That’s essentially what this is. You install it to migrate, then you remove it again and install the original Signal app, as per the steps in the repo.
I would guess it was easier (or even only possible) this way.
Yeah it's probably already hard enough to expect the average phone user to know how to (un)install apps. But expecting them to know which directory the file is in and is supposed to go into? Way harder.
> The purpose of this fork is to make the transition to Signal easier. It was created out of a personal need and might not be supported or extended in the long run.
Doesn't sound like he really put much more thought into it than "make it work". Like most of these one-and-done things, as a developer, you take the easy path, then forget about it.
If the backup restore is a merge rather than a nuke and pave it might make sense to do whatever Molly[1][2] does to allow it to be installed alongside Signal, so it's install this, import from WhatsApp, then backup/restore without having to do the uninstall/reinstall dance.
There's some extra weirdness about this too. The fork is from johanw666 and not from SignalApp. Johan has additional customizations in his fork, such as ignoring deletes. I thought the reason to fork here was because it would be a useful merge into the main branch but given that it is a fork of a fork that makes things harder.
They're interested [1], but as usual, giving some though on how to do that in a privacy-maximising way:
> Thanks, we know [backup] is a big deal and think about it a lot. We're working on ways to do it that would be privacy preserving, and in the mean time we've got the p2p device transfer you mention. We'll keep working to make it better!
It appears you've linked to a comment about the lack of a way to backup signal messages on iOS. That is separate(ish) from the importing of messages from WhatsApp.
So, no, they're not interested in WhatsApp import (per the closed ticket liked by the parent).
Additionally, the statement from signal is just PR spew. It boils down to "Nah, we won't make a way to do that.". The "privacy preserving" bit is nonsense because they have an export/import to a file on android.
Oh whoops, my bad - I was under the impression it was about import/export of Signal messages in general. There's been so much news about Signal recently that I'm getting comments mixed up, it seems.
The repository mentions [0] the Wassenaar agreement, and that I must consult with the laws of my country on whether I am allowed to import/use software which includes encryption algorithms developed in other countries.
Wat?
In this day and age 99% (OK, this number is exaggerated, but you get my point) of software includes some sort of encryption. For one, think about all the libs/apps which communicate over the Internet and use encryption libs to talk via HTTPs. Is mentioning The Wassenaar Arrangement [1] in terms of software even necessary nowadays?
Linux, Windows, MacOS - all have encryption libs built in (at least on the kernel level). They have been made in various countries, yet they are used all over the world. Do they fall under the terms of The Wassenaar Arrangement?
> The repository mentions [0] the Wassenaar agreement, and that I must consult with the laws of my country on whether I am allowed to import/use software which includes encryption algorithms developed in other countries.
> Wat?
> In this day and age 99% (OK, this number is exaggerated, but you get my point) of software includes some sort of encryption. For one, think about all the libs/apps which communicate over the Internet and use encryption libs to talk via HTTPs. Is mentioning The Wassenaar Arrangement [1] in terms of software even necessary nowadays?
> Linux, Windows, MacOS - all have encryption libs built in (at least on the kernel level). They have been made in various countries, yet they are used all over the world. Do they fall under the terms of The Wassenaar Arrangement?
Fascinating and it sounds doable to me. However, not to my mother in law and most other people I know, which is the group that would require a method like this, but then it should be much easier.
Please not the latter. There are sooo many apps out there where you wonder if it's a honeypot, has more or less functionality, or is a completely different product. All because the name is similar, and the app icon the same or imperceptibly different.
This same argument is made over and over in many threds. I don't understand why this is so hard to understand. Even mobiles and social media were totally new to the older generation but they got used to it. How is this any different ?
Using mobiles/social media is a lot easier to grasp than the steps under "How to do it". Copying files around a mobile file system and building a whole Android application is completely different to what you are talking about.
Is something like this possible but in reverse? Not to migrate to WhatsApp, but to export data from Signal to a neutral environment (text file, zip file, database, whatever). I can’t switch to Signal until this becomes possible.
On desktop you can copy the appdata folder over to the new device. (warning: this is not officially supported)
Note that you must close the app on desktop from the host computer before copying the files over, otherwise the forward secrecy stuff breaks and you'll have to reset the sessions on the migrated computer.
I've tried https://github.com/xeals/signal-back and it's 95% of the way there but could use more attention - maybe it's my backup but the xml-formatted convos were formatted differently than the ones that the sms backup/restore app emitted. I compared just to sanity check it would import correctly but currently I'm unsure if it's a good idea.
