wow, signal is speedrunning the death of all security advantages it had:

wow, signal is speedrunning the death of all security advantages it had: https://community.signalusers.org/t/public-signal-backups-testing/69984

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

I hate this — it was the exact mistake that Durov made a decade ago

Aviator, diver, Etherean, nexialist, PhD in aviation and climate science, host of /diving /ethfinance /forteantimes /geopolitics /science /singapore /thomas

I don't think that's a fair comparison at all. Telegram is literally plaintext, no encryption. Signal is just launching an encrypted backup feature

Telegram absolutely does encrypt though? “Secret chats” are privately E2EE, and “Default chats” are encrypted in both transit and cloud storage, however in this latter case Telegram (the company) holds the keys, which made it trivial for governments to pressure Durov (see https://farcaster.xyz/aviationdoctor.eth/0x72d3fff5) into giving them up.

Here, the only difference is that Signal won’t hold the backup keys, but if either party in the conversation gets their backup key broken into (poor opsec, coercion, border intercept, etc), then the whole chain of convo from the very beginning is accessible, instead of just forward secrecy being at risk.

It’s again an erosion of confidentiality for the sake of user convenience and adoption — similar mistake Durov made