Signal Rolls Out Encrypted Cloud Backups, Debuts First Subscription Plan at $1.99/Month

Signal has begun rolling out end-to-end encrypted cloud backups in its latest Android beta release. The opt-in feature allows users to restore message history if their phone is lost or damaged. Free backups include all text messages and 45 days of media attachments. A $1.99 monthly subscription extends media storage to 100GB.

Users generate a 64-character recovery key on their device that Signal's servers never access. Backups refresh daily, excluding view-once messages and those set to disappear within 24 hours. The nonprofit cited storage costs as the reason for its first paid tier. iOS and Desktop support will follow the Android rollout. Signal said it stores backup archives without linking them to specific user accounts or payment information.

I can't think of anything stupider

[rsilvergun]

Then letting another company handle encrypted data like that.

The entire point of signal and things like it is so that you can communicate securely and destroy those communications as needed so that they can't be used against you in lawsuits and such. It's why cops use it.

If you're going to actually store that data then the risk of the person storing it and then giving access to it to whoever is way too high. Even if they let you control the keys that defeats the purpose. If you're going to have to c

Re:

[Anonymous Coward]

some companies, like those in the financial sector, require keeping records of e-mail and the like for compliance purposes. this probably isn't of much use to individual users.

Re:I can't think of anything stupider

[ffkom]

It's why cops use it.

I don't know about cops, but corrupt politicians sure like to use Signal [heise.de]. While, of course, at the same time, demanding that every normal citizen's chats are being stored and eavesdropped [freiheitsrechte.org].

Re:

[madbrain]

No, that's not the entire point. Some of us use Signal and other encryption systems for perfectly legal private communications. We just don't want the ISP or anyone else to be reading our chats or reviewing our media - only the intended recipient.

Re:

[ZackSchil]

I think this is the latter case, where the backups are useless to signal or law enforcement, and can only be decrypted by the keys that you hold on your device (or in a backup if you made one). The keys get spread to all the devices you have logged in to signal, so if you have more than one you're reasonably ok to not make an effort to back them up explicitly. If you lost all your logged in devices and had no backup of the keys, their cloud backup would be useless, but it's not super likely I don't think.

It

Re:

[pixelpusher220]

it being a text 'key' makes me question how resistant it would be to a court order.

They aren't forcing you to actively decrypt your backups, they're using the key you 'have' not 'know'. That's conceptually no different than a key to a lock box...and you have to turn over that key if ordered. A key isn't incriminating so it's not protected by 5th Amend.

Re:

[unrtst]

If you're going to have to control the keys yourself you might as well just do the encryption yourself and then hire any one of a number of regular cloud backups companies.

I think this rsilvergun guy might disagree with you - "couldn't think of anything stupider than letting another company (like those cloud backup companies) handle encrypted data like that" :-P

Seriously though... how do you propose we "just do the encryption yourself" in this case? The IOS app doesn't even have an option to export chat history. On the desktop, one can use sqlite to dump the chat DB, but are we really going to recommend that normal users implement an encrypted backup that way?

I guess if the data isn't sensitive from a legal standpoint and you're not afraid of the cops getting their hands on it. But then there's tons of other services and they're probably going to be cheaper.

I'd move that li

Re:

[Anonymous Coward]

Just to be clear, on Android, Signal stores an encrypted backup on the filesystem (this might be an option I enabled). I occasionally (about once a month), copy that file to my backup on an encrypted ZFS dataset. Which is fine for a technical user, but having a service run by Singal to handle the backups is nice for non-technical users. It's opt-in, so users who don't want Signal storing even encrypted backups can just not enable it.

Re:

[unrtst]

... having a service run by Singal to handle the backups is nice for non-technical users. It's opt-in, so users who don't want Signal storing even encrypted backups can just not enable it.

100% agree. It's not at all like MS Recall; They're doing this the right way.

Re:

[bill_mcgonigle]

> Seriously though... how do you propose we "just do the encryption yourself" in this case? The IOS app doesn't even have an option to export chat history.

I agree - most of my Signal friends can't manage to do backups and their safety number frequently changes when they drop their phone in the toilet. Not something that's happened to me, but wow, it's common. This breaks the assumed security model.

That said, I use Android and my nightly backups are copied by Syncthing to another device most nights. I ke

Re:

[arglebargle_xiv]

Signal needs something in order to keep going. They did encrypted IM ten years ago, added voice and video a few years later, and ever since then have been floundering around pushing out multi-hundred-MB updates that do nothing apart from show they're still alive every few weeks. It's sort of like Firefox but without the oceans of Google funding.

Re:

[FunOne]

It does allow exactly that. This is a new service that lets someone else handle it for you in exchange for a fee. You can currently let Google or anyone else handle your encrypted backups if you want.

Re:

[rocket rancher]

More trollish BS. You make sweeping claims, provide zero technical detail, and push as much FUD as you can.

Signal is implementing secure backups in a way (zero knowledge) that mitigates known attack vectors: no key escrow, no server-side metadata leakage, no linkability to payments, ciphertext padding to resist analysis, and backups that honor disappearing messages. The tradeoffs are intentional: you must safeguard your recovery key, and “secure backups” don’t protect against device-leve

Dying without revenue

[Big Hairy Gorilla]

You could see this coming years ago when the nag screens started. Free services costs someone else money. Can't go on for very long.

This will likely do well enough ... there are *always* people who will pay for any product or service. How many of you pay small monthly fees for Apple cloud storage?

Any amount of recurring monthly revenue adds up pretty fast. That's why every thing is a service now. Last I read signal had 600m users ... if 5% sign up that's $60m cash flow per month ... should help keep the ser

Re:

[hoover]

I'd happily pay good money for signal (and / or start making regular "donations") if that removed the stupid "4 coupled devices" limit.

That's one thing (for example) telegram does right, I have yet to hit their limit of the maximum number of coupled / synced devices.

With signal, the device you're currently using always happens to be the one that just got bumped off the coupled devices list as per Murphy's law.

Re:

[brickhouse98]

Yeah I think this should make people feel better about Signal. I know that I felt ok with Threema (one time fee for users, ongoing for their work accounts) but always questioned how Signal would keep the lights on. This sounds like a win/win.