Hacker News new | ask | show | jobs
by Zamicol 654 days ago
Signal's larger problem is the lack of a web client.

Telegram (like everyone else) has a great, responsive web client.

What's even more frustrating is that Signals desktop app is just an electron app, meaning it's generally designed for the browser.
2 comments
siva7 654 days ago
Signals problem is they are too extreme on the security aspect neglecting everything else but a messaging app is much more than one feature to be considered a serious alternative for the masses. It hasn't even solved backup of your chats as a basic feature because it's not important to their developers but a non-negotiable feature for the majority of chat app users.
link
shric 654 days ago
Strange, I've been using Signal for years and its backup feature works just fine:

1. Enable backups. 2. Point it at a folder on your phone which gets synchronized somewhere 3. Note the 30 digit passphrase in your password manager.

https://support.signal.org/hc/en-us/articles/360007059752-Ba...

Have had no issue restoring to replacement phones.

link
siva7 654 days ago
That may be true for Android devices but not for Mac and iphone. I checked a week ago when i wanted to give signal another chance after years but it's utter lack of a convenient backup and restore functionality drove me once again away. This means if you loose or damage your phone or macbook all chat history is forever lost. That may be convenient if you're the ceo of amazon but not for normal people.
link
honestjohn 654 days ago
The worst thing for me was that app versions expire pretty frequently with no warning, then you just stop getting notifications. Which is extra annoying cause I'm only on it for some bar trivia group that totally doesn't need e2ee (or even e).

Also, Facebook Messenger recently added e2ee, which made it glitchier, fussier, and not really any more secure given that the key is a short numeric code.

link
aaomidi 654 days ago
Yep this is a huge issue on iOS.

Here’s a couple of solutions, Signal:

1. Generate a long paper key that can be stored in a password manager. Use iCloud to store an encrypted backup.

2. iCloud now has optional e2ee. Let me just say my threat model trusts that e2ee and use iCloud directly.

link
hex-m 654 days ago
Web-apps in the browser can't be used for encryption because in that model the server is always trusted to send whatever code it wants. That defeats the point of end-to-end encryption. That's why Mailvelope is a browser add-on and webmail clients don't just embed openPGP.js. This way they can create releases of the crypto-code and distribute them over trustworthy channels.

If Isolated Web Apps (IWAs) take off, it may become an option.

link