search

signalapp / Signal-Desktop

A private messenger for Windows, macOS, and Linux.
https://signal.org/download
GNU Affero General Public License v3.0
14.16k stars 2.57k forks source link

Windows: Signal uninstaller deletes user data when uninstalling application. #6923

Open nabeelr opened 4 days ago

nabeelr commented 4 days ago

Using a supported version?

Overall summary

Reopening #6910 a new ticket as it was closed before I could respond, and the response from @indutny-signal is insufficient and inaccurate.

When running the Signal uninstaller, not only is application data removed, but user data is also removed.

The modal dialog box that pops up saying something to the effect of "The app and its related info will be uninstalled." doesn't make it clear that user data is being removed, as user data has nothing to do with app data and it's related files.

Uninstalling Microsoft Word doesn't delete your documents, uninstalling Call of Duty or Valheim doesn't remove your game saves, uninstalling Nvidia drivers doesn't remove your display configurations (and requires an explicit checkbox if you want it to).

User data is generally never deleted by uninstallers. In the few exceptions where this is not the case, users are typically explicitly warned or offered to remove their personal user data during the uninstall process (as is the case with the aforementioned Nvidia drivers).

Neither of these things happened when uninstalling Signal.

User data integrity should be a core concern of a secure messaging app.

The dialogue box that pops up is insufficient. It basically reads as "Are you sure you want to uninstall?".

Steps to reproduce

  1. Set up Signal
  2. Link to your mobile app.
  3. Use Signal and allow a history of messages to build up on your Desktop app.
  4. Uninstall Signal
  5. Reinstall Signal
  6. Open Signal to see all data is gone.

Expected result

User data should NEVER be mishandled, or deleted without the users explicit permission, and it should be EXPLICITLY stated if taking a certain step will cause that to occur.

Actual result

In attempting to address an unrelated bug within Signal, an older version that was listed as also being installed along side the current version, was uninstalled. Unbeknownst to me the user, this was simply a second entry denoting an older version number, of the existing up-to-date install. Upon reinstalling Signal, I discovered that all my user data was gone, without ever being prompted to remove it.

Screenshots

No response

Signal version

7.11.1

Operating system

Windows 11 23H2

Version of Signal on your phone

7.8.1

Link to debug log

No response

nabeelr commented 4 days ago

I feel the need to break this down further because there may be a language barrier here.

The app and its related info will be uninstalled.

The way a sentence like this is parsed is as such: "The app" Signal in this case, "and its related info" the data signal needs to operate, "will be uninstalled" meaning this information, that Signal needs to operate will be removed from your system.

Signal doesn't need user data to operate. Furthermore, user data is not seen as belonging to the app or Signal. It belongs to the user: "and its related info", its states possession, the data that "the app", Signal owns. Signal doesn't own a users messaging data.

It's very clear that someone just used the default text for this installer system, and added the user-data folders to the in the uninstall script. Let's not dig our heels in because it's what was always done, or out of laziness.

The corrective action is to either remove the deletion of the user data folder from the uninstall script, or modify the text to also state it removes user data, because currently it does not.

Anything else will make users stop relying and trusting Signal. You can't trust something that doesn't do what it says it's going to do, or something that works in unpredictable ways.