[HN Gopher] Signal Desktop is corrupting its database
___________________________________________________________________
Signal Desktop is corrupting its database
Author : miduil
Score : 244 points
Date : 2021-02-28 10:33 UTC (12 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| batterylow wrote:
| I've been using the iOS version on my M1 MacBook Air... it seems
| to use less memory, which is a benefit on my 8GB (base) model. I
| haven't done any tests though!
| 0x0 wrote:
| I thought sqlite was very resilient and have a hard time
| understanding how an sqlite file can be corrupted. Are they
| manipulating the sqlite file outside of sqlite APIs? Are they
| mixing up file descriptors and writing garbage into an sqlite
| handle?
| dssound wrote:
| I had issues with corruption during a Xamarin project - its
| easy to do with bad coding but if proper practices are made
| then it shouldn't occur much.
| primeos wrote:
| They encrypt the DB via SQLCipher:
| https://github.com/sqlcipher/sqlcipher
|
| Not sure how reliable and resilient SQLCipher is but that might
| (significantly?) increase the risk for a bug/corruption to
| occur. And the encryption certainly makes the analysis more
| difficult (while, at least on GNU/Linux, I don't see any
| advantage as the encryption key is stored unencrypted in
| ~/.config/Signal/config.json - not sure if other Desktop
| platforms support secure keystores like on Android and iOS). I
| briefly tried to analyze my corrupted DB but quickly gave up as
| I'm not familiar with SQLCipher and basically only got a
| generic "Error: file is not a database" error message when
| trying to decrypt it (and there's no plaintext header IIRC so
| it looks just like random data).
|
| I also had multiple backups of the SQLCipher DB that I could
| successfully access manually but I was unable to use them for
| Signal-Desktop (not sure if this was due to some other Electron
| DBs/state, the stateful Signal protocol, or something else -
| IIRC the only hint was the "Database startup error: Error:
| SQLITE_NOTADB: file is not a database" message that didn't
| really help much).
| RJIb8RBYxzAMX9u wrote:
| How does it differ from the 1st party encryption[0]? I
| couldn't find any comparison in SQLCipher's readme.
|
| [0] https://www.sqlite.org/see/doc/trunk/www/readme.wiki
| kbumsik wrote:
| The official SQLite Encryption Extension is not free (one-
| time $2000 + optional support) and do not allow re-
| distribute the source code.
|
| SQLCipher has open-source communitiy edition.
| dj_mc_merlin wrote:
| "How To Corrupt An SQLite Database File":
| https://www.sqlite.org/howtocorrupt.html
| appleflaxen wrote:
| the SQLite documentation is incredible. the dev team is so
| thoughtful and reflective, and shares not only the
| code/application, but their understanding.
|
| As popular as it is, it's still underrated.
| reidrac wrote:
| A few years ago I gave up on my own XMPP server and moved to
| Telegram because Signal wasn't ready.
|
| Recently I have moved to Signal because, after the WhatsApp
| opportunity, I had to move my non-tech savvy family members to
| something better, and I suspect Telegram isn't it (I can't
| understand how it is funded, it is too "magic").
|
| But it is rough, specially compared to Telegram.
|
| For example: there's no way I'll share my phone number to chat
| with strangers, whilst on Telegram I have an anonymous username I
| can use.
|
| But even forgetting about that, it is the small things, like it
| can't record and send a video (you can record it out of the app,
| and then send it from Signal; at least on Android), or the
| atrocious desktop app.
|
| I'm happy it exists and I'll stick with it because they're
| supposed to be "the good guys", but I'm hopping it improves
| before I have to admit it was a mistake and I should have trusted
| Telegram.
| johnchristopher wrote:
| Report suggest there's some beta/stable mismatching going on.
|
| While Signal's greatest strength is its privacy features I think
| that at some point they are going to have to meet their
| customers/prospects/users' other needs.
|
| The biggest one being the availability of chat history anywhere,
| anytime _at their own risk if needed_.
|
| We won't educate people to use messaging app in the way we want
| them to (for privacy sensible conversations only) because the
| vast majority don't use messaging app like that.
|
| It's either give up on that idea or heavily advertise that Signal
| is not a Whatsapp/Telegram/Viber/Messenger/Whatever replacement:
| it's a tool to use when you want to have private conversations.
|
| Maybe it'd be better to leave the Signal messaging app lives its
| life and allows a third party chat history viewer to emerge. You
| can already export your encrypted backup to a readable CSV file.
| https://github.com/xeals/signal-back edit: which obviously
| doesn't work with a corrupted database :p. Signal backup as a
| service startup ?
|
| Point in case: mom complained the other day that Signal Desktop
| took some time to launch because it was "syncing things". I told
| here that this syncing from her phone to the computer is the
| proof her messages only exist in the application. Desktop or
| smartphone, that's why it needs to sync, facebook and others
| don't work like that (I grossly simplified).
|
| note: Thread with comments like is how I remember HN is now a
| site with a huge audience.
| XorNot wrote:
| It seems weird to me that device-to-device message sync _isn
| 't_ implemented, since that can be done trivially and securely.
| When I link a new device, give me an option to say "push my
| message history to this device" and let that work P2P.
| robinson-wall wrote:
| It's particularly frustrating because the framework for this
| feature already exists - if you link a new phone it offers to
| sync your history to it.
| reader_mode wrote:
| I just use telegram - it has ptivate messages when I need them
| but it's a great chat app to begin with.
| matsemann wrote:
| I don't really need my messages persisted across devices in the
| cloud or when buying a new phone. Search on Facebook messenger
| for instance is broken so it's not like I can find anything
| ("what was the code to the gate?"), and I've never felt the
| need to scroll more than a few days back for other stuff.
|
| What I need is just to persist the groups, really. So I easily
| can continue chatting there and not hope someone else sends a
| message first.
| JohnJamesRambo wrote:
| Yes I like Signal just like it is. I like that it can only be
| installed on one phone. It feels safer that way.
| eptcyka wrote:
| I use software that works rather than one that feels like
| it works. And this doesn't.
| contactlight11 wrote:
| Well, the messages are not syncing from phone to desktop.
| They're syncing from the server to desktop. Need proof? Turn
| your phone off any access signal desktop. The messages exist in
| separate "mailboxes" on the server, one per linked device, and
| deliver independently. The timeout is 60 days if I recall
| correctly, for messages to be deleted from the server if they
| were not delivered to the client. Can't find the better source
| I know exists at this moment, see here for now:
| https://news.ycombinator.com/item?id=15596980
| meibo wrote:
| Signal Desktop is a travesty.