FWIW it's nice to have a plain text backup anyway, and a lot better than nothing. Maybe it works fine but I'd rather not import a backup that has "weird" results.
I’ve just discovered that you can sync the iOS app to the desktop client, and then extract messages from the SQLite database after decrypting with sqlcipher (key stored in the desktop client’s JSON config). Not sure how reliably the desktop client will stay in sync with the app though.
I don’t think so. I’m on iOS so I can always get access through my desktop app I have synced. That said, I’m also the kind of person who doesn’t care if I throw away all my text messages.
There is a fork that has the ability to export to encrypted zip, plain text, and the full database [1]. There seems to be a general theme of the dev's not supporting export/import functionality [2].
I sent the link to my elderly parents. They both installed it on their Android without a problem. Then I received a video call from my mum - she'd installed the desktop app by herself.
Mine too. And I tried the Signal video calls the first time with her, they work much better than Zoom or Jitsi! And she already knows how to use the app and I could uninstall WhatsApp. m
Ironically my more elderly contacts added me on Signal nearly immediately after I sent a broadcast message to the WA users I chat with frequently, it was the younger contacts that I had more resistance from.
There are a few areas which are harder to use like backups.
I suspect one of the most difficult to address is getting it to successfully evade the random vendor-built aggressive battery saving settings in Android. WhatsApp is usually whitelisted from those so "just works". If you don't do similar things for Signal, it will stop picking messages up/notifying you after a day or two of inactivity.
The backup issue makes Signal infeasible for me to suggest to family/friends as a serious alternative. It's just not up for discussion. People care about preserving their chat histories and I'm not about to put myself in a position where I'm at fault when that stuff goes lost because something or other. There's a lot of sentimental value there that is non-negotiable.
Unfortunately, that leaves me with ... nothing to recommend people switch to.
Whatsapp allows media from specific chats to be auto saved to photos. It is a very important feature, not sure how these aren’t making the priority bar.
Did Signal for Android drop Google Play Services? I thought they still supported push notifications through Google on Android unless you opted out or use a phone without Google Play.
It is a bit harder to use but, what's more important, not as feature-rich and doesn't have literal billions of users. We are looking at the issue of getting someone to switch selfishly, convinced it's about them not being able to figure things out. Instead, it might be that they want a more polished app or one that has all of their contacts, not just us.
My parents (and my extended family + friends) have been using signal since the Snowden leaks.
All I had to do was ask :)
It's not really a hard app to use either, I had a few calls from them when they introduced the PIN stuff and when I or someone else have switched phone but it's not comprehensible. My parents are closing in on 80 now.
And those are also very good questions since the PIN thing was new and new things could indicate being hacked, and people changing their public key is a thing that Signal does seem to try to de-emphasize as a strong security signal so I'm almost more impressed they noticed it and were concerned.
It sounds like your parents are very unusually observant! I have had coworkers much younger than that who cannot be bothered to read messages like that.
I had a video call with them via WhatsApp, and guided them through the whole process on Dad's phone. After some hickups they were able to setup Signal on both of the devices.
I tried to switch to Signal the other day. In the US on Android, most people use the default messaging app and that means a lot of MMS/RCS messages. All the messages between myself and my wife are RCS, for example. Signal failed to import these - it only did SMS. I'd love to see someone tackle this problem much like this WhatsApp migration. It's essentially a deal breaker for people in this situation.
I might have the wrong impression but Signal has always seemed to me to be uninterested in user requests. They are privicy first & user experience second.
There have been lots of Signal forks with a variety of features the official client refuses to add or merge.
Well, sort of. They have their idea of what they want (approximately "security for the masses"), and if your pull request doesn't go in the same general direction they don't care about it. If it does, they're positivish but they still aren't eager about fixing your code.
FWIW I've had one (very small thing) accepted and another not. That second wasn't a net positive if "security for the masses" is the only important goal.
I fixed handling of multiple SIM cards on MediaTek's forked Andoid, which had added multiple SIM support before Android itself did. There were bugs in the MediaTek code but Signal could be made to work. However, the code I wrote to make Signal work looked risky; it seemed possible that it might break something on other phones.
People only ever mention Signal because of the security by default. Telegram does not have that, their encrypted rooms are something you have to go out of your way to create.
In signal you cant delete/forget contacts... And groups will haunt you to the end of days too. I started to strongly distrust signal after I learned that. It's meta information nonetheless and invites for identity fraud.
