This blog is reserved for more serious things, and ordinarily I wouldn’t spend time on questions like the above. But much as I’d like to spend my time writing about exciting topics, som…
I’d like to see them try. I use GrapheneOS, and it reboots after a period of inactivity, so the decryption keys aren’t even loaded into memory unless I’ve used my phone recently. There are also constitutional protections so the government can’t take my data without my permission, or with a warrant (if they can break the encryption, that is).
Even your average smartphone w/o any special setup is encrypted by default, though a lot of people use pretty awful security (i.e. only biometrics, and police can unlock your device with your biometrics violating your right to not self-incriminate).
It would be nice if Signal stored my data encrypted, but my devices are already encrypted (phone, desktop, and laptop), are usually in my possession, and have extra layers of protection on top to prevent stealing my data. So I’m a lot more comfortable with “unencrypted” data at rest than the chance that a contact will send me an unencrypted, sensitive message. I can mitigate the former, I can’t do anything about the latter.
Encrypted from your girlfriend or yourself if you forgot your gesture, but not from Google/Apple/Government or anyone who actually wants your data.
I’d like to see them try. I use GrapheneOS, and it reboots after a period of inactivity, so the decryption keys aren’t even loaded into memory unless I’ve used my phone recently. There are also constitutional protections so the government can’t take my data without my permission, or with a warrant (if they can break the encryption, that is).
Even your average smartphone w/o any special setup is encrypted by default, though a lot of people use pretty awful security (i.e. only biometrics, and police can unlock your device with your biometrics violating your right to not self-incriminate).
It would be nice if Signal stored my data encrypted, but my devices are already encrypted (phone, desktop, and laptop), are usually in my possession, and have extra layers of protection on top to prevent stealing my data. So I’m a lot more comfortable with “unencrypted” data at rest than the chance that a contact will send me an unencrypted, sensitive message. I can mitigate the former, I can’t do anything about the latter.