@metacolon Okay, the cloning session thing might be new, I haven't looked up on that. But I'm mostly talking about the attachment encryption issue here.

Yes, it's not something that Signal must do, but they should, considering they're always up talking about how privacy and security are so important. It's not a good look for a project dedicated to this, to ignore such a feature.

Apparently they did the data encryption at-rest for Signal on Android (before it was removed? and added back? by Molly) because Android didn't have "usable" FDE at the time.

And, come on, if WhatsApp has data encryption at-rest, I think it would be almost necessary for Signal to have it too, just because WA would be superior in this specific regard otherwise.

" but it is reasonable to assume that if someone can read your files, they can also read your screen" - this would depend on the OS. Linux has Wayland to prevent this, Android allows apps to prevent screen captures (screenshots would be blacked out).