[tprynn]

Signal could add app-level encryption, but who would this serve? Signal can't do anything better than what the OS/hardware provides in terms of encryption. Even if they let you specify your own signal-specific password/encryption key:

* Non-technical users either won't use it, or will use a weak key

* Technical users are better served by making sure their device is secure and hard-locked with a strong passcode (tip: 5 presses of the lock button on iPhone wipes in-memory encryption keys, essentially exiting "AFU mode")

[kuyan]

> (tip: 5 presses of the lock button on iPhone wipes in-memory encryption keys, essentially exiting "AFU mode")

Is this the same thing as holding down the lock button and one of the volume buttons on one of the newer iPhones? I'm referring to this doc: https://support.apple.com/en-us/HT208076

[tprynn]

Yes, it's basically a side effect of activating Emergency SOS. The five-press shortcut works on all iPhones as far as I'm aware. As the doc says:

"If you use the Emergency SOS shortcut, you need to enter your passcode to re-enable Touch ID, even if you don't complete a call to emergency services. "

[codetrotter]

I have an iPhone X and I have it set to not use FaceID for unlocking the phone itself.

But I temporarily enabled it now to test. Maybe I am pressing the power button wrong but rapidly pressing it five times does not prevent it from allowing FaceID to unlock the phone. Whereas power plus volume up button does indeed.

Btw, when I normally have FaceID disabled from unlocking the phone, does it wipe in-memory encryption keys when locked with a single touch to the power button or not? I was assuming that it did, but I realized now that this assumption might not be correct.