laserbeam
4 hours ago
Someone needs to design a super dumb and robust system where I can safely store all my keys on all devices I use an account. The fact that whatsapp, signal and other platforms tend to have a primary device for keys is bonkers to me. A primary device that can randomly die, get stolen or fall in a lake.
I have lost chat histories more times than I can remember, and I have to be extra diligent about this these days.
I don’t even want to think about pgp when I have to manually take care of this problem. Not because of my own skills, but because I could never make it reliable for my family and friends on their side.
AnonC
4 hours ago
> I have lost chat histories more times than I can remember, and I have to be extra diligent about this these days.
As per Signal’s diehard proponents, losing chat history is a feature, not a bug (I’m not being facetious when saying this, and you can see comments of this kind in Signal related threads here).
Edited to add: I don’t agree with that premise and have long disliked losing chat history.
laserbeam
3 hours ago
I know you are not being facetious. My problem is random Joe on the street sees it as a bug. He really does care more about actually being able to talk with his wife than Signal’s mathematically correct principles. He needs it to be reliable first, secure second.
AnonC
3 hours ago
GP here. I agree. I should’ve stated that I don’t like losing chat history and have seen that as a problem with Signal.
I have edited my previous comment to reflect that I don’t like losing chat history.
IlikeKitties
3 hours ago
> He needs it to be reliable first, secure second.
Than he should use something else. I need signal to be secure first, second and third and reliable in edge cases like this a distant number.
golem14
3 hours ago
Yeah, but if use proton for everything else and signal only for my secret world domination plans, traffic analysis will be so much easier…
wood_spirit
3 hours ago
My company recently really cut back on slack retention. At first I was frustrated, but we all quickly got over it and work carried on getting done at the same pace as before and nothing really got impacted like many of us imagined it might.
wavemode
2 hours ago
That bears little resemblance to the Signal concerns. The reason people are worried about losing their personal messages is not lost productivity.
It's also not even really the same situation. A more apt analogy would be, if switching work laptops sometimes meant you could no longer read any Slack history.
Sevii
2 hours ago
It's fine until you need evidence someone agreed to something months ago but all records have been deleted.
brendoelfrendo
an hour ago
Methinks the better solution here is to get better friends?
lazide
an hour ago
A certain type of person sees this as a feature, not a bug.
nine_k
2 hours ago
This is a difference in the threat model.
Signal's threat model is that everything around you is hostile to you, except the parties you interact with. You are an undercover rebel in a totalitarian sect which would sacrifice you to Cthulhu if they see your chat history. Losing it is much better than disclosing it.
Your threat model is likely random black hat hackers who would try to get into your communication channels and dig some dirt to blackmail you, or to impersonate you to scam your grandmother out of several thousand dollars. Signal protects quite well against it. But the chance of this happening even in an unencrypted channel is low enough. You don't mind making the security posture somehow weaker, but preserve the possibility to restore your chat history if your secure device is lost or destroyed.
I suppose the problem could be solved by an encrypted backup with a long key which you keep on a piece of paper in your wallet, and / or in a bank in a safe deposit box. Ideally it would be in the format that the `age` utility supports.
But there is no way around that paper with the long code. If this code is stored on your device, and can be copied, it will be copied by some exploit. No matter how inconspicuous a backdoor you are making, somebody will find it and sneak into it. Should it happen in a publicized case, the public opinion will be "XYZ is insecure, run away from it!".
Helmut10001
3 hours ago
I set up automatic backups of WhatsApp to my self-hosted Nextcloud once. Since you need 'tested backups', I tried to decrypt these WhatsApp backups independent of my phone, but this was not possible. You need the original device. There are some hacks online, but they are always out of date.
I am tending now to running Mautrix Whatsapp bridge and backing up my data through this.
laserbeam
2 hours ago
Ask yourself. If you want things to be encrypted by default in the world, would a florist be able to self host nextcloud?
wmf
4 hours ago
Apple/Google passkeys.
throwaway82931
3 hours ago
Indeed, passkeys would seem to represent a step forward from single-device to single-account.
lazide
an hour ago
Passkeys are often stored/locked per device?
tonyhart7
2 hours ago
my proposal devices is like yubikey but instead of yubikey hardware in place like USB devices form
its in the form of ring or bracelet, its small enough and can be carried everywhere with you all the time
its use NFC like technology, it works without battery, fast and "secure enough" for 99% of people
what if the device is stolen???? we can add authorization like biometric (fingerprint etc) while touching devices so it can be sure the real owner is "giving" auth