Is it just me that parsed that as SMERSH?
Signal chat app clone used by Signalgate's Waltz was apparently an insecure mess
An unidentified miscreant is said to have obtained US government communications from TeleMessage, a messaging and archiving app based on the open-source Signal app and used by ousted national security advisor Michael Waltz. TeleMessage, which was acquired by Oregon-based Smarsh in 2024, says it's shut the app down for now. " …
COMMENTS
-
Monday 5th May 2025 21:22 GMT Grindslow_knoll
Signal has encrypted backups
This whole compromise is the reason why Signal has only ever had encrypted backups and there is no access if you do lose the credentials.
In the context of the signalgate saga it's hard to understand that, if you decide use an app so you have communications that you think allow you to sidestep the whole disclosure procedure, you then use a version that leaks them in plaintext.
-
Tuesday 6th May 2025 10:37 GMT I ain't Spartacus
Re: Signal has encrypted backups
In the context of the signalgate saga it's hard to understand that, if you decide use an app so you have communications that you think allow you to sidestep the whole disclosure procedure, you then use a version that leaks them in plaintext.
I suspect that the sweet spot is to have deniability - to be able to say that you've used a communications method that doesn't allow messages to be stored. Thus there's no evidence, if you don'ot want there to be.
On the other hand, sometimes it's useful to have evidence. For example, if you get into a pissing contest with one of your "colleagues". You're unlikely to want to go public with it, but for internal use, specifically when trying to get Trump on your side of an issue - being able to show him the evidence could turn out to be quite useful. You never know, the idea might even be to keep stuff for the memoirs.
-
Wednesday 7th May 2025 10:05 GMT Charlie Clark
Re: Signal has encrypted backups
There's usually sufficient metadata to provide evidence of communication and not keeping records is a violation of the Presidential Records Act.
I can see the legitimate use of commuincations systems for which leave little or no trace, but these would be using dedicated and disposable hardware and not available to any member of the administration.
-
-
Monday 5th May 2025 21:36 GMT elDog
Helluva demotion, waltz. You're foisted onto the UN - a backwater in the middle of nowhere.
This is a good way to show the United Nations how seriously trmp thinks of them. First he proposed a congress-critter-liar named Stefanik who had to be withdrawn. Guess it's like an FBI agent assigned to Juneau, AK. Or a russian dissident assigned to Siberia.
-
Tuesday 6th May 2025 20:40 GMT Pascal Monett
Re: Helluva demotion, waltz. You're foisted onto the UN - a backwater in the middle of nowhere.
What it is does not concern me. What it isn't does.
What it isn't is him in handcuffs going in front of a judge explaining why a National Security Advisor, a prominent figure in the US government directly responsible for the nation's security, is using an unsecure, unvetted app and, from what I've read elsewhere, a direct connection to the Internet that does not go through the secure firewall.
This group of clown led by the orange baboon is a mockery of government, of democracy and of just plain decency.
-
Monday 5th May 2025 22:08 GMT Someone Else
A quote from Forrest Gump comes to mind.
How motherfuckin' stupid is this man? He lost is job because he couldn't be arsed to keep secret things secret. Twice. And there he is again, doing the same stupid motherfuckin' thing again. On a even less secure app. Now, everyone by now knows there are secure communications apps that are government sanctioned for just exactly this exact use. What, is this mofut just too stupid to use them? Or perhaps he really is just one of those sub-room-temperature-IQ sporting cretins that doesn't know he's supposed to use the secure apps. In either case, he should be deterred from using anything short of crayons and 3-lined paper for communications. (Just like his boss.)
And he's gonna be our next UN Ambassador? Seriously?!?
-
Tuesday 6th May 2025 06:35 GMT Anonymous Coward
Re: A quote from Forrest Gump comes to mind.
He absolutely does know yes supposed to be using secure, government sanctioned Comms channels.
He also knows those channels are sanctioned by government because they can be monitored by said government's security services.
Make of that what you will.
-
Tuesday 6th May 2025 11:54 GMT Graham Cobb
Re: A quote from Forrest Gump comes to mind.
The real Signal app cannot be monitored by any security services as far as anyone knows.
However, using the real app means that when he loses his phone (or has it taken away from him by his boss/the authorities) he can't retrieve the messages he might weally need to get him out of trouble with said boss/the public/the authorities of whatever other country he wants to impress.
He doesn't know that you can have security, or you can have archives. Not both.
-
-
-
Tuesday 6th May 2025 11:51 GMT vtcodger
Re: A quote from Forrest Gump comes to mind.
While the US military and intelligence communities have cultures that take Security seriously, I've never seen any sign that the legislative and (especially) executive branches care much about it. I really wouldn't expect too much on that front from a government led by a guy who had a shower stall full of classified documents he could have formally declassified in about 60 seconds when he was in office. All he had to do was tell his document control clerk "You see those filing cabinets over there. I just declassified everything in them. Make it so."
-
Wednesday 7th May 2025 11:46 GMT IglooDame
Re: A quote from Forrest Gump comes to mind.
He's not going to be the next UN Ambassador, he's being nominated for it. He'll clearly not have the confirmation votes in the Senate, his nomination will be withdrawn, and that's that, he can go run for some US Rep seat or governor or something. See this way he's not being fired, so Trump (theoretically) doesn't look dumb for having him as his Nat'l Sec Advisor in the first place.
-
-
Tuesday 6th May 2025 02:18 GMT Anonymous Coward
Re: Only the very best people
You won’t believe how best these people are!
Only if perhaps you admit an an acronym. Something like:
Bloody Extraordinarily Stupid Twats
and even then these bestial blots have left enough slack to exceed themselves before achieving the superlative best b.e.s.t.
In most parts of the globe if for whatever reason the gates to the institutions containing the criminally insane were to be left open and the nation awoke to find a menagerie of dangerously psychotic maniacs making the pretense of running the place the good citizens would deal with the nutters fairly summarily and without the "benefit" of the second amendment. In the US they just open a few more gates.
-
-
Tuesday 6th May 2025 02:39 GMT Mister Jones
And Then There Is The NSO Product Pegasus......
If an endpoint has been compromised with Pegasus, Signal or Telegram or TeleMessage are all compromised......
...because the miscreant controlling Pegasus can see everything in plain text on the end point!
(1) Just ask Angela Merkel!!!
(2) Have agents elsewhere in the administration used Pegasus on THEIR OWN COLLEAGUES??
Paranoid? No.....not me!!