HN Distilled

Essential insights from Hacker News discussions

Signal Secure Backups

Original Article

Hacker News Discussion

Here's a summary of the themes from the Hacker News discussion about Signal backups:

Need for Robust and Flexible Backup Solutions

A primary theme is the strong desire for more effective and user-friendly ways to back up Signal messages, particularly addressing limitations in current methods, especially for iOS users.

  • "I've been using Nextcloud for my backups for the past couple years." - jp191919
  • "What I miss with most messenger apps: Archiving old stuff and offload it to a remote device." - sir_brickalot
  • "My only concern reading this is that I hope they don't remove the manual export feature once this is rolled out. I know that that feature has been technically complicated to support, but it's important for users to preserve the option to maintain control over their backups, if they want to manage backups themselves, alongside the option of having a more convenient, automated approach." - codethief
  • "The biggest drawback of Signal is the fact that you could not do a backup on iOS and you would lose everything in case your device dies." - jwr
  • "I have good news for you: this already exists. On Android: Settings >> Data and Storage >> Manage Storage >> Review Storage" - chimeracoder (referring to media management, but hints at existing, albeit limited, solutions)

Platform Inconsistencies (iOS vs. Android)

There's significant discussion and frustration regarding the historical disparity in backup capabilities between Android and iOS, with many users expressing relief that this gap is being addressed.

  • "The state of affairs in iOS vs Android of the past feature and the next one. Details of all the kind are missing. WTF." - antirez
  • "Backing up Signal on Android for free and offline was ~always possible. The app creates a multi GB backup file on the phone memory under the Signal folder that you can just copy out and back on a new phone." - poisonborz
  • "Android has had backups for a long time, just locally. iOS users have been SOL if anything goes wrong with the transfer and sync on your new phone, you're screwed." - joshjob42
  • "seriously, why is the migration protocol completely different on the two platforms?" - amluto
  • "Because they don't want to make jumping to the competitor too easy." - antris (speculating on the reason for platform differences)

Security Implications and Trade-offs

A prominent discussion point revolves around the security of the new backup feature, particularly concerning forward secrecy and the potential for weakening Signal's core cryptographic principles. Users debate whether the convenience of backups outweighs these concerns.

  • "Signal is known for its cutting-edge cryptographic protocol, but this feature has the effect of throwing that out the window and replacing it with a single static key." - elvisloops
  • "They’re calling it "secure backups," but in truth it appears to reduce security" - elvisloops
  • "You can’t have forward secrecy for something you want to keep for an indefinite interval. How many Signal users actually achieve forward secrecy anyway? They tend to want to keep their old messages available to them." - upofadown
  • "It's opt in. And again exfiltrating the backup key is as easy as exfiltrating your messages from your device." - maqp
  • "But this new thing is all cross-platform, and in the near future we'll even be making our local backups cross-platform." - greysonp (Signal dev, highlighting new cross-platform capabilities)
  • "Part of the code the wrote to prevent backups in question: [...]" - Y-bar (linking to a GitHub commit, suggesting deliberate blocking of iOS backups)

User Control and Future Features

Users are looking for granular control over their backups, including the ability to choose storage locations, understand the backup format, and manage storage efficiently. The discussion also touches on future plans for more flexible backup options.

  • "Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices." - Signal's blog/announcement (referenced by multiple users)
  • "Will there also be official documentation on the backup format, potentially even official tooling like signalbackup-tools[0] to access/parse backups offline?" - codethief
  • "It would be really useful to have more client-side control over media storage. That way, I could better manage storage growth without wiping entire threads." - georgeck
  • "Please add some way to send it over FTP/FTPS/SFTP/SCP/WebDav/SMB/whatever so I can automatically backup to my own server that isn't on my phone." - john01dav
  • "They are committed to offering BYO storage as the feature matures" - dcow (referencing Signal's plans)

Device Linking and Unlinking Policies

A related concern is Signal's policy regarding device unlinking, particularly the 30-day limit on linked devices. Users question if the new backup system could alleviate these limitations.

  • "Are they still refusing to do anything about their painful 30 day device unlinking policy?" - rconti
  • "Device queues need to expire at some point. At that point you aren’t “linked” anymore. What do you want them to do instead?" - ectospheno
  • "Without backups it makes sense to have a limit, like you said (though I join the person you replied to in wishing there was an option for it yo be more than 30 days), but their point is that once backups contain more than the last 30 days of messages that reason is no longer a blocker." - swores

Usability and Funding for Signal

The introduction of a paid tier for enhanced backup features is discussed, with some users viewing it as a necessary step for Signal's sustainability, while others express reservations about the imposed restrictions or the model.

  • "Feels like a really good way to finally get Signal to start working towards sustainability." - jemiluv8
  • "The new offering is reasonably priced imo." - growse
  • "The messages are mine, not theirs, and yet they refuse to allow me to handle them how I deem fit." - vigilans
  • "I don't know what you do for a living but it's very common when writing and releasing software to do it in phases. Earlier phases have a restricted feature set and feedback from the field/customers/users experiencing earlier phases informs choices in later phases." - teiferer (responding to criticism of phased rollouts)