this post was submitted on 28 Jan 2025

184 points (97.9% liked)

Privacy Guides

17327 readers

199 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

We prefer posting about open-source software whenever possible.
This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
No soliciting engagement: Don't ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don't repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 2 years ago

MODERATORS

jonah@lemmy.jonaharagon.net

184

Signal will finally let you transfer your encrypted chat history to new linked devices (mas.to)

submitted 2 days ago by ForgottenFlux@lemmy.world to c/privacyguides@lemmy.one

11 comments fedilink hide all child comments

Signal has announced new functionality in its upcoming beta releases, allowing users to transfer messages and media when linking their primary Signal device to a new desktop or iPad. This feature offers the choice to carry over chats and the last 45 days of media, or to start fresh with only new messages.

The transfer process is end-to-end encrypted, ensuring privacy. It involves creating a compressed, encrypted archive of your Signal data, which is then sent to the new device via Signal's servers. Despite handling the transfer, the servers cannot access the message content due to the encryption.

With the introduction of a cross-platform archive format, Signal is also exploring additional tools for message transfer to new devices or restoration in case of device loss or damage. Users can begin testing this feature soon, with a wider rollout expected in the coming weeks.

top 11 comments

sorted by: hot top controversial new old

[–] jagged_circle@feddit.nl 1 points 1 day ago* (last edited 1 day ago)

Can you backup your fucking private keys yet?

[–] tisktisk@piefed.social 3 points 2 days ago (2 children)

I need a tldr someone tech-savvy

[–] Nursery2787@lemmy.ml 3 points 1 day ago

Signal will now allow your old messages being exported to another device. Previously needed to do a full transfer to another device.

[–] LWD@lemm.ee 15 points 2 days ago

This change will impact how you set up Signal on your desktop computer. Previously, after linking your desktop to your phone, you would be presented with basically an empty window.

This change will allow you to, optionally, synchronize your message history from your phone to your desktop, filling it with your previous messages, making it much easier to pick up where you left off with your conversations.

Pictures and videos that were sent will also synchronize, as long as they are from the past month and a half.

[–] 9tr6gyp3@lemmy.world 1 points 2 days ago

What is this headline

[–] muntedcrocodile@lemm.ee -3 points 2 days ago (2 children)

When they gonna allow sign up without a phone number. Or allow federation with 3rd party signal severs. Or allow sign up without a phone number that's linked to ur real identity by law in most countries.

The more I learn about signal the less I trust them.

[–] RayJW@sh.itjust.works 13 points 2 days ago* (last edited 2 days ago)

I think at this point it should be pretty clear that Signal never had the goal of anonymity which is an orthogonal concept to privacy. While I would support sign-up without phone numbers, it doesn't address the same threat-model and there are many alternatives if anonymity is your goal.

But I want near-perfect privacy with usability, which Signal provides for me and all my contacts. Who cares if my government knows I use Signal, as long as they don't know who I talk to and what we talk about.

Edit: just saw your other response. What you want to achieve, is almost impossible. Even if Signal doesn't log who you talk to, like you assume, there are still methods to unmask this info. There are PoCs for things like timing attacks for notifications etc. which combined can narrow down the list of contacts significantly. But it seems like your threat-model doesn't align with Signal goals which means it's probably best for you to search an alternative instead of hating on Signal for not catering to your needs.

[–] Supernova1051@sh.itjust.works 4 points 2 days ago (1 children)

keep spreading FUD, my guy 😎

[–] muntedcrocodile@lemm.ee 6 points 2 days ago (1 children)

Hey signal is better than most of the mainstream bs. I use it myself and I'm confident that the messages themselves are secure. However, everything I said is 100% true.

Since we cannot verify the software they run on the server is the software that is open source then we must assume it is not.

We know for a majority of cases a phone number = a real identity. Signal implements sealed sender but since signal is a centralised point they can correlate the sealed sender extraordinarily easily. We must therefore assume signal knows when and who is communicating (We can verify they don't know what is being said) this therefore means signal could theoretically have a full social graph of real identities for every singe user.

This is of course after we remember signal received funding from BBG which is an organisation funded by the us government purely for the purpose of promoting american propaganda.

Its not FUD its true. Signal can either adapt and prove themselves with more than a "trust me bro" or they can die. Just cos they are better than the alternatives does not mean we should not demand better.

[–] LWD@lemm.ee 4 points 2 days ago (1 children)

I don't see how enabling federation will fix the problem of not knowing what is running on their servers. You've just introduced a new problem: other servers, with their own rules, which may also be peppered with requests for data and gag orders.

[–] muntedcrocodile@lemm.ee 1 points 2 days ago

It enables me to run my own server. And sealed sender is more effective with more servers as their is no centralised point that can identify senders.

And that's not a new problem if the security is as promised the point is u don't need to trust the server.