[UncleMeat]

Configurable security posture is the sort of thing that got RSA into trouble. For the huge majority of users, opinionated security is a much better approach, even ignoring the maintenance problems of having special features.

The temporary access threat model is a common criticism that people use, but it is largely incoherent. Once you are making human judgements like "enough time to transfer a signal account but not enough time to install a rootkit" things quickly break down into meaninglessness.

[mindslight]

I don't really like trusted computing, but it is part of the mobile security model. There's a distinction between Signal deliberately facilitating extraction of the keys, and having to break a device's security to do so.