|
| Their design causes it to be incredibly slow, to miss messages,
| to have them arrive out of order - and that's not even
| acknowledging the usability downfalls.
|
| They really need to do better. I hope they can figure out some
| way to shift more resources to it, a good desktop client is
| essential to modern messengers.
| hashkb wrote:
| The "standard electron horror" is why I can't really commit to
| signal. None of the Good Guys have a good desktop messenger
| yet.
| MikusR wrote:
| Telegram has one.
| Asraelite wrote:
| Their desktop client really is excellent, but I'm guessing
| they don't count as one of the Good Guys.
| meibo wrote:
| You can make good Electron apps if you care enough.
|
| Electron is decidedly not why Signal Desktop is terrible,
| it's just a contributing factor.
| pseudalopex wrote:
| Even Visual Studio Code gets things wrong.
| EvilEy3 wrote:
| > You can make good Electron apps if you care enough.
|
| That defeats purpose of Electron, though.
| sodality2 wrote:
| XMPP ;)
| DangerousPie wrote:
| Looks like this is the bug that made me stop using Signal at some
| point last year. It just kept "migrating" the database every time
| I started and never managed to load. I even tried to reinstall it
| from scratch but when that didn't fix it I just gave up and went
| back to Hangouts/WhatsApp.
| sagivo wrote:
| I feel like Signal missed the opportunity they had after the
| WhatsApp fiasco. Every person I've tried to convert to Signal opt
| out after a day or two due to lack of usability. Most of them
| either went back to WhatsApp or moved to Telegram. While the tech
| is great and the privacy is good, if they won't invest in
| usability and UI they will not win the masses.
|
| EDIT - if you downvote, please explain why. If you disagree it's
| not a reason to downvote.
| prophesi wrote:
| Honestly, Signal's UI/usability used to be a valid critique,
| but now it's pretty much up to par with WhatsApp/Telegram. The
| only minor quip I've heard from friends transitioning to it is
| the lack of bold/italics/etc, which Signal announced they're
| working on by implementing markdown.
| stiltzkin wrote:
| I find it on par with WhatsApp but still not on par with
| Telegram.
| dang wrote:
| Downvoting for disagreement has always been allowed on HN:
| https://news.ycombinator.com/item?id=16131314
|
| also: " _Please don 't comment about the voting on comments. It
| never does any good, and it makes boring reading._"
|
| https://news.ycombinator.com/newsguidelines.html
| consumer451 wrote:
| I certainly defer to HN's expertise on community, but I
| always took an upvote with no comment as a "yes I agree with
| the facts or feeling as they were stated."
|
| I usually took a downvote with no comment as an information
| dead end. There are many reasons one would downvote, maybe
| factual error, in which case the correct answer is greatly
| appreciated.
|
| On the HN guidelines page the word "down" is not mentioned.
| Just curious, do you all feel that up and downvotes are not
| different beasts? Or is that page just for users who cannot
| downvote?
| hanniabu wrote:
| Yeah the UI just doesn't feel polished or full featured enough
| krastanov wrote:
| My personal anecdote is the opposite of yours: it was easy for
| me to convert people to Signal.
|
| Concerning your edit: I thought it was a pretty established
| part of the etiquette on HN that a downvote is used also for
| simple disagreement. It means "I do not agree", not "you are
| wrong and should be shamed".
| ximeng wrote:
| https://news.ycombinator.com/item?id=117171 here at least pg
| argues for downvote for disagreement
| detaro wrote:
| And the mods have consistently upheld that since then
| (although quite a few people don't like it, or think that
| it is against the rules - but such a rule exists on reddit,
| not here)
| sagivo wrote:
| I may be wrong, but comments are meant for that. Ideally when
| there's a disagreement, people can openly discuss it. I
| thought downvoting is to flag unproductive comments.
| hansvm wrote:
| I had that impression too, but I just read the guidelines
| and can't find anything to that effect. They do say that we
| shouldn't be commenting about the voting though ;).
| vengefulduck wrote:
| Maybe on Reddit, but on HN downvoting is supposed to be a
| moderation tool. That's why you need a certain amount of
| karma to access it. It should be used to flag content that
| breaks the rules or is unproductive in some way. Please don't
| use it like you do on Reddit.
| krastanov wrote:
| You are making a couple too many assumptions. For starters,
| I do not use reddit. I wrote my message above with the
| caveat that I am unsure ("I thought"), but you are
| presenting a front of certainty without backing it up with
| evidence (and evidence rarely exists when talking about
| common culture).
| dang wrote:
| Downvoting for disagreement is ok on HN, and always has
| been - see https://news.ycombinator.com/item?id=16131314.
| What you're describing is more what flagging is for.
|
| When substantive comments get unfairly downvoted, it's good
| to give them a corrective upvote. People mostly tend to do
| that and that mostly fixes the problem. Not entirely--but
| close enough that there's no globally better solution that
| we're aware of.
|
| https://hn.algolia.com/?dateRange=all&page=0&prefix=true&so
| r...
| 83457 wrote:
| I've always thought downvote on HN was for comments that are
| inappropriate, incompetent/harmful, or not following rules.
| In other words a vote that a comment holds no value on here.
| Anything else is just a discussion.
| jdxcode wrote:
| I'm surprised downvoting isn't even mentioned in the
| guidelines. Assuming they didn't want to mention downvoting
| unless you have enough karma, they could just display the
| clause for those with downvoting capability.
| edoceo wrote:
| It is! ""Commenting on voting is boring"" or something.
| Like this thread.
|
| https://news.ycombinator.com/newsguidelines.html
|
| Near the bottom
| chungy wrote:
| Sometimes I upvote people despite disagreement, because good
| points are made regardless.
| dang wrote:
| That's even better of course.
| macintux wrote:
| > If you disagree it's not a reason to downvote.
|
| That's not set in stone; reportedly pg said downvoting for
| disagreement was fine, but I don't have the quote handy nor a
| source.
| macintux wrote:
| (I hate to meta-comment, but the sheer meta-ness of people
| downvoting my comment has me delighted.)
| 6gvONxR4sf7o wrote:
| I wish we had a great app with an open protocol so that you
| could use whatever UI you wanted and not have to deal with
| network effects every few years. It's too bad there's no app
| right now with that openness and also sufficient usability to
| get everyone switched over.
| xingped wrote:
| Isn't that what Matrix is supposed to be?
| 6gvONxR4sf7o wrote:
| I've heard it doesn't have any clients with sufficient
| usability for the masses, which is the other critical part.
| But yeah that's what I was alluding to.
