[DavidSJ]

Sorry, how is this any safer for the journalist? If their phone is compromised in a way such that someone can login and control their Signal app, their chat logs are already compromised. I’m just saying there should be the ability to export those logs once you’ve logged in.

But if they don’t want to provide that, then:

1) Why does the Android app support this?

2) They should warn users of this BEFORE holding their data hostage, and not market Signal like it’s the right solution for everyone.

[bhtru]

Wouldn't it be more damaging if the authorities are able to sync and recover the chat logs (they had time wipe the logs)?

If they are able to take the journalist's sim card which is linked to their Signal account and then are able to recover the chat logs the journalist would be done for.

Of course the supposed journalist we're speaking of is already in a bad spot if they're interred. However, they might have plausible deniability with respect to their phone if there's no compromising chat logs to recover.

To your point about exporting, it would be nice. Ultimately, why can't we have both worlds by way of toggling the function?

[DavidSJ]

I’m certainly not proposing that access to your SIM card should allow authorities to sync your messages! They should be stored encrypted on-device, and only exportable if you have login access to that device.

If authorities do acquire login access to the device, they can scroll through your chats and make screenshots, with or without an export feature. It’s true that exports make it slightly more convenient for them, but if you’re a serious target they’ll do it the hard way.

If Signal wants to provide some opt-in to disable exports, which can’t be retroactively reversed for old chats (otherwise it’s pointless), I have no problem with that. But if you’re worried about authorities with login access to your device, you shouldn’t be storing logs at all.