I've had an issue with my phone for the past few months that could be solved by erasing it and restoring from backup, but I use Signal a bunch and I'm not currently feeling risky or motivated enough to migrate my whole Signal state to a spare phone and do it.
Lack of backups is not a retention/deletion policy. Signal chats can, in fact, have a deletion policy set. Instead it directly ties retention to "how long can I last without losing or erasing my phone", which is not a useful proxy.
Anyone sufficiently motivated to keep messages forever can (a) set up the desktop client and back up its data store or (b) set up signal-cli and save everything that comes out of it.
No backups doesn't defeat this, it just makes life harder for everyone who relies on scrollback. Imagine if email worked this way.
Indeed they do, as I just learned today. That really doesn't make any sense then – I vaguely remember Moxie stating that the lack of backups was intentional, but now having them on Android but not iOS makes no sense at all.
Signal does have backups, it just refuses to reveal anything about them. Fortunately thanks to reverse engineering efforts you can now do pretty much whatever you want with them: https://github.com/bepaald/signalbackup-tools
That's essentially an Android system backup, i.e. a disk dump of the app data folder, right?
Almost nobody uses these in practice, so I think my point largely still stands.
I'm pretty sure that, given their stance on this issue on iOS, they'd start locally encrypting the message database using a key stored in the Android Keystore system (which won't be backed up or extracted).
No as in, this is not the Android backup system, but rather something custom-built by Signal? If so, how do I enable this on my phone, and what's that passphrase the tool alludes to? I don't see an option to set one in the Android app.
Yes it's custom-built by Signal. I thought it was enabled by default — I don't remember ever turning it on — but it might not be. Here is how to do it:
> Your backup folder is listed under Signal Settings profile_avatar.png > Chats > Chat backups > Backup folder. Use the files app or plug your phone into a computer to go to the folder.
> For older versions of Signal, the backup file signal-year-month-date-time.backup can be found at /Internal Storage/Signal/Backups or /sdcard/Signal/Backups
Maybe they should add good backup encryption then lest people decide they don’t want to use Signal because it doesn’t have this feature and end up with weak/no backup encryption.
I'm pretty sure they would, if they could think of a good way. Usable, yet secure backup encryption is so far an unsolved problem, as far as I can tell.
The two options, roughly speaking, are: Force users to store some high-entropy passphrase (which most users will then store somewhere not very secure), or let them pick their own passphrase (which won't be very good). This is what WhatsApp does.
A third one would be to allow a short passphrase and guard that by a server-side HSM or maybe SGX, which Signal seems to be somewhat fond of; I'm glad they're not doing that.
I believe weak/no backup encryption to be the primary attack vector against otherwise well-designed e2ee messengers.