Okay, let’s just be clear here: Signal isn’t just another “private app”; the amount of information they have about your communications is zero (0) with the exception that I believe they can see if you have an account and the last time you connected to the server. Governments absolutely do rely on Signal. This fuck-up was strictly due to the fact that they’re incompetent morons just randomly inviting people to group chats and shit with no guardrails. If I had to guess, they’d probably want to fork the Signal app and make it so that you can only invite people with some form of clearance, but this last thing is total speculation on my part. I’m sure there’s some way to sanely do this. The part about Signal being secure is just objectively true; it’s audited like absolute crazy, both the FOSS app and the protocol. I would trust it more than whatever the US government could homebrew, even.
Let’s also be clear: Signal, regardless of their encryption standards, is not an approved system for any kind of classified information. Leaks of this nature have the potential to cost people’s lives. Every single person in that group chat would have known this. Many of them have original classification authority.
Further, not only was the platform not approved for the information, the messages were set to disappear after some time. This is a violation of government record keeping laws and FOIA standards. This wasn’t an oopsie.
I mean we put a fox news anchor in charge, and if he’s even half as dumb as he looks, well that’s pretty fucking dumb. I doubt he understands, or if he does, doesn’t care. Just shameful. But hey, at least the libs are getting owned.
There’s been a few articles recently about Session authors starting with Signal protocol, and then continuing without clear understanding what they do, thus that Session shouldn’t be used.
Matrix is a compromise, it’s not as much about security as it is about just modern FOSS chat.
Okay, let’s just be clear here: Signal isn’t just another “private app”; the amount of information they have about your communications is zero (0) with the exception that I believe they can see if you have an account and the last time you connected to the server. Governments absolutely do rely on Signal. This fuck-up was strictly due to the fact that they’re incompetent morons just randomly inviting people to group chats and shit with no guardrails. If I had to guess, they’d probably want to fork the Signal app and make it so that you can only invite people with some form of clearance, but this last thing is total speculation on my part. I’m sure there’s some way to sanely do this. The part about Signal being secure is just objectively true; it’s audited like absolute crazy, both the FOSS app and the protocol. I would trust it more than whatever the US government could homebrew, even.
No.
These fuckwits were handling classified and top secret information in the open on their cell phones.
It doesn’t matter what specific app they used. This is not about the technology. You missed the point.
This is the same team of geniuses that kept classified files, some of which were mysteriously emptied of their contents, in the unlocked bedroom and bathroom of a members-only club in Florida, near the swimming pool whose water mysteriously destroyed all the surveillance video just when the FBI were about to look at it.
Not to mention that, in this case, the phone network was known to hacked and infiltrated by adversaries.
https://en.m.wikipedia.org/wiki/Salt_Typhoon
This hack included JD Vance’s phone who was part of this chat group.
https://www.nytimes.com/2024/10/25/us/politics/trump-vance-hack.html
These peoples phones shouldn’t be considered any more secure than a public bathroom.
Let’s also be clear: Signal, regardless of their encryption standards, is not an approved system for any kind of classified information. Leaks of this nature have the potential to cost people’s lives. Every single person in that group chat would have known this. Many of them have original classification authority.
Further, not only was the platform not approved for the information, the messages were set to disappear after some time. This is a violation of government record keeping laws and FOIA standards. This wasn’t an oopsie.
I mean we put a fox news anchor in charge, and if he’s even half as dumb as he looks, well that’s pretty fucking dumb. I doubt he understands, or if he does, doesn’t care. Just shameful. But hey, at least the libs are getting owned.
The mere fact it was possible to invite a random journalist to the chat is ridiculous. That shouldn’t be an option in a secure environment.
There’s been a few articles recently about Session authors starting with Signal protocol, and then continuing without clear understanding what they do, thus that Session shouldn’t be used.
Matrix is a compromise, it’s not as much about security as it is about just modern FOSS chat.
Pray tell. Granted again that Element doesn’t yet support forward secrecy, but describe what you see as specifically wrong with Matrix, please.
Federated with huge load on servers. I’d prefer something like old Skype with auth servers part interacting via activitypub or something like that.
Do you see anything wrong with it security-wise? The wording of your previous comment has me confused where you fall on this.