But yeah, Telegram can't be trusted either. I hope matrix/element will replace both soon.
Sorry, this doesn't make sense. You certainly can delete chats and leave (and subsequently delete) groups (by swiping left on the chat/group name in the chat list). How do they "haunt" you?
True story, I've been using Matrix with Element for a while. I don't use it for anything much because no one else is on it. Some friends and I have a groupchat on Signal and we decided it would be good to have a backup method to chat if Signal breaks (or to just move to for the reasons that there are, such as not being centralized by design).
It took me at least twenty minutes to figure out how to add my friends to a room I created too long enough ago to have memorized the UI. And they added "Communities" which I created one of but cannot even tell what functionality it even provides.
I don't know if that's a client issue or not but it seems like (maybe?) it's trying to be a social network in addition to a chat app? Some kind of adding in Discord functionality or something?
I guess as long as I can not use social network features and still use it like I use Signal... to flexibly chat with whomever I know the ID of.
I don't think the latter is true. It feels like the Signal team just isn't interested in taking on work (even work done by others) to improve the UX.
I can understand that they have limited funding and want to focus on the security features first and foremost, but that makes it really hard for me to get some of my friends to use it.
Having said that, I agree that Signal's UX is not bad, just that it could be better.
Stuff like multiple clients with shared chat history is a huge pain in the ass for full proper end to end encrypted chats. This is why whatsapp web uses your phone as a proxy and signal does some janky shit to work on multiple devices.
Telegram went UX first and turned down the crypto so that I can install Telegram on a fresh laptop and I've instantly got the same chats, with history, as I do on my phone.
Is there a way to get the Whatsapp messages on iOS? Years ago they were accessible via a sqlite DB, but it's been ages since I did it, and I can't find any online resources about this other than people shilling dodgy .exe apps.
You can still pull the database from an iOS backup on your Mac or created from `idevicebackup2`.
The file is named `1b6b187a1b60b9ae8b720c79e2c67f472bab09c0`, `275ee4a160b7a7d60825a46b0d3ff0dcdb2fbc9d`, or `7c7fba66680ef796b916b067077cc246adacf01d`.
You can export your message history for every chat, I believe including photos and videos. Just need to go to the Group Info screen and then scroll all the way to the bottom.
The ReadMe says to 'Build and install this version of the Signal App and import the encrypted Backup of your signal messages.', so I am assuming we would have to build it but there are no instructions/steps on how to actually do that.
I have been struggling to get my family all moved over but if they have access to their old messages (so I might have to do this for multiple people), that might make it easier to convince them.
I recently moved my gf from iOS to Android and searched all over the internet to see how I can move the WhatsApp database from iOS to whatsapp on Android!! You'd think whatsapp would let you do that!
Long story short , there might be a way of doing that if you install an older version of it.
I failed to transfer the data.
But you can back it up as plain text using "share conversation" feature and then uploading or emailing it.
People are trying to address feature requests for keeping their messages backed up. Something which many people using WhatsApp really enjoyed having.
e.g. On reddit it's common for r/dataisbeautiful to have posts which show graphs/charts on texting activity from the beginning of relationships and stuff. Which requires some way of keeping that data around.
Not 100% on-topic since this is designed for ephemeral use but what is Signal's general stance towards forks on their server? I've considered switching to it but I don't like their official APK distributions.
They can't; part of the premise of the project is that they come up with privacy advances that are deployed network-wide by controlling both the client and the server. See Matrix for an example of how hard it is to get very basic privacy controls up and running when you don't control the client.
(I always come across sounding like I'm dunking on Matrix; I like Matrix. Different project, different goals.)
I haven't seen any evidence to indicate that alternative clients are supported or even tolerated. I don't think Signal will start blocking custom clients, but I don't think the Signal project will aid or cooperate with any development of an alternative client.
I would've liked to use this but it doesn't look like there is a release, so you would have to know how to build it yourself to even be able to try it.
XMPP never got its story together for mobile clients. Sure there are some configurations of XEPs that will eventually allow you a reasonable configuration that supports multi device, history, media, etc, but for whatever reason, gluing those pieces together into something sane has evaded our community.
But in fact most servers are mobile friendly, and have been for many years. You can dig into the data at https://compliance.conversations.im/ (Conversations being the leading mobile XMPP client).
In particular it never got its story together for iOS. ... and macOS more recently. It is quite good, on say, Android (Conversations). Rumour has it that XMPP is a lot more popular in parts of the world where Apple stuff is less popular. Those tens of thousands of XMPP servers are probably in those parts of the world.