| ptman wrote:
| Have you looked at the flagship element.io client?
| Digory wrote:
| All the FB alternatives had crazy spin-up problems for a few
| days. Prominent cancels on the right and the WhatsApp fiasco
| freaked out some on the left at about the same time.
|
| Signal did as well as anybody. They bounced back after about 48
| hours, and usability seems as good as FB Messenger. Not nearly
| the roller coaster of Parler.
| ibic wrote:
| Didn't downvote, but I disagree with your "If you disagree it's
| not a reason to downvote." Downvote is my liberty, I can
| downvote for whatever reason I see fit.
| msoad wrote:
| Same experience for me. It's like Open Office. Somehow open
| source can not produce delightful user experiences
| wglb wrote:
| Disagreement is a fine reason to downvote according to 'pg
| eganist wrote:
| They poured a ton of investment into it right after they saw
| the uptrend, but their mission was to drive steady adoption of
| secure messaging; other features were nice-to-haves that
| weren't core to their initial function. The massive run-up in
| users relocating from WhatsApp reprioritized their PI plan (I'm
| guessing), but up until that moment, they had no good reason to
| prioritize those things since 1) they're a non-profit with
| steady funding thanks to Brian Acton, and 2) they have a core
| mission.
|
| Iterative development is a thing for a reason.
|
| Also, in regards to your edit:
|
| > EDIT - if you downvote, please explain why. If you disagree
| it's not a reason to downvote.
|
| https://news.ycombinator.com/newsguidelines.html grep "voting"
| primeos wrote:
| This whole thing is especially painful/annoying since they
| neither support backing up the database nor syncing/importing old
| messages from the phone. So if this happens there's no
| known/reliable way to recover (even though the data is still on
| the phone).
|
| (In theory it should be possible to recover from this and I can
| still access my sqlcipher database manually but Electron and the
| stateful Signal protocol make it extremely difficult so I gave
| up. Multiple backups of the whole ~/.config/Signal directory
| didn't help either.)
|
| (See: https://github.com/signalapp/Signal-
| Desktop/issues/4513#issu... )
| orblivion wrote:
| When you say you can't import/sync data from your phone -
| Couldn't you just decommission Signal Desktop from your phone,
| nuke the desktop installation, and reinstall from scratch?
|
| Not to dismiss the annoyance involved. I'm just trying to
| understand what this bug is really about.
| xyzzy_plugh wrote:
| No, history is not transferred to "new" devices.
| ancarda wrote:
| >they neither support backing up the database nor
| syncing/importing old messages from the phone
|
| Why Signal doesn't support this is beyond me. I can basically
| only use it for scenarios where I don't want any chat history,
| which just isn't that common.
| cfstras wrote:
| You could probably use something like
| https://github.com/benbjohnson/litestream to backup your signal
| db.
| e40 wrote:
| Anyone successfully done this?
| abandonliberty wrote:
| Why do backups of the directory not work? You're saying we
| couldn't roll back to a backed up version?
| satysin wrote:
| Yes and this has been my biggest complaint for literally
| _years_ but whenever I say "Signal needs a top tier backup
| system asap" I get moaned at with responses like "Signal is a
| messaging app not email, if you want to backup a message just
| do that one message." or "Why would you want a _whole_
| conversation backup?! " as if I am some weirdo for wanting to
| have a backup.
|
| Does my fucking head in. Yes Signal is about security but that
| doesn't mean it can't have a functional backup feature!
| Honestly it needs to be priority number one imho.
|
| This bug shows just how important backups and importing
| conversations are. Whenever I setup Signal on a new system I
| _hate_ when I see the message "For your security, conversation
| history isn't transferred to new linked devices."
|
| Signal doesn't (or at least shouldn't) get to decide what
| happens here. If I am having to re-register because of a Signal
| failure my security is not effected by importing the
| conversation history as it was there two minutes ago before
| they corrupted the database. At the very least they should make
| it an option even if it is disabled by default.
|
| Apologies for the ranty nature of this comment but I am fed up
| with this absolutely pathetic denial that backups are important
| because it is "just a messaging app". AHHH!
|
| Edit: See this reply from when I complained about the lack of
| backup a month ago
| https://news.ycombinator.com/item?id=25687851
| capableweb wrote:
| Is it maybe possible that different people have different
| attack vectors they need to consider and backups are usually
| a weak-point for some of those people?
|
| I understand it's frustrating when a (open source, forkable)
| application doesn't work the way you want it to, but you have
| to be able to see it from the other side as well.
|
| Signal is signalling that chats are ephemeral and treating
| them as something else introduces security and privacy issues
| _in the way they are thinking about it_. It's very possible
| that's not an issue for you, but that doesn't make Signal
| wrong, is just make the two of you misaligned on why Signal
| exists. Signal is not for everyone and I think the team
| themselves make that pretty clear. Signal is for private and
| secure communications, and make no compromises that would
| lower either the privacy or the security, they rather
| compromise on other ends.
|
| These kind of comments show the entitled parts of the
| internet, where open source software HAS to work a particular
| way otherwise ITS BROKEN AND HORRIBLE.
|
| There are tradeoffs to everything. In this case, Signal made
| tradeoffs that you feel are wrong. You have a couple of
| choices, none of them include screaming that Signal should
| change their priorities based on your opionion: 1) continue
| using it anyways, start treating chats as ephemeral, 2) try
| to fork Signal and show us you can do it better or 3) dump
| Signal for a messenger that works the way you want it to.
|
| In the end, there are multiple chat apps, use the right app
| for the right use case. Signal is definitely not a app for
| one-size-fits-them-all and it's pretty clear they are not
| trying to either.
| ximeng wrote:
| Realistically none of these are very good options. Starting
| a competitive messenger application is likely to be
| impossible - Signal got to where it is thanks in large part
| to 50mn USD from Whatsapp's founder. The fact that it's
| very difficult means that there aren't a huge number of
| competitive choices, and none that are "Signal but you can
| access your data". So even though complaining is not a
| great option, it might be the most likely way to get what
| is wanted, whether by someone from Signal seeing the
| request and agreeing, or someone else seeing there is a
| market for this.
|
| If you have a choice between Whatsapp (metadata not
| private, but has backup) versus Signal (metadata private
| but no backup), if you need backup (or anyone you
| communicate with does), you lose privacy because you're
| forced to use Whatsapp. Arguably because of Signal's
| refusal to "compromise" on privacy by allowing backups you
| have lost privacy anyway.
| _underfl0w_ wrote:
| A better option may simply be to _fork_ and add the
| additional features, not necessarily create a new client.
