Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I was waiting for this, even donated some time ago. Went to install it but it requires iOS8 so my perfectly functioning iPhone 4 can't run it.

Is very hard to keep older iOS support?

Side rant: I hate Apple is leaving my hardware off the grid. It is well cared, like new, battery is ok, no reason to think about replacing other than iOS8, and that sucks.




They addressed it in this github issue: https://github.com/WhisperSystems/Signal-iOS/issues/614

I'm also disappointed in this. The people I most want to use this with are also the people who have an iphone4.

I don't get the impression it'd be impossible to backport it from that post, so some enterprising individual could maybe do just that...


I'm surprised they didn't mention how amazingly insecure it is to be running a phone that old. If you're running a private messenger like Signal, you might not want to install it on a device vulnerable to bootrom exploits that negate all the advantages of disk encryption.


The idea is to get everyone to routinely use encryption like Signal. This increases the cost of drag-net surveillance, forcing instead more specific targets.

For that scenario, it doesn't matter if you're also vulnerable to direct hacks. You can still help normalise encryption.


While this is true, they also, through TextSecure, support many android phones that are probably in much worse shape on that front. It's also not like web browsers refuse to use TLS because your computer's running a compromiseable version of Windows.


That analogy sure stopped and made me think. What a sticky issue. SHOULD browsers do that? What if your bank website refused to allow you to sign in from a machine running unpatched XP?

I think right now there might not be enough exploits targeting banking on XP machines to justify that inconvenience, but it seems like a responsable argument could be made for both cases.


It might seem like a good idea on the surface, but think about the impact this might have on people who can least afford it (consider why people might be using old phones or old operating systems, and what impact lack of access to their bank could have on them for even a day if it's the wrong day), in the name of protecting them from something theoretical.


So they don't want to do the work. However, if someone sends a pull request, would they reject it?


If it introduces new vulnerabilities, I wouldn't want them to do it. They also have a reputation to maintain. If news starts popping out that TextSecure is vulnerable and such, fewer people will be interested in installing it anyway.

But if that's not an issue, and they can afford to support at least iOS7, maybe they should do it. However, I'd rather have them focus resources on bringing Signal to Android and to the desktop. I think those are much bigger priorities than enabling Signal for a few extra million iPhone 4/S users.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: