops you from forking the network, except for the fact that none of the users come along. Signal holds its users hostage. I call that being an asshole.
The users have the choice to use it or not. If you build an alternative and noone uses it, it's not better. Like I said, more than a few people happily wandered over to signal from WhatsApp. Weren't those users "held hostage" by Facebook in the same way?
> Calling it open source and saying "anyone can fork it!", then suing anyone who dares mention the word Signal in their documentation? I call that being an asshole.
Who did he sue?
1. Anger from purists who care about the fact it's not decentralised, and that Moxie runs the show, and that it uses phone numbers etc etc...
2. Indifference from those who have never heard of it
3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Whatsapp exists
My worry is that group 1) try and ruin it for the rest of us.
Signal is literally the only product I can get my family to use which provides E2E messaging and prevents mass surveillance. But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.
I am in group 4. I didn’t care that Moxie calls the shots and requires a phone number. And I was thrilled to have a secure communication app, from when Signal was TextSecure. I hate this to the point that I’m dropping Signal.
The only reason to choose MobileCoin is Moxie’s personal affiliation to it. Meanwhile, this integration massively increases Signal’s regulatory cross section.
Most Americans strongly support free speech. That support doesn’t exist for dark money transactions. If the CFTC or New York DFS wanted to open a money laundering investigation into Signal, using the full AML/ATF toolkit in the process, there isn’t a great argument anymore for why they can’t or shouldn’t. Same for the Secret Service or FBI. Moxie just sold out Signal’s First Amendment credentials.
Id argue he just created a new front:
freedom of association.
I still think you are right with your concerns.
You say he sold out credentials. I would say he bravely staked out a new claim.
Culturally, sure. Legally, Signal becomes open season for law enforcement the moment this feature is implemented. And there will be zero law protecting them or any data they may have retained, properly or improperly, on their users. Given the MobileCoin's venality, I doubt they'll get public sympathy.
I think the other thing is that it's just a complete misread of how normal people even think about crypto. Literally every "normie" I know who has interest in cryptocurrency, even if they tow the line and say that "crypto is the future of money" or whatever, treat it entirely as a speculative asset when it comes down to it and that's what their usage of it revolves around. It's a thing they put $5 and that $5 becomes $10 later on and now they have $10. Sending it to other people is literally the last thing they want to do. As far as they're concerned, it's the exact same way the stock market works, only faster. None of them care about deflation or border politics or monetary privacy or whatever; it's practically just a way of flipping a bullshit asset into fiat cash, which is what matters. If they want to give people or their drug dealer money in a way that isn't on the record, they don't pull out their instant messenger and say "Let's use a blockchain to preserve our privacy during this transaction", they "pull cash from an ATM and do it in the bathroom of a bar" or whatever. They arrange this over SMS, probably, or maybe Signal already if you're lucky.
Finally there's people like me, people who neither care that Signal is non-federated and don't care that it uses phone numbers, but who just think the cure is worse than the disease here. I'm not even talking about the politics of money exchange or privacy or anything; I just literally mean cryptocurrency invites fraudsters and scammers and all kinds of bullshit along with it, that ends up causing external harm to people. I don't want Signal to expend resources on this stuff because even if it aligns with their goals on paper or is something their competitors might do, I literally think it's turf they shouldn't be on because fundamentally the people who play that game have other goals in mind.
All of those require doxxing yourself to the vendor, submitting to financial (suspicionless) mass surveillance systems, and can be trivially censored without any burden of proof or even probable cause to suspect wrongdoing by the entire machinery of the state. We saw this when Visa and Mastercard and PayPal willingly shut down donations to Wikileaks simply because the state asked - no legal compulsion was even necessary.
I hold US citizenship and don't use any of the aforementioned services for those reasons. I don't like providing identity information to services where I don't have to, because I value my privacy: same reason I use Signal, same reason I pay in cash.
Cryptocurrencies are censorship resistant and are open to use by everyone with an internet connection, just like Signal.
There is a huge benefit to the service provider not having your identity or being able to see the contents of your messages: to the user, to the service provider, and to society.
Anyway, it’s best to treat them like trolls: just ignore them. Upvote anything that renders in gray and isn’t violating site guidelines. I’ve found my best comments tend to wildly oscillate around zero for a while, then end up slightly positive. :-)
Rubber hoses are a thing.
