I know you are not being facetious. My problem is random Joe on the street sees it as a bug. He really does care more about actually being able to talk with his wife than Signal’s mathematically correct principles. He needs it to be reliable first, secure second.

> He needs it to be reliable first, secure second.

Than he should use something else. I need signal to be secure first, second and third and reliable in edge cases like this a distant number.

Perhaps it’s a marketing problem, then. Signal is marketed as a secure and full-featured alternative to things like WhatsApp and iMessage. Most people start reading that sentence after the word “secure”, and then are surprised and disappointed when a device replacement loses all their history.

I think it would be better if Signal more loudly communicated the drawbacks of its encryption approach up-front, warning away casual users before they get a nasty surprise after storing a lot of important data in Signal.

I’ve heard Signal lovers say the opposite—that getting burned with data loss is somehow educational for or deserved by casual users—and I think that’s asinine and misguided. It’s the equivalent of someone saying “ha! See? You were trading away privacy for convenience and relying on service-provider-readable message history as a record all along, don’t you feel dumb?”, to which most users’ will respond “no, now that you’ve explained the tradeoffs…that is exactly how I want it to work; you can use Signal, but I want iMessage”.

It shouldn’t take data loss to make that understood.

Or compare the nasty surprises lurking in Whatsapp.

We'll see it intentionally backdoored this decade. Signal can afford to, eg, tell the UK or EU to go fuck themselves. Meta won't.

You've been downvoted, but I think that's a fair take. There will always be tension between security and usability; it's difficult (impossible?) to do the absolute best in both metrics.

Signal's development team can decide that they prioritize security over usability to whatever degree they like, and that's their prerogative. That may result in fewer users, and a less than stellar reputation in the usability space, but that's up to them. And if we (the unpaying user base) don't like it, we are free to use something else that better meets our needs.

Maybe an answer is to have a control for each message that you can set to plain text or encrypted based on a cloud backed up key of encrypted based on a key only on this device. The you could message "hi mum, running late" without complications while being able to hard encrypt when you want?

Signal is already complication free (at least until your phone falls in a lake) making the control useless.

(And you probably don't need to worry about losing the 'running late' message in the lake... The need for good encryption and reliable backup on any given message is likely somewhat correlated.)

Yeah, but if use proton for everything else and signal only for my secret world domination plans, traffic analysis will be so much easier…

Congrats on not being one of the people concerned about being targeted by their government, now or in the future.

Hundreds of millions are not so lucky.

(i am a security person who prioritizes security over usability but) you missed the point a bit. If a privacy program is used only by people that have something to hide it turns into a smoking gun. If you care about being targeted by government you should really hope regular people use signal a lot, because government absolutely has (or can procure) a list of people that use signal.

Bro, my mom uses signal with her friends and she's like almost 70. Signal works well enough.

GP here. I agree. I should’ve stated that I don’t like losing chat history and have seen that as a problem with Signal.

I have edited my previous comment to reflect that I don’t like losing chat history.

My company recently really cut back on slack retention. At first I was frustrated, but we all quickly got over it and work carried on getting done at the same pace as before and nothing really got impacted like many of us imagined it might.

That bears little resemblance to the Signal concerns. The reason people are worried about losing their personal messages is not lost productivity.

It's also not even really the same situation. A more apt analogy would be, if switching work laptops sometimes meant you could no longer read any Slack history.

It's fine until you need evidence someone agreed to something months ago but all records have been deleted.

Yeah, mail is the primary source of this.

Once communication with my customers moved to teams. I've had a very hard time to find historical agreements and decisions.

I try very hard to create a robust system for ADR logging now. And not just for system architecture. But for all decisions and agreements in my projects and across changes.

Methinks the better solution here is to get better friends?

Well I don't think most people choose who they work with. Even if you like your team a lot, you might have a discussion with someone from another team or division, and that's where it's useful to have a good chat history haha.

Doesn't really work in an org with 100s of people and where emails are automatically deleted after 6 months.

I expect that some types of people (in middle management, especially) may see the lack of this as a good thing.

A certain type of person sees this as a feature, not a bug.

I'd hate this, slack is an extension of my memory and it being long lived and searchable can be a super power - you don't have to remember all the details of everything, just enough of the who, what, when to find the rest.

Signal has a backup service in beta, that you can use right now.