The developers of Signal are currently doing a user survey:
I told them that I really like the app but also that I would like:
a) Signal on @fdroidorg
b) a proper desktop client
c) no data stored in "secure enclaves"
Maybe you'd like to tell them, too?
Think their use isnt as secure as signal suggests either. SGX isnt a secure enclave. Its using root-of-trust signing. If I'm not getting confused all Intel CPUs have keys that can do SGX attestations. If you keep one from getting updated, while watching for and examining any updates they get, may find a way in.
Alternatively just try hard to attack one, maybe an older, less secure design. Or an employee leaks the keys.
Signal is relying on this to increase security of the encryption on this metadata. Its running on servers they don't control
They pretty much forced people into setting this up (couldnt use the app otherwise)without explaining properly what was going on
The app offered a keypad - where users were highly likely to set up a weak pin
Theres a whole load of SGX exploits been developed
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!