I'm pretty sure Signal at least doesn't encrypt at rest on your phone. So the drive would have to be encrypted as well, which is not default on Android
Signal does encrypt your messages locally. Also Android supports file encryption you don't need to use full disk encryption anymore. Also I think the policy has changed in Android 10.
> All compatible Android devices newly launching with Android Q are required to encrypt user data, with no exceptions.
Signal traditionally had an easy to get encryption key for the local encryption. Now there is a PIN but I don't think it is any protection against having access to the disk. The signal people would prefer that that you deal with the end point security yourself, because they really can't do much there.
Indeed, the PIN is just for SVR. Exported message logs on Android use separate, client-generated, 30-digit, PINs.
Unless the OS+HW provide API for some sort of TPM, it's not possible to provide strong protection for app databases without asking for strong password every time the app is opened. Android has had some sort of sandboxing for a while but it's not comparable to secure enclaves etc. AFAIK.
Android has encrypted storage by default since a few years ago. Of course, by default it uses a default key. But, the point is, enabling "encryption" just means changing that key, not reencrypting the entire device.
Apart from that, regardless if you're on Signal or Telegram if authorities get hold of a protester's identity on such an app and have the power to access the app's servers they can gradually uncover social networks by reading metadata (if I'm not mistaken).
I think you are mistaken. Before your text is sent to Signal your sender information is encrypted with the receiver's public key. So while Signal's servers can see who to deliver the message to they cannot see who sent it. Only the receiving client can decrypt and authenticate the message. This feature was rolled out in late 2018 and is called "sealed sender". It was developed to prevent leakage of any social network information via the message metadata.
But as far as I know Telegram has no equivalent feature.
"So while Signal's servers can see who to deliver the message to they cannot see who sent it."
Why can't they look at the TCP headers of incoming packets to determine source-IP? Also, why can't they look at session identifier or signal ID like phone number to determine who the sender is?
I assume if you are trying to hide your communications you aren't connecting directly to signals servers, so IP should get you nothing. There is no session identifier or signalID attached to your message, its contained within the encrypted part of the message so only the receiver can determine who the message was sent by. https://signal.org/blog/sealed-sender/
