EDIT: To be 1000% clear, they should not be using personal cell phones for this, which they probably did because everyone in this admin is braindead gutter trash. I’m suggesting that self-hosted Signal over government servers is probably fine for security with potentially some tweaks to the app. Something I neglected to think of however is that this sidesteps record keeping, and probably deliberately so. My contention here was solely about security, but this fact makes Signal use unconscionable in my book because it impedes accountability.
Okay, let’s just be clear here: Signal isn’t just another “private app”; the amount of information they have about your communications is zero (0) with the exception that I believe they can see if you have an account and the last time you connected to the server. Governments absolutely do rely on Signal. The Signal protocol is open and highly robust, the app code is FOSS and has eyes from a shitload of security researchers globally due to its importance, its server code is FOSS (although you don’t have to trust this due to the robust E2EE, and you can even self-host IIRC due to the FOSS server code), and it has reproducible builds.
This fuck-up was strictly due to the fact that they’re incompetent morons just randomly inviting people to group chats and shit with no guardrails. If I had to guess, they’d probably want to self-host the fork the Signal app and make it so that you can only invite people with some form of clearance, but this last thing is total speculation on my part. I’m sure there’s some way to sanely do this. The part about Signal being secure is just objectively true; it’s audited like absolute crazy, both the FOSS app and the protocol. I would trust it more than whatever the US government could homebrew, even.
If you, as a citizen, are looking for secure, private messaging, Signal should be at the very top of your list of possible candidates alongside Matrix, SimpleX, and Session (keep in mind that Element and Session do not yet support forward secrecy, although the Matrix protocol does).
This fuck-up was strictly due to the fact that they’re incompetent morons just randomly inviting people to group chats and shit with no guardrails.
No.
These fuckwits were handling classified and top secret information in the open on their cell phones.
It doesn’t matter what specific app they used. This is not about the technology. You missed the point.
This is the same team of geniuses that kept classified files, some of which were mysteriously emptied of their contents, in the unlocked bedroom and bathroom of a members-only club in Florida, near the swimming pool whose water mysteriously destroyed all the surveillance video just when the FBI were about to look at it.
Not to mention that, in this case, the phone network was known to hacked and infiltrated by adversaries.
https://en.m.wikipedia.org/wiki/Salt_Typhoon
This hack included JD Vance’s phone who was part of this chat group.
https://www.nytimes.com/2024/10/25/us/politics/trump-vance-hack.html
These peoples phones shouldn’t be considered any more secure than a public bathroom.
Let’s also be clear: Signal, regardless of their encryption standards, is not an approved system for any kind of classified information. Leaks of this nature have the potential to cost people’s lives. Every single person in that group chat would have known this. Many of them have original classification authority.
Further, not only was the platform not approved for the information, the messages were set to disappear after some time. This is a violation of government record keeping laws and FOIA standards. This wasn’t an oopsie.
There’s been a few articles recently about Session authors starting with Signal protocol, and then continuing without clear understanding what they do, thus that Session shouldn’t be used.
Matrix is a compromise, it’s not as much about security as it is about just modern FOSS chat.
Matrix is a compromise, it’s not as much about security as it is about just modern FOSS chat.
Pray tell. Granted again that Element doesn’t yet support forward secrecy, but describe what you see as specifically wrong with Matrix, please.
but describe what you see as specifically wrong with Matrix, please.
Federated with huge load on servers. I’d prefer something like old Skype with auth servers part interacting via activitypub or something like that.
It’s almost like both “parties” only care about decent OpSec when the other team fucks up.
And neither party cares about the endless imperial slaughter that these communications facilitate. Not even worth mentioning.
An app that multiple intelligence agencies have likely cracked
I don’t run a magazine so I couldn’t report it but I was included on a top secret Signal group chat where administration officials talked about how long you should wait after Trump or Elon absolutely explodes a White House bathroom. A friend at OSHA accidentally added me.