| satysin wrote:
| This raises an interesting question.
|
| Can one fork the Signal iOS app, add features then
| publish to the App Store while using Signals
| infrastructure?
| saurik wrote:
| If you do this you would not get push notifications.
| pseudalopex wrote:
| They changed the license so you can publish forks.
| They're opposed to forks using Signal's infrastructure
| though.
| satysin wrote:
| > Is it maybe possible that different people have different
| attack vectors they need to consider and backups are
| usually a weak-point for some of those people?
|
| If backups are a weak point/risk don't enable the backups
| then? How is denying it for _all_ a good solution?
|
| > Signal is not for everyone and I think the team
| themselves make that pretty clear.
|
| If Signal don't want to be a WhatsApp competitor they need
| to stop acting like one and jumping on every opportunity to
| point out how they are not Facebook/are better than
| WhatsApp.
|
| All I have seen from Signal on social media for the past
| month is how they are the perfect alternative to WhatsApp.
|
| Signal has disappearing messages so if a sender doesn't
| want their messages captured in a backup they can easily
| get that. Of course that doesn't stop the recipient
| exporting that one message or even just taking a screenshot
| so it isn't perfect but better than nothing.
|
| > These kind of comments show the entitled parts of the
| internet
|
| Comments like this piss me off. It is not "entitled" to
| want to protect my data. I have been telling people to
| protect their data for the twenty years I have worked in
| IT. But now for chat conversations apparently backups are
| pointless and we shouldn't be doing them??? Come on. This
| flies in the face of literally two plus decades of the tech
| community pushing for "normal people" to do backups!
| capableweb wrote:
| > If backups are a weak point/risk don't enable the
| backups then? How is denying it for all a good solution?
|
| Why enable something that could introduce additional
| security risks when it's both cheaper and safer not to
| develop that feature in the first place?
|
| > All I have seen from Signal on social media for the
| past month is how they are the perfect alternative to
| WhatsApp.
|
| Huh, I've not gotten that vibe at all after speaking with
| some of the people at Signal. They know that their
| product is not for absolutely everyone and quick glance
| at their Twitter doesn't seem to paint the picture you're
| seeing either. You have any specific examples you could
| point me to?
|
| > It is not "entitled" to want to protect my data
|
| Of course not and that was also not my point... The
| entitlement comes from you declaring that Signal is wrong
| here while not actually understanding the other
| perspective that they are operating from (which is
| different from yours, obviously).
|
| > But now for chat conversations apparently backups are
| pointless and we shouldn't be doing them???
|
| Again, if you are subscribing to the same worldview as
| the team of Signal is subscribed to, then yes, you
| shouldn't backup your ephemeral chat conversations. If
| you're instead interested in persisting your
| conversations, Telegram/Whatsapp/whatever probably fits
| your use case better and you feel free to use those
| instead.
|
| Either you use a chat application that makes absolutely
| zero compromises on security and privacy but might have
| worse UX, or you chose a chat application that does
| compromise on those things but have a better UI. Your
| entitlement is that you think you can change Signals
| whole mission because you actually should be using a
| different chat application.
| satysin wrote:
| > Huh, I've not gotten that vibe at all after speaking
| with some of the people at Signal. They know that their
| product is not for absolutely everyone and quick glance
| at their Twitter doesn't seem to paint the picture you're
| seeing either. You have any specific examples you could
| point me to?
|
| https://i.imgur.com/bdUhqth.png
|
| https://twitter.com/signalapp/status/1358903379515199488
|
| Literally the first thing on their Twitter feed!
|
| Sorry but if you are unable to see that Signal are
| clearly trying to position themselves as a WhatsApp
| alternative there is no point in continuing this
| conversation.
| ximeng wrote:
| If Signal want maximum security / privacy, why not just
| make all messages auto-delete after a week (rather than
| their current stance that you lose them when you decide
| to use Android when you're currently using iPhone or if
| you lose your phone)?
|
| 4/5 of their last few tweets all seem to be pitching
| themselves as an alternative to WhatsApp / Facebook /
| targeted advertising? Realistically though their current
| position is you have to choose privacy or backups.
|
| "We believe in targeted admirizing, not targeted
| advertising. Happy Valentine's Day from all of us at
| Signal."
|
| "We've discovered that @tecnomobile devices (some of the
| most popular phones in Africa) enable notifications for
| @Facebook apps like @WhatsApp, but block Signal
| notifications by default. Privacy should be the default."
|
| "Facebook, Instagram, and WhatsApp trying to collect your
| data when you're on Signal" (confused guy gif)
|
| "If you see the shadow of looming advertisements in your
| current messaging app, make an early Spring to something
| better."
|
| "January just ended, but if one of your New Year's
| Resolutions was to break up with Facebook there is still
| plenty of time."
| admax88q wrote:
| What exactly is the sevurity compromise by allowong
| backups?
| ximeng wrote:
| Not allowing backup as you should be using email for things
| that are important is really a circular argument. If you
| can't even choose to backup / analyse with your own tools
| then you won't ever use chat for anything important. Ever
| since losing chat history moving phones with Signal I've been
| less inclined to use it overall.
| dannyw wrote:
| +1. Switched from iPhone to Android, lost my message
| history. There were important content there stretching
| years that I wanted to preserve. Now, it is all lost.
| XorNot wrote:
| Really I just want Signal to play my messaging history off to
| just regular files.
|
| I can plug those into Syncthing and have them head off to my
| server or whatever. Just document the format so I can decrypt
| them with some tool to recover them later.
| satysin wrote:
| Yeah I honestly don't care how they do it. I just want to
| export an encrypted blob with a passphrase and import it
| when needed. Store it on my device so I have to manually
| move it or store it on iCloud or some other cloud service.
| I don't care I just want the option to backup and restore!
| jfim wrote:
| Not sure about iOS, but on Android it's in settings >
| chats > chat backup and it creates a backup periodically
| if enabled. When reinstalling signal one can point it at
| the backup and enter the code to restore messages.
| satysin wrote:
| Unfortunately I am on iOS where there is no such
| functionality :(
|
| Kind of makes it worse in a way as it clearly shows they
| do care about backups just not doing it consistently.
| andix wrote:
| I totally agree. That's the only big drawback I currently see
| with signal.
|
| I would even be satisfied if i can regularly backup messages
| to plaintext.
|
| I like to keep my messages and be able to look up stuff
| later. If I don't want to keep the log i switch on self
| deleting messages, which is quite cool.