There is an active project working to improve things on the Apple side:
Nothing on Windows had voice and video for a long time but Google Talk. More and more people used Google Talk and Facebook. Facebook never federated. Good mobile support took a long time. Google defederated. Facebook and Google cut off other clients.
And encryption, which is an addon and not the default.
Also, XMPP is a good example of a 'victim' of embrace, extend, extinguish. I remember Facebook messenger, hyves chat, Google talk and briefly even WhatsApp, all in my desktop chat app. They all 'did' XMPP, but then removed federation, features or killed it entirely.
The only disadvantage is that Signal reveals the phone number of other group participants. Of course everyone could use burner numbers but, in practice, that's not very likely.
Signal also provides shareable links or QR codes for inviting people to groups now (this feature wasn’t there before, but was introduced some months ago).
Is it possible for signal to act like a chat client, and allow its users to send messages via Signal to someone using WhatsApp? Not sure what protocol WhatsApp and Signal use to send messages - was just wondering since most Email clients do this using SMTP.
I wouldn't expect a project like that to go too far, I know of a couple of oss whatsapp clients that got took down, I'd assume when such a component comes online facebook would start causing trouble for them.
Matrix uses bots which bridges services with services like signal, that seems to be the easiest way to achieve inter-operability, though idk how usable it is in practice.
It isn't likely Facebook is going to be in favour of such a feature, if it ever comes up. It just seems like it would be something that would give people more of an incentive to move to Signal, since they won't lose their contacts. Not sure how it would work in practice though, and how would Signal ensure the messages aren't going through to WhatsApp. Anyway, this was just a thought.
My memory's not great, and it's good to be able to double-check if I've talked about something with someone before, or to find old links/information shared ("damnit, what was her niece called again? I'll sound like an idiot asking her for the third time"). Or stuff like "remember when you told me X?" - just to have evidence to clear things up, or to be able to refer to conversations in the distant past from time to time.
Does it matter? People care. People don't want to lose years worth of chat histories with friends, family and their significant other(s). That's just how it is. I'm not sure why it's so hotly debated around here. People want to preserve their chats and their media. There's sentimental/emotional value to these things and they don't want to lose these things. That's all that should matter. I feel like these discussions always get bogged down in "but why", particularly from people who have a different opinion, when it's irrelevant. People value things differently. Just because their values are different from yours doesn't make them any less justified than you. This is reality. This is people.
If Signal wants to provide a mainstream secure and private alternative to WhatsApp, then it needs to make concessions to accommodate these preferences. If they don't want to, that's fine, but it also means I can't recommend Signal to non-tech friends/family.
It matters because people don't always realize that it means making trade-off's. And people often don't know what the consequences can be of those trade-offs because they didn't realise it was a trade-off to begin with.
In case of whatsapp and keeping chat history it can mean years of chat history becoming public if for example your Apple / Google account (where whatsapp automatically stores your conversation backups) gets hacked.
Do you think the people on Parler would have used the DM function if they had realised all those DM's could become public one day? Of course not. But they simply didn't realize that the "handy" DM function meant those messages were stored somewhere and that in turns means it can all get public one day.
> In case of whatsapp and keeping chat history it can mean years of chat history becoming public if for example your Apple / Google account (where whatsapp automatically stores your conversation backups) gets hacked.
This just isn't the threat model most people care about, nor do they have to. Given a choice between preserving their chat history with their loved ones and not having any of it in the off chance that it might be leaked somewhere, the vast majority of people will opt for the former. Once you value chat history and other media in this way, then the risk simply isn't relevant. Again, this is all irrelevant. You people keep thinking on this one track of "but it's not secure" when that isn't the overriding concern for these people. It needs to be secure enough while not completely disregarding one of their core needs (preserving history). It's non-negotiable and no amount of discussing of risk or privacy will change this. Again, I find it insufferable that tech people are so unwilling to take normal peoples' needs into account.
Signal has the opportunity to become the default secure messaging app while also providing "secure" backups. They don't even need to be cloud backups, though that would be preferred. Even local backups can be sufficient. But as long as they don't account for the needs of "normal" people, Signal isn't a real option.
If I go to my friend's girlfriend and say, here's this awesome secure messaging app that you need to switch to and she switches, then something happens to her phone and she loses all her precious chats, how do you think that's going to go over? I can blabber on about privacy and risks all I want, I'm still the asshole.
