<tangent opening line of my comment> From people on Reddit: Something that blows my mind- but is fully true
"Hell, I've been in fucking EVE Online alliances that had better opsec than this."
"I'll raise you one: I've never been in any EVE alliance that didn't have better opsec than this."
..I noted Board Games(Secret Hitler, for example) require better opsec. So do card games- it's mindblowing to note this too...
[Main comment by me - technical outlook]
This is not a surprise at all- there were reports that the first Trump administration was using Signal to communicate, and that it was a a risk as messages can be totally wiped and not kept for records keeping.
-From an infosec standpoint- this is more notable than I think people are giving it credit- the fact that the Vice President(Well, maybe not him, he notably admittted in interviews during the presidential campaign, that he'd been briefed by three letter agencies on Salt Typhoon tageting him, but that he was secure because he used Signal) - the director of national intelligence- and several others- use Signal.
it's one thing for Congress, Sweden's Military, and apparently our own military branches to push Signal heavily for non-sensitive stuff-
But when those around three letter agencies -and the groups that would be interested in finding compromises- are using it, that screams to me that it's considered not that easy to attack- which is a point towards Signal
So then the final thing to secure are the endpoints- and of course the risk is a zero day exploit targeting someone. As for subtle push app updates by Signal themselves being a vector- i'd think the Open Source nature of the app prevent that - if the infrastructure for pushing updates is open source as well especially.
Again though- if the White House is using Signal- they likely KNOW most of what their own Three Letter agencies can and can't do(to a point)- so when people in the know are using it- that is telling.
A lot of it may be for the auto disappearing messages, admittedly- but that's notable. And yes, I'm aware Mark Zuckerberg has been known to move conversations off of WhatsApp, to Signal - again, maybe for the disappearing messages(and lack of a report function which would send part of a convo to FB/Meta to my understanding)- but possibly, for the security and lack of meta data being better from a attack surface standpoint
Even if we are generous and assume Signal's protocols and entire communication infrastructure are 100% safe and cannot be compromised, any one single person in the group chat using Signal on a compromised device invalidates all of that.
The fact that Signal was used is less concerning to me personally than the fact that they had this group chat outside of the overall safety umbrella of fully end-to-end vetted systems.
Though the use of Signal is still concerning in that any official system they would otherwise use would have (one would hope) made it far harder if not impossible to accidentally leak the conversation to a random third party.
There's another observation though- Salt Typhoon compromised wiretap infrastructure - before Signal, there's no doub't some stuff like this occured over text messages-
Because of everyone's efforts to go to Signal- even if it's for the message disappearing- with this, with military branches pushing it hard- with Sweden's Miltary pushing it, etc(for non sensitive stuff)- there's so much of that , that the attack surface overall is massively reduced. In short, if there's going to be stuff outside of vetted systems- running that sort of stuff Signal- likely still helps.
(I'm reminded again, of the JD Vance interviews where he let slip that he'd been targeted ,and was informed about it by agencies- but that he was good because of his Signal usage. Now, I don't know what measures he takes to avoid zero day exploits and whatnot- the TLAs would inform him of that- but from what he was saying, it sounds like they were sure he wasn't compromised by that.)
(I'm aware a serious targeted effort would be more intricate than Salt Typhoon/ Trying to use the country's own general Wire tapping capability to target the VP)
Edit: Also, this reveals a bit about psyche- J.D.Vance somewhat ribbed the president- there is probably pressure TO use Signal, so a record of him criticizing the President can't be found out by the President or those more allied with the President who could then start retribution- I imagine dynamics like that, which are human behavior- -ultimately are what absolutely drive all of this.
I has long been fashionable with the kids to use screenshots for "proofs" - I don't believe there is any screenshot protections in signal.
The iCloud accounts of anyone ambitious in that chat will be filled with in and out of context screenshots to show to daddy when they are in trouble next time.
It's not that secure. If someone has a desktop signal client it has been possible to just access attachments via the file system; they were stored with obfuscated names but no encryption. They may have fixed this since I tested it ~6 months ago.
><tangent opening line of my comment> From people on Reddit: Something that blows my mind- but is fully true "Hell, I've been in fucking EVE Online alliances that had better opsec than this." "I'll raise you one: I've never been in any EVE alliance that didn't have better opsec than this."
..I noted Board Games(Secret Hitler, for example) require better opsec. So do card games- it's mindblowing to note this too...
[Main comment by me - technical outlook] This is not a surprise at all- there were reports that the first Trump administration was using Signal to communicate, and that it was a a risk as messages can be totally wiped and not kept for records keeping.
-From an infosec standpoint- this is more notable than I think people are giving it credit- the fact that the Vice President(Well, maybe not him, he notably admittted in interviews during the presidential campaign, that he'd been briefed by three letter agencies on Salt Typhoon tageting him, but that he was secure because he used Signal) - the director of national intelligence- and several others- use Signal.
it's one thing for Congress, Sweden's Military, and apparently our own military branches to push Signal heavily for non-sensitive stuff-
But when those around three letter agencies -and the groups that would be interested in finding compromises- are using it, that screams to me that it's considered not that easy to attack- which is a point towards Signal
So then the final thing to secure are the endpoints- and of course the risk is a zero day exploit targeting someone. As for subtle push app updates by Signal themselves being a vector- i'd think the Open Source nature of the app prevent that - if the infrastructure for pushing updates is open source as well especially.
Again though- if the White House is using Signal- they likely KNOW most of what their own Three Letter agencies can and can't do(to a point)- so when people in the know are using it- that is telling.
A lot of it may be for the auto disappearing messages, admittedly- but that's notable. And yes, I'm aware Mark Zuckerberg has been known to move conversations off of WhatsApp, to Signal - again, maybe for the disappearing messages(and lack of a report function which would send part of a convo to FB/Meta to my understanding)- but possibly, for the security and lack of meta data being better from a attack surface standpoint