| tw04 wrote:
| Oh my gosh, you and me both. I'm so tired of the lame excuse
| that it's a "secure messaging platform". If the mindset were
| truly that having a copy of the message was insecure, why
| wouldn't they just set every chat to expire? Because it turns
| out people want a balance between security and functionality.
|
| IOS has had filesystem access for going on 2 years now,
| there's literally no excuse beyond laziness for not letting
| us backup and restore the signal messages. I don't even care
| if it gets dumped into an insecure format if that's the only
| way it works. I'm far more concerned with someone
| intercepting my messages in-flight than any other vector. If
| someone has a backdoor on the phone itself, one signal backup
| is the least of my worries. Ignoring the fact that backup
| would be optional.
|
| Incorporate SMS (with a red background or something obvious
| that the chat is insecure), incorporate backup, and just
| fully embrace being a messaging app. If they do that they'll
| make the world universally more secure because it will
| increase adoption 100 fold. I'll have a lot easier time
| convincing my dad to use signal if I don't have to try to
| walk him through "well when you're texting grandma, use this
| app, and when you're texting me, use this app".
| pseudalopex wrote:
| It isn't laziness. They go out of their way to prevent it.
| vageli wrote:
| > Incorporate SMS (with a red background or something
| obvious that the chat is insecure), incorporate backup, and
| just fully embrace being a messaging app. If they do that
| they'll make the world universally more secure because it
| will increase adoption 100 fold. I'll have a lot easier
| time convincing my dad to use signal if I don't have to try
| to walk him through "well when you're texting grandma, use
| this app, and when you're texting me, use this app".
|
| You can already use SMS from within the Signal app on
| mobile. On desktop it makes sense that there is no SMS
| feature, unless you want to use the desktop client to send
| SMS from your phone (like Android messaging), or you want
| Signal to operate an SMS gateway?
| omnimus wrote:
| Signal already does SMS on Android but on iOS thats
| forbidden so you can't replace SMS app. Quite convenient
| for Apple because same SMS app by default supports their
| imessages :))
| tw04 wrote:
| Unfortunately you can't send SMS from Signal in the iOS
| version of the app. And yes, I also want to be able to
| send an SMS from my desktop through my phone (like
| android messaging or imessage).
|
| https://support.signal.org/hc/en-
| us/articles/360007321171-Ca...
|
| Sure, iOS doesn't allow you to intercept SMS but others
| have already figured out how to work around this by
| assigning a virtual phone number.
| mittaus wrote:
| Caveat Emptor.
| oefrha wrote:
| SQLite should not be corruptible by power loss unless PRAGMA
| synchronous is OFF, or OS/fs/storage media don't honor fsync.
| https://www.sqlite.org/howtocorrupt.html
|
| But the thread says SQLCipher is used, so not sure.
| Rygian wrote:
| This story should be tagged [2020], bug report is already 6
| months old.
| rvz wrote:
| Good point actually, but this serious bug is _still_ not fixed
| after 6 months.
|
| They have plenty of time and money to fix this issue quickly
| before it gets out of hand.
| meibo wrote:
| If you have any experience with the Signal GitHub projects,
| you'd know that you're lucky to even get a reply.
|
| They seem to strictly follow their own agenda. If they don't
| think something is important, it won't be taken care of.
| growse wrote:
| Isn't that true of every open source project?
| prophesi wrote:
| https://github.com/signalapp/Signal-Desktop/issues/4513#issu...
|
| Is there a citation for this claim? I tried searching on Twitter
| for tweets regarding Signal errors, and I didn't see anything
| except for retweets of the link to this HN post.
|
| It's also just the local database, so the phone that their
| desktop app is linked to will still have their chat history, thus
| these alleged journalists would not have lost their sources.
| GNU_James wrote:
| Why are you all pushing for this Signal crap when Matrix is
| objectively better and doesn't require phone numbers?
| rvz wrote:
| > Why are you all pushing for this Signal crap when Matrix is
| objectively better...
|
| At what exactly? Elaborate and enlighten us a bit.
|
| > and doesn't require phone numbers?
|
| That's true, but you know it's still not enough for John and
| Jane Doe to use it. Elaborate us on more reasons otherwise John
| and Jane Doe will use 'this Signal crap' instead or even will
| go back to WhatsApp. (Again)
| GNU_James wrote:
| In my country all phone numbers are registered to your name.
| If an app asks for a phone number into the trash it goes.
| [deleted]
| fouc wrote:
| What's the easiest way to get started with Matrix, in a way
| that's objectively better than Signal?
| detaro wrote:
| Because it's not "objectively better", and certainly hasn't
| been historically (and I say that as someone who has more
| conversations on Matrix than on Signal, and thinks Signal made
| the wrong tradeoffs in some places)
| float4 wrote:
| Element on iOS crashes when I try to log in, so there's that.
|
| Both Element/Matrix and Signal don't come close to WhatsApp,
| sadly.
| rvz wrote:
| > Both Element/Matrix and Signal don't come close to
| WhatsApp, sadly.
|
| That is the unfortunate reality-hitting hard truth right
| there. Element and Signal are just not ready yet for serious
| widespread general use to compete with WhatsApp.
|
| Signal is still immature and lacks tons of functionality
| compared to WhatsApp. Element suffers from usability and
| onboarding issues which frustrate the user. The fact we have
| to keep mentioning the protocol 'Matrix' next to the client
| name 'Element' creates further confusion to the user; leaving
| them to ignore it altogether. That's before they get confused
| and lost in the settings page.
|
| Telegram on the other hand has a better chance to compete
| against WhatsApp.
| mft_ wrote:
| I'm interested: aside from the phone number/backup issues
| well documented on every HN thread about Signal, which
| features do you think that Signal lacks?
| niksakl wrote:
| "Streams" for example. You cannot create a group of
| contacts that only receive messages from you, but they
| cannot send into the group. Replies of stream-members
| only come to the creator of the stream. Moreover, members
| of "streams" do not see other members. Basically is a BCC
| functionality for messages. I am a signal user since ages
| and constantly try to "convert" people. I miss this.
| mft_ wrote:
| Huh, TIL. I've never come across this feature - not on
| WhatsApp, iMessage, SMS (obvs)...
| omnimus wrote:
| I think it's only in Telegram. Mostly used by businesses.
|
| It's important to realize that Signal is aiming to be
| iMessage replacement Whatsapp/Telegram/Discord are more
| like "chatservers" with rooms. Signal right now focuses
| on simple 1to1 messaging with sending pictures/media etc.
| That's what they do really well.
