1. Bundle an Open source IME to be used when in incognito mode. 2. Warn users when they switch to incognito that their IME may still be recording the words they type.
This isn't just about compromised phones. A 3rd party keyboard doesn't have to respect the incognito flag.
https://support.signal.org/hc/en-us/articles/360055276112-In...
Sure, the app should say that too, not sure if it does.
Also, the small team of developers can only fix so many things at a time. There's ~50M more users today than a month ago, there's bound to be more work wrt. maintenance which will slow down implementing new features.
https://github.com/signalapp/Signal-Android/commit/0a29ffcf4...
Where would you say the line should be drawn?
At this point you're not complaining about the end result -- they did actually implement something as a result of the feedback -- you're just complaining about the time it took them to do so. Which is IMO pretty silly, as the Signal folks make their own decisions about prioritization, and they're not at all beholden to the people who don't pay them for their service for any kind of schedule guarantees.
Is there a good open source IME? I thought Apple/Google/Microsoft haven't been able to ship a decent one and most people use Baidu's.
> 2. Warn users when they switch to incognito that their IME may still be recording the words they type.
Is a blanket "Your phone might be compromised, we can't help you if it is." warning actually useful? This doesn't really provide the user with any actionable information.
>This isn't just about compromised phones.
This is 100% about compromised phones running malicious keyboard apps.
As you say, a blanket warning that the customer's phone may be compromised is unhelpful. Warning customers who have a custom keyboard of the risks those keyboards pose (similar to the warning Android displays at custom keyboard install time)[0] could go a long way towards educating customers.
Signal markets itself as a one stop solution to privacy issues. I think it makes sense that they should outline the areas where they cannot, in fact, assure the customer's privacy.
[0]: https://support.swiftkey.com/hc/article_attachments/11501105...
>Shouldn't Signal then also warn or refuse to work on Android versions with known vulnerabilities? Or if there are apps installed on the device with the accessibility permission?
>Where would you say the line should be drawn?
What activists have been saying - and you should speak to them, not me - is that a warning is better than lulling people into a false sense of security.
Again, your phone may not be compromised but your IME could still be malicious.
The fact that Moxie and his team won't even engage with the people who originally brought this up is somewhat vexing.
But in the end any such warning is meaningless as it can't possibly be acted upon.
>Again, your phone may not be compromised but your IME could still be malicious.
If you're using a malicious keyboard app I think it's fair to say that your phone is compromised.
