From b7f2324a14e86f5984b7653c3fc61db1d7eccb30 Mon Sep 17 00:00:00 2001
From: Andy Balaam <andy.balaam@matrix.org>
Date: Mon, 19 May 2025 13:20:54 +0100
Subject: [PATCH] Note that the security problem is less if clients make the
 setting visible

---
 proposals/4287-shared-key-backup-preference.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/proposals/4287-shared-key-backup-preference.md b/proposals/4287-shared-key-backup-preference.md
index b67a4f822..00b25965b 100644
--- a/proposals/4287-shared-key-backup-preference.md
+++ b/proposals/4287-shared-key-backup-preference.md
@@ -104,6 +104,9 @@ server could:
 
 * cause data loss by tricking clients into not performing key backups.
 
+This can be mitigated if clients make the setting, or any change to the setting,
+visible to users, especially at the time when it affects behaviour (on sign-in).
+
 ## Unstable prefix
 
 This is currently partially implemented in Element clients using a