Don't forget Zelle, which is similar to Venmo but is already built into the apps and websites of a large number of US banks. It's owned indirectly by Bank of America, BB&T, Capital One, JPMorgan Chase, PNC Bank, U.S. Bank, and Wells Fargo. Other major banks, including Chase and Citi, also include it.
That means that a very large number of Americans can do quick and easy US to US payments by phone number of email just using their normal banking apps and sites.
WhatsApp doesn't include payment mechanism in many markets, why is Signal trying to waste developer resources on unwanted features?
We've seen the failure of Telegram's ICO. The rise of spam accounts with Keybase's Stellar "space drops". FB's failed attempts at digital currency.
But what irks me the most is that the Github repo for their server was outdated for an entire year. They pushed up their commits around the time of this press release, likely to keep the integration of this cryptocoin a secret.
Edit: Yep, went through the commit history, and the very next commit on April 22nd, 2020 is when Signal first began working on crypto payments.
Therefore I'd argue that this specific feature can hardly be seen as waiting for a global rollout.
It's standing on the shoulders of UPI in India. Do they also plan to bring India's UPI to rest of the world?
Maybe you should be worried Moxie is ruining it for the rest of us? After spending the better part of the last decade telling us how all you care about is giving end-users easy to consume privacy - adding a payment option that will make you and your buddy rich isn't a great look. Hard to take the rest of what you say seriously when you sell out in this fashion.
In any case, rest assured that as a "purist" who argues against Signal's centralization, you shouldn't worry about us in the group 1. We are not going to ruin anything "for the rest of you". Signal will do it themselves.
We are vocal and "angry" because history has shown time and time again that systems that centralize power end up corrupt and self-destruct. The "purists" are only warning you about it. Blaming "us" about it feels a little bit too much like Stockholm's Syndrome.
This is thrown around a lot but I have difficulties to see how a wallet for an obscure alt coin might be in any way comparable to your standard payment app for the currency used in your region.
It's not that I can use it to pay in a shop (like I can with Google Pay) or on a website (like with PayPal). ... I can't even repay my friends for paying the round in a bar because it would mean their money is suddenly entangled in this obscure and completely novel network. The money wouldn't end up in their bank account and they could even suffer unpredictable losses.
I therefore think this argument is flawed. There's no upside next to the four payment apps I already have installed and none of my friends would prefer a messenger because it merged with a payment app for an almost unheard cryptocurrency. I would bet my social circle isn't a grave exception in this regard.
However the two main competitors to Signal (Telegram and Whatsapp imo) do have a payment mechanism.
As a user (regular or a business owner for example) you can use solutions like https://ecommpay.com/products/telegram-payments/ to receive payments
A payment mechanism just isn't a core chat application feature.
It was true in the past, but is no longer true today.
That's just how it winds up working there.
Does Signal also need a music streaming integration? Restaurant listings? A torrent client?
What it needs is not reaching feature-parity (although that will appeal to the mass, can't blame the), but to keep privacy as the central feature of the platform, and always move toward improving that feature.
And yes, the fact that Signal uses a phone number as the main identifier is a problem regarding privacy. And they did update their Signal-Server repo, but it took a while before it was and that's likely because they were trying to finalize that cryptocurrency feature before announcing it, but an apparent lack of transparency can lower the user-base's trust toward the platform.
A chain is only as strong as its weakest link. What if you somehow got malware on your device? That's all your Signal privacy out the window. Some phones are stuck on older versions and can't update to mitigate against so called 'zero click' attacks or attacks that require user action like clicking on a link sent via SMS which then spawns a malicious payload that's executed in the default browser. Malware on phones is rampant. It's not just 'spouseware' being installed behind your back or high-profile people being targeted. Millions of devices (billions even?) en masse are getting compromised with malware.
If anybody tried to onboard me on the basis of a 'payment mechanism' feature -- the answer will be a flat out no, as most of the payment flow in my professional and personal life does not involve a messaging platform, in order to achieve that objective.
I have Coinbase/Binance for crypto. Revolut/Transferwise to cover micropayments, foreign transactions, currency exchange etc., same with PayPal albeit a higher threshold. Monzo for cloudnative/FinTech banking. I have personal accounts with two out of four traditional banks, and a business account with another. I use Google Pay and Apple Pay, interchangeably.
(What in my impression is the best case scenario, because when I've read about it I could only think about it bringing fraud and extortion into the users.)
