As mentioned in the comments, plain text keys aren’t bad because they are necessary. You have to have at least one plain text key in order to be able to use encryption
As mentioned in the comments, plain text keys aren’t bad because they are necessary. You have to have at least one plain text key in order to be able to use encryption
Phones come with pretty easy encryption APIs that use hardware encryption stores to do the encryption work. You can copy the entire data folder to the same phone after a factory reset, but the messages won’t decrypt. It’s a useful extra encryption feature that’s pretty tough to crack (as in, governments will struggle) but trivial to implement.
Desktop operating systems lack this. I believe Windows can do it through Windows Hello but that requires user interaction (and Windows isn’t sandboxed anyway so it doesn’t protect you much if you’re running malware are the same time). Don’t know about macOS, but I assume it’s the same story. Linux lacks support for security hardware entirely and doesn’t even try (see: the useless Keychain API copy).
What desktop operating systems do protect you from, though, is offline attacks. Someone needs to know your password to log in and grab the keys, even if they know your disk’s encryption key. Not even your Bitlocker recovery key will suffice to get your keys out of a locked Windows Hello key store. Linux can implement this ad well, in theory, but nothing seems to actually implement any of it.
Leveraging modern key store mechanisms would protect Signal on macOS and Windows. On Linux you’d still be in the same shitty situation, though if they were to implement the key store API, someone could at least eventually make something secure in the future.