The younger staffers were given a map of nearby Starbucks locations because sometimes, it would take hours for the West Wing loos to be re-certified as a safe workplace environment. And if the inspector forgot his Geiger counter, forget it. Bathrooms were off limits that day.
It’s almost like excusing neoliberals for breaking the law just normalizes republicans doing it…
And they’re a lot stupider, so when they do it there’s more likely to be negative consequences.
The solution is higher standards and holding someone responsible even when they have the right letter by their name.
Letting neoliberals be as shitty as they want hasn’t been working out for 30 years since they tried to convince us a president lying about sexually taking advantage of interns in the oval office and then lying about it under oath to Congress was a “nothingburger” to use their own vernacular.
All lowering Dem standards does, is make us look like hypocrites. And that depresses turnout, which lets fascists into office.
a president lying about sexually taking advantage of interns in the oval office
I think the intern was willing and the problem was with lies.
Anyway, sometimes you have to release the steam even in the oval office.
Clinton is an unpleasant person (being best buddies with the current president before the latter’s brain rot due to neurosyphilis became irreversible, for example), but why the hell fscking someone there is a bigger deal than, for example, just ordering murders overseas or legally starting this whole mass surveillance thing?
I think the intern
Was an intern…
And he was the fucking president.
Think of a scenario where anyone in management at a company can have “sexual relations” with an intern in their office and it can be described as “willing”.
Now, despite what Biden spent four years saying, understand that a US president is more powerful and has more of an effect on their interns careers and lives than some random CEO.
For fucks sake, it’s 2025, do you really understand how the implict and explicit power dynamic prevented consent at least during working hours.
You think she did what she did with a guy 3 times her age because he was charismatic? It’s because he was the president.
Just…
I feel like I’m rambling but there’s so many obvious ways this was problematic, and you’re still just fucking ok with it?
but why the hell fscking someone there is a bigger deal than, for example, just ordering murders overseas or legally starting this whole mass surveillance thing?
That was never the big deal, it was wrong and fucked up…
But the big deal was Bill lying under oath to Congress about it, and Dem politicians and voters closed ranks and said it didn’t matter.
The coverup, not the crime.
That was the beginning of the end of the two party system. Only one party had any integrity and we gave it away to protect Bill Clinton and neoliberalism.
I guess this was all 30 years ago, and a lot of people weren’t old enough to remember it happening, but it was also too recent to be in history books yet.
There’s not really an excuse to not learn about it now, political literacy literally saves lives. We need more informed voters.
This is a deeply off topic whataboutism that only serves to distract from how horrible the trump administration is. You are benefitting the conservatives.
You think she did what she did with a guy 3 times her age because he was charismatic? It’s because he was the president.
Generally you would be right, but it seems Clinton really did have the kind of charisma to attract women almost unnaturally, long before he became the guy 3 times her age and a president.
I feel like I’m rambling but there’s so many obvious ways this was problematic, and you’re still just fucking ok with it?
No, just everything is relative, and some bad things are solved at the expense of other bad things.
But the big deal was Bill lying under oath to Congress about it, and Dem politicians and voters closed ranks and said it didn’t matter.
That’s what I said.
There’s not really an excuse to not learn about it now, political literacy literally saves lives. We need more informed voters.
LOL, I live in a country where most of the populace doesn’t understand what was wrong with mass repressions. They think some bad rich people were the majority of victims, and not typical Ukrainian and Siberian farmers. And of course they don’t understand that the government is not the property of its employees and politicians in power.
You have a long way to fall to reach that. But all those idiots were sufficiently informed. They chose to believe something worse.
I’m all for accountability and yes there should have been repercussions for Hilary Clinton for using a private email server but in 2016 Republicans used the emails as a cudgel to keep scoring points and drag out investigation after investigation and hearing after hearing to keep the buttery males in the news cycle and keep constant attention on smearing her and making her seem like the incompetent evil mastermind behind benghazi and the pizza parlor and the adrenochrome.
We go high. They go low. And when they go low, they win elections.