It's still not possible to italicize text using any of their clients. The desktop app feels rough compared to Telegram's -- try reducing the size of the messages preview column. Which group of users was actively requesting MobileCoin support?
Signal just added a bunch of crowbars to the people who want to crack it open. Money laundering and tax evasion are seen seriously and there's generally more people doing it than, for example, planning terrorism.
You can call me a purist if you like, but every single project starts failing when it becomes too big, unless it's decentralized. You simply cannot afford to serve millions of users without a profit. Telegram now has to include ads.
They have found investors and have enough cash on hand for quite a while.
1. Anger from purists who care about the fact it's fragmented, and that a lot of users will use matrix.org anyway, and that they think Signal has better UX
3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Discord exists
However Signal does provide secure e2e encryption which prevents mass surveillance.
Anyways, my trust in Signal seems to be monotonically decreasing over time. Such is how it works, unfortunately.
Any system that has not reached the point that the bits and pieces are controlled by different entities should be considered just a technology demonstration. Signal has never even been close to "the best app we have out there".
Telegram failed with the TON project, trying to mix oil with water, in their attempt at cryptofying their platform. Signal should focus on solidifying their lead, and provide core messaging features with robust privacy, instead of a scattergun approach. Elsewhere, WhatsApp is already attempting to make a come-back with new cross-platform/multi device features, to eat away at all the gains.
Imagine having 5 different email providers, GMail, Hotmail, etc... that didn't talk to each other.
This current situations is dumb.
Criticizing the trash(?)coin - and then criticing signal by association - muddies the discussion just like implementing payments in a (seemingly?) private communication tool muddies the mission of signal.
Personally I think of transfer of value as important as transfer of speech/information so, it makes sense for signal (or other messengers) to want to include it. But associating themselves with a new project that has had little scrutiny seems to be a mistake because:
- people question if this new product won't negatively degrade the privacy assurances that signal has had so far
- people will associate plenty of previous cryptoscams to this new effort
This whole crypto coin focus, the BS about the server code and the total inability to address criticism or be transparent about development made me lose hope in the project.
As well as secure chat already needing much of the same key management infrastructure that cryptocurrencies need, it also hooks you into social networks - so you could have key recovery schemes where you trust a number of friends to hold portions of your backup keys (somewhat like what you probably do with your real life house keys).
Trust, money and communication are all network phenomena, and using the same fabric for them all makes a lot of sense.
The reason is pretty clear. Transactions require two parties to both be using the app. If you spin out a separate app, then most people won't have it installed nor be able to use it, and therefore won't be able to transact with it. This leads to a chicken and egg problem: if no one is using the app, then there's no point downloading and becoming familiar with it. By integrating with an existing, popular app in an adjacent space (messaging apps traditionally enable payments as well), they avoid this bootstrapping problem.
That said, it seems quite dumb to pick a premined currency to enable all this. That will inevitably raise questions about who stands to gain from the success of the system. Someone should come up with a way to make cryptocurrencies that are worthless for speculators, and only good for paying for things. Then, any new crypto project would have an easy way to avoid accusations of being a pump-and-dump.
Huge fork in 10... 9... 8...
(And let's be honest, if XMPP and the A3-sized spreadsheet you need for to pick a client based on XEP support is anything to go by, this is not undue concern.)
Oh and i need a secure key for my car.
If you had time, i need password manager within my messenger too.
A secure todo list would be great.
Not everything you can include into ONE app should be included.
Yeah, except that pesky server, right.
Experience is below signal, but decent.
It could also be, that Signal is trying to turn their app into a platform, like WeChat.
Crypto makes this story much, much worse for very little gain.
2. How does using a Cryptocurrency connected to Signal ensure greater confidence that you are transacting with the correct person than using Venmo connected to PayPal?
I would hope Signal's implementation makes it so you don't have to worry about volatility or exchanges.
2. This assumes you and your friend are both communicating with each other via Signal.
I use it, seems like an e2ee and uncluttered messaging app that just works.
> uncluttered messaging app that just works.
Cryptocurrency turns it into a cluttered messaging app, one that gives hackers extra financial incentives to compromise it.
They could also have just have added a payment API and let anyone develop against that.
Without it I would have actually needed to actually read the article before forming my opinion, but now I can go into it with the right mindset, or even better skip straight to the comment section already enraged. Thanks!