> In case of whatsapp and keeping chat history it can mean years of chat history becoming public if for example your Apple / Google account (where whatsapp automatically stores your conversation backups) gets hacked.
IIRC the backups aren't stored in plaintext. They are encrypted with a key known to the device and whatsapp. The key is restored to a new device by whatsapp after SMS authentication.
Hence only a Google Drive compromise will not lead to full chat history compromise. That also requires something like a Sim Swap attack.
This is me. It's like the old shoe-box of postcards which is in the attic a year or two at a time. I still keep an old device with messages from someone whom I will never meet again. It is emotional and I sometimes reminisce by charging the device and scroll through the messages.
Messages are like email. I never delete them. Situations arrive where I have to go look into past messages to see what conversations I had around several dates.
I used my whatsapp chat history to successfully contest a traffic fine.
My parents wanted me to check on their house while they were away. I messaged them on whatsapp when I left my house and then again when I arrived at theirs.
A month or so after my trip I was sent a fine for not displaying my car license while my car was parked on a public road. I had driven down the road where the fine was recorded during the trip. Using the timestamps of the whatsapp messages I was able to show that there was not enough time during my trip for me to have stopped to park.
> A month or so after my trip I was sent a fine for not displaying my car license while my car was parked on a public road. I had driven down the road where the fine was recorded during the trip.
More of an aside, but what sort of car license must be displayed for parking but not for driving down the same road? Is it some sort of parking permit or disc?
A car license is required when driving or parked but the fine was issued to a parked car without a driver in it. I proved that I was driving the car when the ticket was issued so the claims made by the metro officer about how they issued the ticket were not true.
My car was licensed at the time and the license was displayed correctly. I was not guilty of the offense and the whatsapp messages allowed me to prove that the officer who issued the ticket was lying.
It's nice to store any information that's nice to have, but not important enough to expressly record somewhere. "search, don't sort" applies especially well to this kind of info.
Addresses were already mentioned, but that also applies to IBAN, email addresses, door codes, restaurants...
It's also some kind of light diary: you can easily deduce what you were doing on a certain day if you look at the corresponding message.
For me it's not important enough that I would want to migrate it to another app if I were switching (I'd just save the DB), but it's not completely useless either. And of course some people just store everything there, including things that were not messages in the first, just like they do with email. You can argue that they shouldn't, but if that's what they want...
Obviously that's also a privacy risk, e.g. in case you lose your phone. There are many countries where I wouldn't keep my chat history for more than one week.
Personally I read messages, keep them only long enough to take action (when that's necessary) and then delete them. I don't want my brain cluttered by dozens/hundreds/thousands of ancient, no-longer-relevant messages. Furthermore, when the blackshirts come to get you, it's your own old messages they'll use to hang you. Get rid of them, I say.
Some messages include information I need to go back and refer to. eg a recent example for me was a relative sent me dimensions for a piece of furniture they were getting rid of and offered to me so I needed to check if it fit in the space I was thinking of. I couldn't check when they sent me the message so I needed to go back and check later.
But many of us have usecases for looking back at conversations from months ago, so just telling people "you don't need it" isn't likely to get you very far.
Telegram has various issues for the privacy concerned, namely that group chats are never E2EE and 1-to-1 chats are not encrypted by default, among other concerns[1].
Also Telegram is not open-source.
Also Telegram did some shenanigans with cryptocurrency a few years back[2].
The Telegram apps are GPL. Their server is (afaik) closed-source, but having an open source server implementation doesn't mean much for a centralised service without any server-switching support anyway, so no effective practical difference to Signal here in that regard.
Because Telegram is not really an equivalent alternative for secure messaging.
Telegram is much better for “chat room” type capabilities, because that’s not what Signal does. Telegram, Discord, Matrix, Slack all have more robust large group features, but none of them are secure and private by default and none of them hide your social graph.
These are different things. Signal is designed as a secure, more robust alternative to SMS/MMS.
IRC is not even close to filling that role. It’s not more robust nor more secure. At the same time it does several things that Signal doesn’t. Signal, as a messenger, is not a “chat room” or “social network” in the same way that IRC, Matrix, and even Telegram function. There are. I thousand member rooms you can join. It’s meant for secure, small group, communication.
Maybe that will change and they’ll broaden, but I would rather see them keep to their niche and do it well. I have no problem having one messenger app and another for “communities” of sorts.
This fork would end up being a significant maintenance overhead for something that could be done more simply.