However, their decision to force PINs broke Signal for one of my non-technical contacts, to this day (despite them supposedly offering an opt-out now). This person opens Signal, gets some weird confusing modal dialog, and is now stuck.
There is supposed to be a way to opt out without having to set and remember a PIN now, but I was unable to guide this person to find it, and I can't exactly travel there to see what's on the screen and find the damn button (or figure out why it isn't showing up). So this person can no longer use Signal, and we had to fall back to WhatsApp. Which leaks more information, but has a killer feature that Signal now lacks: it allows me to communicate with this person!
(For those unaware: Signal made a really boneheaded decision a couple months ago, against all specific criticism that they were receiving - they introduced PINs that would then be used to back up at least metadata to the server, protected under a questionable scheme whose security assumptions only work if SGX is unbreakable. To force users into this, they blocked access to the messenger and your messages, so you had to set a PIN and upload your data if you wanted to talk to your friends and didn't have a contact for them on a different messenger.)
Intentionally breaking a product like this also breaks trust. I can no longer rely on Signal for "just wanting a video chat with Grandma and Grandpa". I can no longer trust that Moxie will make reasonable decisions, and not e.g. tomorrow break my ability to communicate with people unless I agree to upload my message history.
OK, this is shit. I was not under the impression that this PIN was used to encrypt user data for storage somewhere else. That was not made clear to me.
It would have been more clear if you had clicked the link to their web page and spent time reading a whole long document while you had other things to do.
If I'm not mistaken, this PIN also allows people to hijack your account. That's kind of the point; you export here and you import on your next phone.
But I'm not sure, because the whole thing is so badly explained!
However, their decision to force PINs broke Signal for one of my non-technical contacts, to this day (despite them supposedly offering an opt-out now). This person opens Signal, gets some weird confusing modal dialog, and is now stuck.
There is supposed to be a way to opt out without having to set and remember a PIN now, but I was unable to guide this person to find it, and I can't exactly travel there to see what's on the screen and find the damn button (or figure out why it isn't showing up). So this person can no longer use Signal, and we had to fall back to WhatsApp. Which leaks more information, but has a killer feature that Signal now lacks: it allows me to communicate with this person!
(For those unaware: Signal made a really boneheaded decision a couple months ago, against all specific criticism that they were receiving - they introduced PINs that would then be used to back up at least metadata to the server, protected under a questionable scheme whose security assumptions only work if SGX is unbreakable. To force users into this, they blocked access to the messenger and your messages, so you had to set a PIN and upload your data if you wanted to talk to your friends and didn't have a contact for them on a different messenger.)
Intentionally breaking a product like this also breaks trust. I can no longer rely on Signal for "just wanting a video chat with Grandma and Grandpa". I can no longer trust that Moxie will make reasonable decisions, and not e.g. tomorrow break my ability to communicate with people unless I agree to upload my message history.