Mastodawn

Getting a new phone for the holidays doesn’t mean giving up Signal message history. Restore old messages on a new phone using Signal Secure Backups or device-to-device transfer.

https://support.signal.org/hc/en-us/articles/10074659364122-Backups-and-Device-Transfers-on-Signal

Backups and Device Transfers on Signal

Signal offers several secure options for backing up or transferring your messages, depending on your device and situation. Signal Secure Backups are an optional, secure backup solution that store y...

Signal Support

Show thread

Light Dec 23

@signalapp
You should officially support third-party clients for greater decentralisation and so that it's easier for them to support all features including Signal Secure Backups.

Show thread

Marco Dec 23

@light @signalapp With third party clients you can't be sure that they are respecting your privacy. Imagine a third party client using google firebase notification system. Suddenly google has access to your messages, because the person you're messaging uses a different client.

Show thread

Light Dec 24

@marco
1) I use #Molly-FOSS, which does not have any Google code and supports UnifiedPush
2) Doesn't Signal use FCM?
3) If the Signal Foundation controls both the running and development of the only server and the development of the only client, then the system is no longer secure against the second party, which obviates the point of end-to-end encryption. Signal can backdoor the Signal app to access your messages, contrary to their claim that not even they can access your messages. @signalapp

Show thread

Marco

@light @toji You're right, Signal uses FCM which surprises me.
Since Signal is Open-Source, you could see if they tried to backdoor the app. Third party clients can still be malicious, since they have access to your unencrypted messages.