The privacy is nice and it's been simple and easy to use.
I hope they stick around. Everyone likes to bash more privacy oriented companies if they aren't absolutely 100% perfect in every single way, but IMO perfect is the enemy of good and Signal has been very good.
The hardest part has been convincing people to use it, and if I have to get people to jump to another one it'll all just fall apart.
- If you lose your phone or it no longer boots, all your messages are irretrievably lost. There's no way to create backups on iOS. Why the hell can't I enable iCloud backups? I know it breaks privacy in some ways but let me choose the trade off. Put a giant warning if you have to.
- The desktop app is awful and requires signing in again all the time. See the Telegram Desktop app for how to do it better. In my opinion it should be the gold standard for desktop messaging apps
- Desktop app keeps losing message history
As long as Signal treats all messages as if they're so important that even super spies should not be able to read them, and as a result, goofing usability in a way that standard features don't work, I 100% understand that the majority of people won't use it.
Signal has not been good. The absolute least we should expect from any "privacy oriented company" is that they're honest and fully transparent about the data they collect and store, and Signal is none of that. Since they started collecting and forever storing sensitive user data in the cloud they've refused to update their privacy policy to alert people to that data collection.
If you advertise your service to human rights activists, journalists, and whistleblowers whose freedom and/or lives are on the line you owe it to them to be extremely clear about what their risks are by using your service, but Signal outright lies to them in the very first line of their privacy policy.
This isn't "perfect being the enemy of good" this is either a massive dead canary warning people not to use/trust Signal, or it's completely immoral and irresponsible.
Either way, that seems quite good to me.
https://community.signalusers.org/t/proper-secure-value-secu...
If you're a Signal user and this is the first time you're hearing about this, that should tell you everything you need to know about how trustworthy Signal is.
If someone broke down what the timeline was, what new info is being stored that wasn't before, how that is known, and how Signal has responded, etc, then that would be useful.
I'll admit it doesn't seem great. Phone number I understand, but name and contacts are more concerning.
Note that the "solution" of disabling pins mentioned at the end of the article was later shown to not prevent the collection and storage of user data. It was just giving users a false sense of security. To this day there is no way to opt out of the data collection.
There's a lot more information about it in various places, but Signal went out of their way to be as confusing as possible in their communications so it caused a lot of people to get the wrong idea (see for example https://old.reddit.com/r/signal/comments/htmzrr/psa_disablin...)
The forums were in an uproar for months asking Signal to not start collecting data or at least give people a means to opt out. Here's a good thread with links to a bunch of the conversations people were having at the time: https://community.signalusers.org/t/mandatory-pin-is-signal-...