Readit NewsI am not talking about the PIN you would have to enter when starting Signal, to get into Signal.
I Googled a bit and found an approachable blog post from the time this all happened, here;
https://blog.cryptographyengineering.com/2020/07/10/a-few-th...
This has refreshed my memory of events.
In short, Signal wanted to store what had been purely client-side information (contact lists, for example) on their server, but - in principle at least - in a form Signal could not access.
The PIN in question is used to provide access to that information.
> Server state comment aside, it seems your main complaint is about a pop-up PIN entry UI that can be opted out of?
The dialog to force the user to set the server-side PIN disabled the app. You either had to do it, or stop using Signal. There was no opt-out.
I had a look at the app now. I found the settings you mentioned. It's not clear to me from what I see there is this if an app-locking PIN, a SIM protection PIN, or a server-side state PIN, or all three rolled into one.
In any event, at the time it happened, the presented dialog was full-screen and could not be dimissed; even if there had been options to disable this (and there were not prior to the full-screen dialog - I looked, in an effort to dismiss the permanent partial-screen dialog) you could not get to them, because it was a full-screen dialog which you could not dismiss; you could not get to the app, and so could not get to settings.
The only option was to stop using Signal or provide a PIN so your client-side state could be stored server-side.
Yes, they do upload your contact list, but I believe there's a prompt at setup time that allows you to opt out? It might even be an OS-level prompt to the tune of "Signal would like to access your Contacts". Not 100% sure on that one as I haven't set up a brand new Signal installation in years.
It's done to help their user acquisition. It uploads your contacts to match against other contact lists and let you know who's on Signal. I recall seeing a blog post explaining how they are doing it in a fully encrypted way, possibly using Secure Enclave (? though I think the 2021 version of that would probably involve ZK proofs/homomorphic encryption of some kind, and I hope they put some time into that).
I don't recall ever having to set a PIN specifically for that. And besides, a 4-6 digit PIN would be a terribly insecure way to "encrypt" anything server-side :) But yes, that would be a shame if it were the case.
They attempted ever more forcefully to make users to set a PIN to protect server-side state; it started with a dialog at the bottom of the screen, obscuring about 20% of the user list, which could not be dimissed, and then after a few weeks progressed to the a full page dialog, which could not be dismissed - rendering the app unusable.
All you saw upon starting was the full page dialog demanding you set a PIN to continue using Signal.
I did not want any server-side state, and so did not set a PIN, and stopped using Signal. After a few weeks, the full-page dialog went away, and I found I could use Signal again.
Signal actually blocked usage of the app to force users to adopt unwanted new functionality. It's hard to imagine any app doing well with such mis-management.
I opened a thread discussing the problem on their support/public discussion forum, which was deleted. I also at first opened a bug report on Git, before I understood it was all intentional, this was also deleted.
Since this experience, I've regarded Signal as on the way out, but it's still the best there is right now.
The PIN is a security option that prevents a SIM-swapping attacker from registering a new device under your phone number unless they know the PIN. You can opt out of it (and it might be opt-in to begin with). You can also easily opt out of PIN reminders. Both of these options are in Settings -> Account.
As for server state - my understanding is that Signal attempts to be zero-knowledge overall, but they definitely store some state on the server. I believe it's encrypted using your private key that's not backed up to the server. Setting the PIN does not change that.
Server state comment aside, it seems your main complaint is about a pop-up PIN entry UI that can be opted out of? I get that it might seem annoying, but it feels like a fairly weak criticism of a messaging platform, certainly not one that should warrant an impression that Signal is "on the way out"?
In addition, I use the temporary container add-on[0] which also uses containers, but throws them away after being used (like reference counting).
These two tools have seriously improved my ability to both develop and test applications without the hassle of logging out and logging in all the time or needing any tricks when needing multiple clean browsing sessions.
[0]: https://addons.mozilla.org/en-US/firefox/addon/temporary-con...
* Work/personal separation
* Multiple AWS accounts
Also, I am very impressed with how well they're integrated into Firefox. For example, opening a link in a new tab will preserve the container. CMD+Shift+T will restore a recently closed tab and remember its original container. I really like the color coding too.
https://www.theverge.com/2017/2/22/14703108/fitbit-bought-pe...