Please note that I am complaining about the headline baiting. While I believe that crypto is the future I agree with the sentiment that the way Signal went and did it was poorly handled at best and shady at worst.
MobileCoin is not a "real", decentralized cryptocurrency like Bitcoin.
All of the initial supply is owned by the MobileCoin foundation and all TX fees go to them. Without this partnership nobody would've cared besides a few speculators.
Still, I cannot believe the lack of vision of the founder of Signal Marlinspike. Now Signal will be soon banned. Already democracies were looking for "legit" ways to ban e2ee, but hey they did not even foresee that their best allies would be the app developpers themselves. They don't need anymore to search, they will just have to ban Signal for whatever tax evasion, criminal payments, human exploitation rings, etc. that occur through its blockchain.
I might be able to put off installing the paypal app forever.
Sounds to me like you used a specific piece of PGP software you didn't like or understand.
How can you folks care so much about your privacy, but absolutely refuse to understand the tools you are provided that ensure your privacy? You're never going to get it if you demand it be provided in a blackbox app you don't have to think about.
ProtonMail uses the PGP standard. Its UI is simple and easy. There's still one issue: You're trusting someone else to do your encryption for you.
And yes it's great that some tools manage to hide PGP, it's not easy to do.
The problem, maybe it's not us, maybe it's PGP?
Don't get me wrong. PGP is great as a simple standardized cryptography protocol intended for messaging. It should be used just for the standardization. The cryptography of encrypted messaging is an easy problem and has been well solved. We need to move on to the problem of how to explain it to the rest of the world well enough so they can use it.
Hounding someone with quotes from a previous thread is particularly not ok. As the site guidelines say: Have curious conversation; don't cross-examine. Those sets are disjoint.
Please don't do the "shame on you" thing either—it's against both the letter and spirit of the guidelines. We're trying to avoid the online callout/shaming culture here: https://hn.algolia.com/?sort=byDate&type=comment&dateRange=a...
Because I like matrix?
I scarcely used it in the past year. And I haven't really used Element at all. ...what's wrong with considering doing so?
But this... this is a horrible idea.
As digital currencies are just digital speech, seems that Schneier has muddied communication vs communication. Although I would have chosen a different cryptocurrency, I don't think they're doing any harm to themselves here.
At least be honest and just say that you disagree with cryptocurrencies, instead of dancing around it with other strange arguments / conspiracies about government attention.
Based on my personal experience, people who are serious about cryptography from a public-policy perspective are likely to have both of those opinions.
>  https://news.ycombinator.com/item?id=26715348
No you don't - no-one's forcing you to use it.
At the end of the day, you have to trust someone, whether it's a tech vendor, a software project lead, or even the person you're conversing with. What's important is that you get to continue to consciously exercise that choice.
I choose to use signal, and have no interest in this random crypto nonsense thingie, so I'll choose to not use that bit.
I was phrasing that unclear, I meant that you have to trust Intel if you use Mobilecoin.
> What's important is that you get to continue to consciously exercise that choice.
Why wouldn't you be able to exercise that choice?
Ah, fair. I think you could also argue that you have to trust Intel if you use Signal anyway.
> Why wouldn't you be able to exercise that choice?
I'm not saying you can't (unlike some), but I think it's worth underlining the point that "trusting nobody" is rarely, if ever an option. So in a world where you end up having to trust someone, being able to continuously exercise that is important.
> So in a world where you end up having to trust someone, being able to continuously exercise that is important.
Also agree here. I would prefer if you could minimize the number of actors you have to trust though.
Most crypto projects are a scam, but some are great. I do hold bitcoin since I started doing research on cryptocurrencies for my bachelor thesis on that topic back in 2013.
Adding cryptocurrency capabilities to Signal is a very bad idea for many reasons.
It has almost no practical value for users of Signal. Those who want to use a wallet for the currency of their choice can always download one and probably already did so. That's the superior solution because it's not just coin-agnostic, but promotes choice: if it's not a good wallet they can change the app without suffering though network effects, something they can't do with their messenger.
The regulatory environment for messaging is drastically different from the regulatory environment for cryptocurrencies. The latter is less consistent, less clear and still faces high regulatory risks in some markets. The first one has clear advocates and strong theoretical backing in all democracies while the second is still on very shaky grounds with varying degrees of good will in society. I have yet to read an argument why stretching one product to fit both environments might be a great idea, or even just a prudent choice of risk management.
