[Accacin]

All the hating on Signal but for me it's the best and fits my threat model. I live in the UK and by all accounts I'm pretty unremarkable - I want privacy but not overly worried about anonymity, I also wanted something that I could persuade family and friends to use.

Signal works perfectly in my use case, my friends and family happily switched over to it where when I tried to help my parents set up Matrix it was super verbose and required them to remember long passwords, etc. (of course they shoul dbe using a password manager, but one step at a time!).

[noja]

Signal is great until your family member's phone breaks, and you have to explain to them that their messages are gone forever. Allow us to choose to enable backups, Signal!

[esteth]

PLease no. If someone compromises one of the contacts in a large chat group's google password or whatnot, they now have the entire message and media history from me to the chat group? This is exactly why iMessage is so useless for security - one compromise on one person's apple ID and all their groups have all their messages compromised going forward.

[_8j50]

That works the same for signal as well, if a person's phone is compromised they have all their chat. What are you talking about? Even signal folks repeatedly have iterated they don't protect messages when a device is compromised.

[noja]

Disappearing messages are what you want here.

I expect it would be easier to compromise a group member's phone than someone's Google account.

[Nitrolo]

I have backups enabled actually. Sure, it's a pain to manage compared to WhatsApp, as you have to manually download it off your phone, but Signal has an option for automatic daily backups.

They are encrypted with a key you have to note down somewhere though, so if you don't prepare for it the messages are, in fact, gone forever.

[_8j50]

Your backups are useless if you want to use a different platform they support. You have to use android or iphone for life. And you can't use them on desktop without a mobile app and you can't have multiple sessions and you have to use your phone number. Right... very private.

[noja]

Manual backups are no backup.

[arcbyte]

I've restored Signal backups before. It was trivial and fast.

[_8j50]

Signal has made the choice that their users will not be people like you or your family. No automatic backups or recovery or migration capability. They also dropped sms support. They are better than telegram for sure. I recommend using an apple device and imessage for the average person who just wants private communication and isn't concerned about targeted nation state attacks and the like. On android, session might be ok but I wouldn't know, for security I don't see what signal has that they don't and you don't need google play services to use them but i have no idea if they are even unfriendlier than signal. There are other apps that use the underlying crypyo signal uses, so it really is a feature comparison.

I regret getting friends and family to use signal.