|
| Btw iMessage also have super basic desktop client. It
| works even worse than Signal desktop (random logouts and
| messages sent as different account with only "email"). It
| might not be so easy going from 1v1 fully encrypted chat
| to manytomany fully encrypted chatroom megaserver. Apple
| seems to also struggle with it.
| Zizizizz wrote:
| for tech savvy people maybe but try explaining to your mother
| that you have to pick a server to register with, you need a
| username, it can't be your email address, then you can add your
| email and phone later to make it possible for others to
| discover you. I like it a lot it's just not nearly as
| straightforward
| StavrosK wrote:
| This is odd, I literally just now got a corrupted database on
| Android and had to restore from a backup (it's still restoring).
| Are two platforms impacted?
| cpach wrote:
| Ouch. That's one painful bug. Hope it gets sorted soon.
| 88840-8855 wrote:
| As much as I want to move to Signal, I cannot. Their apps feel
| like a hobby project from the iOS 5 era. Especially the desktop
| app has a terrible UI. It feels, looks and behaves very bad.
|
| And then I am looking at telegram - everything is polished, many
| smart and useful functionality is included. The design is
| outstanding, the updates seem to add useful stuff.
|
| Can someone explain to me why Signal is so very bad compared to
| telegram?
| henearkr wrote:
| Not the same purpose: Telegram as a SNS, Signal as a messaging
| app.
| domano wrote:
| My guess is that the priorization is different - signal
| implements everything with a privacy first approach in mind,
| whereas telegram is not even encrypted by default (even
| Whatsapp does that AFAIK).
| alerighi wrote:
| To me Telegram is better even from a privacy point. Sure, if
| someone breaks into the Telegram servers can read you
| messages, but to me that isn't the first privacy concern.
|
| I'm more concerned about every day privacy, and Telegram is
| far better on them. Do you realized that you sent by mistake
| some data to the wrong people? In Telegram you can delete or
| edit every messages you want whenever you want.
|
| Don't you want to share your phone number in a group? In
| Telegram your phone number is hidden by default, meaning that
| other group members doesn't see you number unless you share
| it with them.
|
| Also Signal is open source but not really open. In Telegram
| you can use whatever client you want, in Signal you are
| forbidden to use anything else than the official client. And
| the official client is open source, but it depends on
| proprietary services, like the Google Play services on
| Android, so you really can't use it on a 100% open source
| system. You can't even find online the Signal apk by their
| choice, so the only official way is to install it from the
| Google Play Store (and how do you verify that the apk that
| Google provided to you doesn't contain a backdoor?)
| growse wrote:
| > To me Telegram is better even from a privacy point. Sure,
| if someone breaks into the Telegram servers can read you
| messages, but to me that isn't the first privacy concern.
|
| For a lot of people, that's exactly the concern.
|
| > Also Signal is open source but not really open. In
| Telegram you can use whatever client you want, in Signal
| you are forbidden to use anything else than the official
| client.
|
| There's nothing in open source that requires people running
| services to allow anyone to connect to it however they
| like. You still have the freedom to inspect, modify, run
| and distribute both the server and client, so it's to see
| what part of that in "not really open".
|
| > And the official client is open source, but it depends on
| proprietary services, like the Google Play services on
| Android, so you really can't use it on a 100% open source
| system.
|
| I agree, this is annoying. But it depends on your threat
| model and it seems that most people don't see Google as the
| threat to protect against.
|
| > You can't even find online the Signal apk by their
| choice, so the only official way is to install it from the
| Google Play Store
|
| https://signal.org/android/apk/
|
| > (and how do you verify that the apk that Google provided
| to you doesn't contain a backdoor?)
|
| https://signal.org/blog/reproducible-android/
| pseudalopex wrote:
| The source is open. The system is closed.
| einpoklum wrote:
| That's not it. That is, choosing whether conversations are
| encrypted by default or not has very little to do with
| whether the client application has polished UI.
| saddlerustle wrote:
| WhatsApp is encrypted by default
| croes wrote:
| That's what he/she wrote.
| Sebb767 wrote:
| > telegram is not even encrypted by default
|
| That's technically not true - it's not _end-to-end_
| -encrypted by default.
|
| But yes, it is a design choice - telegram puts usability
| first - see all their innovations with large groups, stickers
| etc -, even at the expense of some privacy (i.e. no
| e2e-chats). But that's why you can have Telegram open on
| every device you own and probably why they are the second
| largest chat app by now.
|
| Signal, on the other hand, values privacy first, everything
| else second. This is why this bug is open for 6 months - they
| see your chat log as a convenience feature and mostly a
| burden. In addition, Signal is a smaller team with less
| funding, so that their UI is not as polished is partially
| also due to lacking manpower, but its simply not a priority
| for them.
| SignalNotSecure wrote:
| Whatsapp E2E is a red herring. It's not protecting you from
| your perceived threat like you think it is.
|
| https://telegra.ph/Why-WhatsApp-Will-Never-Be-Secure-05-15
| xvector wrote:
| Signal requires a telephone number. This makes the privacy
| bit is a complete joke, even if your chats are E2EE. Your
| Signal account is bound to a KYC identity.
| [deleted]
| appleflaxen wrote:
| can anyone commment on the design consideration that the
| telephone requirement addresses?
| xvector wrote:
| This is designed to make Signal more popular while
| solving some fake account issues:
|
| - Using phone numbers means that Signal can constantly
| check against your contacts to let you know if any of
| your contacts are now using Signal. As such, using phone
| numbers encourages use of Signal.
|
| - The usage of phone numbers instead of email or
| usernames also helps combat temporary/fake account
| creation abuse, as phone numbers are KYC if you ban VoIP
| numbers
|
| That said, in the end it is a compromise on privacy and
| anonymity to increase the popularity and stability of the
| app.
| abdullahkhalids wrote:
| Privacy and anonymity are distinct concepts. Signals
| provides very high privacy and low anonymity - which is
| totally acceptable for many people's threat model.
|
| Other apps may provide higher anonymity, but none provide
| privacy guarantees higher than (or even close to) Signal.
| symlinkk wrote:
| I feel like that's a handwavey academic answer. In real
| life situations you always need both privacy and
| anonymity. Do you think a gay rights activist in the
| Middle East wants all of their contacts to know their
| phone number and therefore their personal identity?
| corty wrote:
| Privacy and anonymity are distinct, but strongly
| correlated. Without anonymity, there will always be
| enough metadata to hang you with. Using Signal as a
| surveillance-evasion-tool will get you into trouble in a
| lot of the more unsavoury corners of this planet.
|
| So, being "best" at privacy is meaningless unless you are
| in the very lucky position that your local jurisdiction
| fits Signal's threat model. There aren't many in the west
| even...