It is hurting Signals reputation, which is Signals main selling point. For several reasons:
That direction surprised many people as Signal is far from a feature complete messenger. Almost everyone agrees that there is real work to do regarding, for example, multi-device support, history portability or the decoupling of phone number and identity. A wallet for an almost unheard cryptocurrency might feel random to many, given the many features users are still waiting for.
Another reason for why this feature is hurting Signals reputation is that cryptocurrencies, just as you said in your comment, are controversial for many. Some projects are more, others are less controversial and MobileCoin - for now - seems to be in the more suspicious camp.
It's generally, in branding, not a winning strategy to tie your good brands to your bad brands. You would want to keep them neatly separated until they are both successful just so that you can drop your less successful brands without putting your winners at risk. ... and you would do that despite believing in the success of all your projects.
We need to fight against the idea that private payments are any less moral than private conversations.
We also need to actively reject the status quo in the USA of a complete and total lack of financial privacy. OF COURSE something that brings real privacy to payments is going to be a target for busybody financial regulators, just as the first widespread e2e-encrypted messenger was (iMessage, now backdoored for the FBI).
Cryptocurrencies at their core are speech, not property, so it makes perfect sense to enable use of them via a private communications tool.
For most people, it does. I hold political free speech protections as sacrosanct. I do not have the same view towards dark money.
Putting my views and morality aside, the law treats commercial and non-commercial speech differently. Integrating payments lets the government subpoena records (and more) under AML/ATF law. Those laws are powerful and broadly supported.
Totally separately, if we take the position that money is speech, then fine. Why the hell not make a one-click “send wallet address” option for a variety of coins?
What makes you make that assumption? They have a perfectly good e2e messaging channel to use; the only party seeing the payment address would be the one paying.
So in reality for most people crypto remains perfectly tracable for all time to their identities. But then again, no one uses crypto as a peer to peer currency anyways...
Words are not taxed.
Disagree, but upvoting because clearly articulated.
If money is private and money is speech, then taxes aren’t tenable. Would you agree?
This is documented plainly on Apple's iCloud security overview page. The list of things that are end-to-end encrypted is listed. iCloud Backup is not in it. It's on by default on all iOS devices.
Apple was to fix this by end to end encrypting iCloud device backups, and (I understand) even had an implementation, but stopped its deployment on request of the FBI to preserve access to phone contents (including iMessage/SMS history).
I appreciate that a lot of people--maybe most or even "almost all" people!--use iCloud Backup, but semantics matter as you present it as if iMessage is insecure, when not only the "real" but the only issue is iCloud Backups (which we should be making sure people don't use, with targeted education campaigns, as it isn't like using Signal could ever solve this issue for all of the other personal data the user had).
If you want to make this kind of argument, you need to be doing it from a place of being more informed; like, you could be trying to poke at how the protocol had a weakness--found by pod2g's team--with respect to Apple's ability to inject new keys for existing chat participants, an issue I am not sure they fixed (or even could fix, as it is arguably a UI security problem... but maybe they did, as I don't always follow the blow-by-blow); but this indirect argument you make is FUD.
Technically not, but in practice it is for the most users.
(Conversations are backed up twice: once by each party.)
You'd need everyone you talk to to also disable iCloud Backup. This is pretty unlikely.
Easier to just use Signal, where the chat history isn't included in the device backups at all.
What if iCloud Backup started including in the backup a snapshot of device RAM? I think we are splitting hairs here.
The desire of users for message history in backups is entirely orthogonal to whether or not iCloud Backup is a cryptographic backdoor, in the traditional "plaintext escrow" sense. Indeed, the FBI would not have torpedoed Apple's e2e encrypted device backup system if not.
Really it boils down to the fact that it's on by default and the users were never asked to consent to their full chat history being transmitted to Apple effectively in the clear. I imagine most users are unaware of the fact that the FBI has warrantless access to every iMessage they have ever sent or received.
By your reasoning, would "iOS is insecure" be an accurate statement?
That's an interesting take. Assuming you're American, maybe you could challenge this in court? Maybe Congress will have an epiphany - all this time they've been regulating inter-state commerce, but it's been inter-state speech the whole time. To resolve this contradiction in the Constitution, they'll likely just disband the Federal Government, ushering in a libertarian utopia.
Go for it! We're rooting for you!