| blazzy wrote:
| Meaningless? I value private communication with my
| friends and family. I don't exactly need anonymity there.
| In fact I want the opposite. In the absence of phone
| numbers I would be adding very explicit metadata on my
| device to distinguish between my friends.
|
| Signal has taken measures to limit its ability to know
| who I'm sending and receiving messages from. Though it's
| still possible by mapping my IP address to me. So yes
| there is still a centralized metadata problem, but I'm
| not letting perfect stand in the way of better.
| upofadown wrote:
| >Without anonymity, there will always be enough metadata
| to hang you with.
|
| Not in most cases, for most people, most of the time.
| Everyone knows you communicate with your family, friends
| and business associates. Very few people communicate out
| of those groups and even if they do they rarely have to
| worry about anyone finding out about it.
| saurik wrote:
| Umm... in fact "most people" communicate outside of those
| groups, as that's how dating works, and it is a big
| reason why Snapchat dominates "private communication":
| people don't want to give their "real phone number" to
| someone until they trust them. Signal needs to realize
| its big competition is not WhatsApp, but is Snapchat
| (particularly given that WhatsApp _is pretty damned
| secure_ , and so should be seen as an _ally_ versus all
| of the actually-insecure messaging apps of the world).
| rvz wrote:
| > Can someone explain to me why Signal is so very bad compared
| to telegram?
|
| The Signal desktop app is Electron, where as Telegram is
| native. That's why and it's that simple.
| metachris wrote:
| That's certainly not the reason.
|
| There are many really good Electron applications, Visual
| Studio Code being one of them.
| fouc wrote:
| Visual Studio Code is literally the only good Electron
| application, the rare exception that proves the rule.
| Griffinsauce wrote:
| GitKraken, Insomnia, Postman, Mongo Compass, Mingo,
| Mockoon, Notion (yes it's slow AF to load, but that's not
| due to electron), LosslessCut, Gitify
| fauigerzigerk wrote:
| No, it's not that simple at all. The Signal desktop app is
| bad in ways that have nothing to do with Electron at all.
|
| Most importantly, it's bad at protecting my privacy. You
| can't show any message to anyone on your screen or have
| someone look over your shoulder unless you want them to see
| who you recently communicated with in what order as well as
| the start of the most recent messages.
| primeos wrote:
| > unless you want them to see who you recently communicated
| with in what order as well as the start of the most recent
| messages.
|
| Thanks for mentioning that. I always wondered why there's
| no option to at least hide the most recent messages and
| dates (or temporarily hide the whole sidebar). I guess most
| people are either fine with it or use their phone instead
| (and using Signal-Desktop in public / when someone's
| looking is probably uncommon). It seems like at least
| Telegram-Desktop has this issue as well (not sure if
| there's an option for it).
|
| Anyway, a slight modification to the UI to hide/minimize
| the sidebar would be something I'd appreciate for those
| rare situations.
| fauigerzigerk wrote:
| I think it's a pretty common situation for someone to
| come up to your desk to talk about something they sent
| you earlier. Not rare for me at all.
| Kelteseth wrote:
| Telegram desktop is a Qt Widgets application.
| dgellow wrote:
| If you're on macOS you have the choice between a native app
| and the QT client.
|
| Native: https://macos.telegram.org/
|
| Qt client: https://desktop.telegram.org/
| kitsunesoba wrote:
| There's also an unofficial native Windows 10 + Xbox
| client: https://github.com/UnigramDev/Unigram
|
| In addition, there's a libpurple plugin should one want
| to use Telegram with Pidgin, as well as several other
| clients including one that's TUI based.
|
| The choice of client is a massive boon. It's unfortunate
| that one can't use a alternative Signal clients, because
| they'd likely solve many of the gripes people have with
| Signal.
| dewey wrote:
| There's non-native apps that are not as bad as Signal so that
| doesn't really explain that.
| chovybizzass wrote:
| Telegram has a bit better and also has e2e encryption
| (optional).
| spacemanmatt wrote:
| Optional E2E means there's a chance that misunderstanding or
| misusing the GUI results in exposure. For critical purposes,
| that's unacceptable.
| frereubu wrote:
| E2E encryption is only available in one-to-one chats, and
| those chats are specific to the device. So, like Signal chats
| effectively.
| waheoo wrote:
| I've been using signal since release, never had any issues with
| its level of polish.
|
| Updates have been meaningful and minimal.
|
| Can't say I'd be happy if it started adding a bunch of features
| I didn't ask for.
| primeos wrote:
| > Updates have been meaningful and minimal.
|
| Opinions may differ here. Their sticker packs feature added
| at least 50 MB (mostly via node_modules):
| https://github.com/signalapp/Signal-Desktop/issues/3919
|
| > Can't say I'd be happy if it started adding a bunch of
| features I didn't ask for.
|
| What features do you mean here? The GitHub issue is a bug
| report and not a feature request. However, there are two
| features that could help: Backups (export and import
| functionality) and syncing older messages from the phone
| during the initial setup. Both of these features can be fully
| optional and shouldn't require much code.
|
| And they do regularly add new features (that I didn't ask for
| but I get why) anyway: https://github.com/signalapp/Signal-
| Desktop/releases
| orbifold wrote:
| Telegram hires excellent developers and was started by someone
| that had successfully run a company before. The clients for the
| different platforms in the case of telegram were developed by
| very small teams (1-2) of exceptional programmers.
|
| - macOS client: https://github.com/overtake/TelegramSwift/graph
| s/contributor.... Written almost single handedly by one
| developer.
|
| - Telegram Desktop: https://github.com/telegramdesktop/tdesktop
| /graphs/contribut.... Written almost single handedly by one
| developer, who also wrote almost all of the supporting Qt code.
| Daniel_sk wrote:
| Unfortunately the overall code quality doesn't seem to good - I
| looked at the Android code and the network layer / retry logic
| seems to be quite chaotic with weird exception handling. The UI
| layer would also need a refresh, a lot of logic is placed in the
| Fragments directly, no MVVM (e.g. Architecture Components
| ViewModel) or any other pattern. The sync issues keep coming
| back. For example you use the Signal desktop app and then at the
| end of the day you pick up the phone, open Signal and a stream of
| notifications will start flowing in (even though you read
| everything on desktop). Also the PC desktop app doesn't sync with
| iPhone, you need to download an old version, pair the phone and
| then update to latest to fix it -
| https://community.signalusers.org/t/my-messages-in-desktop-a....
| pure_simplicity wrote:
| That's unfortunate. I wonder why Signal suffers from these
| issues, but I hope it's something we can fix. I think Signal
| has such great potential. Society needs a successful privacy
| respecting open source chat app like Signal.
|
| Do you have any clue how to make things better?
| GuB-42 wrote:
| I also too a look at the code and wasn't impressed. Signal used
| to have a feature that allows you to import SMS.
|
| It had a few problems but it mostly did the job. But lately,
| they disabled it with the latest onboarding update, without
| mentioning anything in the change log. I had to look at the git
| history to see that, I also found a "won't fix" ticket about
| the problem.
|
| I think they are ignoring an very important feature but
| anyways, make a decision. Either you officially disable the
| feature, write it in the changelog and remove the dead code. Or
| you keep it and hopefully fix it. The way they are doing it is
| sloppy.
|
| I didn't look too much into it but dead code is definitely a
| code smell and your experience seems to match mine. It is not
| terrible, but a bit underwhelming considered it is a highly
| regarded, security sensitive app.
| colesantiago wrote:
| Why wasn't this bug caught in the first place and allowed to be
| rolled out into production?
|
| This is very serious for everyone depending on signal, that I
| could just lose all my secure chat history without warning!
| [deleted]
| LockAndLol wrote:
| What kind of a question is that? Are you a developer?
|
| Do you think developers willingly write bugs into their
| applications, then simply release them hoping they can mess up
| somebody's day for the fun of it?
|
| "Allowed to roll out into production" as if there's a manager
| looking at the list of newly created bugs, grinning and going
| "This bug... I like this bug! Roll it out!"
| colesantiago wrote:
| What are you talking about? They clearly didn't test this
| hard enough otherwise this would be caught early.
|
| Was there any tests for this sort of thing? surely if you are
| storing secure chat history to a database this should be
| tested to death.
|
| Had they tested more of this functionality this serious bug
| would have been caught, and now that I recommended this to
| people, I pretty much now regret doing so for secure
| messaging.
| cj wrote:
| "Why wasn't this bug caught in the first place" - this isn't
| an attack on whichever developer introduced the bug.
|
| It's a (totally fair) attack on Signal's lack of QA/testing
| in their development + release cycle.
|
| Do they implement peer reviews on PR? Multiple reviews on
| changes touching mission critical code (ie. data migrations)?
| Do their test suites provide adequate test coverage? Do they
| have a manual Q/A process that involves real people testing
| new releases?
|
| Considering Signal's funding, I would hope the answer to all
| of those questions is yes.
|
| But if it's possible to release code that completely corrupts
| the app with no known fix, I suspect their test coverage and
| Q/A processes aren't as robust as they need to be.
| dj_mc_merlin wrote:
| Maybe all of those things. Given this issue isn't
| widespread AFAIS, it could have went through a bunch of
| tests and QA people, none of which caught the unique
| combination of factors that might be rare but not rare
| enough to not cause problems on a lot of devices
| regardless. They should totally improve their testing
| methodology after such a bug, but I can see how a perfectly
| competent dev team could let such a bug slip. I haven't
| followed Signal's track record though, so I couldn't say if
| this is a one-off or a pattern.
| rvz wrote:
| Well I guess that bursts the Signal hype brigade that Elon
| Musk, et al, and the media have started and you're required to
| sign up with a phone number which it then goes through your
| contacts list which already outrageous. Also, it turns out that
| you can't even sync your chat history, nor can you back them up
| easily on another device. So if you change your SIM, have your
| device lost or stolen, its all gone.
|
| This right here was the final serious nail in the coffin that
| your chat history is corrupted due to this bug in production.
|
| $60M in funding and they still can't fix these issues or handle
| these many users. I liked the Signal name and its friendliness
| to the end user, but I think the true hard-hitting reality is,
| it is just not ready yet for serious use. What a shame.
| luto wrote:
| Signal's inability to sync its history to somewhere else (e.g.
| their server, encrypted) and its rather inaccessible backup
| processes[1] are a pain. It makes me use something else for
| anything serious sometimes.
|
| [1]: https://support.signal.org/hc/en-
| us/articles/360007059752-Ba...
| say_it_as_it_is wrote:
| I've used signal for so many years with ubuntu, android and
| macos. I've never gotten a corrupt database error. I'll repeat--
| I used it with LINUX without a hitch for MANY YEARS. Most other
| desktop applications, however, have not performed as well.
|
| This isn't worthy of the front page of HN..
| samb1729 wrote:
| This is not the slam dunk comment you appear to think it is.
| I've lived for many years without a single death, but this fact
| wouldn't serve to nullify the fact I died when it does happen.
| GNU_James wrote:
| Why not use encrypted Jabber like Russian Mob? If they are safe
| with XMPP, I feel safe too.
| eptcyka wrote:
| Exporting message history, easily selecting multiple messages to
| forward, allowing for group chat history to be maintained and
| transferred between devices, synchronizing video rotation in
| video calls, scheduled messages. Some of these features might be
| harder to implement than others, but I am constantly reminded of
| their absence whenever I use signal. I used to only use telegram,
| and it just works that much better as long as you don't care
| about privacy. It'd be easier for me to continue using Signal if
| it was more grandmother friendly. Even my partner is having
| issues with this, and they are usually capable of using tech.
| pure_simplicity wrote:
| These are sensible suggestions. What do you mean by
| "synchronizing video rotation in video calls" and how do you
| note the presence / absence of this feature in practice?
|
| Do you have any idea how we could practically make Signal a
| better app in the future?
| eznzt wrote:
| >This issue is so painful. There are journalists on Twitter
| reporting that they've lost access to their Signal app & sources
| due to this bug.
|
| Oh my God, not the journalists!!!!
| perryizgr8 wrote:
| Won't anybody think of the journalists!!1
| Hammershaft wrote:
| I mean, if a genuine journalist loses sources, we could lose
| evidence of corruption / abuse / fraud / government overreach /
| any # of evils in the world. I think journalists losing sources
| is a pretty serious problem.
| [deleted]
| anotherhue wrote:
| A BUG, IN SOFTWARE? Who could have predicted?
|
| My ongoing thanks to Signal for the massive net positive their
| work had produced.
| float4 wrote:
| It's a bug in a messaging app that corrupts your message
| database, so calling it "a bug" feels like an understatement.
|
| It sucks that people (myself included) try to convert friends
| to Signal when serious bugs happen regularly.
|
| Nonetheless, I'm grateful that Signal exists and continues to
| improve.
| Zizizizz wrote:
| Happen regularly?
___________________________________________________________________
(page generated 2021-02-28 23:02 UTC)