That doesn't really make sense. If they had strong reason to believe that the secure comms systems they were supposed to be using were compromised, using personal phones to communicate outside of SCIFs is very, very far from what any competent person who understands and is briefed on the threat environment would do. Note that none of the people involved are making that argument because it would make them look even more incompetent.

Not arguing it was the best choice. But, I'm curious, if you were in the position where you had strong reasons to believe the official secure channels available to you were compromised by your political opponents who were leaking information received via those channels to undermine your policy initiatives, and needed to act and coordinate nonetheless, what would you do?

Follow the SOP (and the law) and use a SCIF.

What they did is illegal. Any rank and file that did the same would be in prison for a decade, no questions asked.

In general, it seems like you're trying to "3d chess" incompetence into strategy, but try taking a step back and looking at it with clear eyes. This was a bad decision, plain and simple. Nobody is taking responsibility for it, and that makes it worse - these people are in charge of the largest intelligence and war machine on the planet. This is not okay.

The reality, which people are not acknowledging here, is that what they did may not have been according to official policy but it has been normal and pervasive for decades. It isn’t partisan, everyone does it. This is how DC works and the American public just got an education.

As a consequence, any enforcement now would be viewed as extremely selective.

I have been exposed to a lot of classified information in meetings in DC that were supposed to be unclassified. This isn’t an isolated incident, it has been a systemic issue across every administration for as long as I’ve worked in DC.

People should focus less on the incident and more on why this has been normal for decades.

The underlying tension is that doing things the official way is extremely slow and speed matters. There is a longstanding bias toward taking more risks in terms of information exposure because being slow carries its own significant risks. Speed of decision making is critical and that has proven to be impossible if every interaction has to happen inside a SCIF. It is a tension the intelligence community is still grappling with.

I don't believe this is normal.

Have you operated in DC as a part of this world? Your belief isn’t important, I am reporting my first-hand experience.

Sharing details about upcoming airstrikes over Signal on your personal phone is normal? You're sitting on top of the story of the century here

You're embarrassing yourself, brother. Nobody is asserting that this is OK. It was naive to assume the government was secure in the first place. Privacy advocates and whistleblowers have whistleblowers have been saying this for decades! You just weren't paying attention. WikiLeaks and Snowden leaks wasn't a "fun" news cycle, it was revealing everything you need to know about how the government operates truly. With no concern for security

Of course they haven't. Every think-tank moron knows political opsec is a joke (this is why sigint works in the first place) let alone people actually working in politics

I'm not doing anything of the sort. The kind of problem I'm flagging in is experienced every day by governments all over the world. Would anyone disagree? People on here who want to put their heads in the sand about it are just being political when there is a legitimate technical topic to discuss. The point is these aren't "rank and file" actors. They are at the top of political leadership. Those rules don't apply at this level of power politics so why get bogged down in such thinking?

Because laws should matter. Laws should apply to members of government too. Unless you're suggesting it's totally fine for Trump and his administration to be above the law. In which case the whole discussion is moot, because then it's not a democracy with a functioning rule of law anymore.

Law is a tool, and some tools are appropriate for some contexts and others are not. Do you think there is such a thing as "International Law"? If so, I would ask you what you think that actually is and where its legitimacy comes from and who enforces it? Politics and Law are two separate spheres of human conflict. You actually degrade the law by trying to weaponize it for political purposes. I would hope the past 10 years have shown that to everyone.

> But, I'm curious, if you were in the position where you had strong reasons to believe the official secure channels available to you were compromised by your political opponents who were leaking information received via those channels to undermine your policy initiatives, and needed to act and coordinate nonetheless, what would you do?

Here's a pretty good order of operations when your policy breaks the law or is so odious as to feel the need to hide it from other duly elected representatives in government:

1. Stop breaking the fucking law.

"The law" is for you and me. It can resolve contract disputes and punish some crimes. This is politics. It's a different order, and a category error to conflate the two. The sooner one disabuses oneself of having no distinction between the political and the legal, the sooner the world starts to make sense. Law at this level is lawfare (law as political weapon), not the normal proceedings of justice. Justice at this level is the rule of the stronger. Accept it and move on to more interesting political analysis. Or be trapped in an inescapable despair about the violations of the "rule of law."

Why would you put rule of law in quotations like that?

The rule of law matters. Even if it doesn't matter to you or Trump.

I would use a private service like Signal, and make sure to add a journalist that will leak information to undermine my policy initiatives - obviously! (because I'm a genius)

So you're using the word 'compromised'. In this context that would mean malware, unauthorized access, circumvented logging, etc. If someone thought this was happening the answer would be to lock the system down, perform forensic audits, and prosecute anyone who compromised these systems.

If you're talking about fear of leakers, the response to that is to tighten the distribution of information and start a counterintelligence investigation.

In any case the simple risk calculus is, what is the risk of adversaries getting a hold of this information and causing grave and lasting damage to national security and death vs the risk of political rivals leaking something. Pretty simple decision there and one that any cabinet member should get right.

So what would the smart move have been in that case?

If the CIA and NSA (let alone Russian and Chinese intelligence) are illegally spying on you, your civilian phone is toast. You shouldn't be ordering DoorDash on the thing.

Imagine the resources the Chinese and Russian governments devote to accessing these phones. The value to them could be trillions of dollars and/or existential differences in national security outcomes. The owners have to assume they are hacked, and that China and Russia know where they are going to dinner (which itself is a problem - they know who is meeting with who and when).

The administration has not made this argument though. You have.

So why should we default to the position of not trusting those systems when every previous administration has used it without issus.

Many people are making the argument that this administration is unlike all previous administrations. I infer you disagree with that.

I'd be interested in knowing which independent agencies have backdoored the military's operational communication channels. Wasn't aware that was a well known thing.

So why did this conversation needed to be kept from malign rogue anti-Trumpers in the NSA (who would be risking very real jail time) but did not require the basic level of OPSEC that would keep the editor of the Atlantic out?

Is this really such a strange thing to be concerned about? Snowden, NSA, etc...people remember. It’s well known that Trump’s campaign team was spied on by the FBI. Government is just a bunch of people, some of whom have strong political leanings, so intra-government leaks, spying, sabotage can happen and in all likelihood do happen.

You're trying to reason with the unreasonable. There are some very short memories on here. Or people being willfully obtuse.

But this is an unfounded conspiracy theory you’ve made up.

There is no evidence, reporting etc that says the government has deliberately compromised the government’s own secure systems. And for what purpose is beyond me.

It’s straightforward logic though.

1. Trump’s team was spied on by the FBI. 2. Government employees have access to government systems.

Conclusion? There is a possibility that Trump’s team again be spied upon through the government systems and consequently have sabotage done upon them. Therefore, avoid government systems as much as possible.

Calling this unfounded conspiracy theory is just running away from this very straightforward and simple argument.

Also, is there proof that these government systems are completely secure? Without that proof, why should they be using those systems? (He who controls the null hypothesis and all..)

I respectfully reject the first premise, specifically "spied on". The FBI wasn't spying. They were investigating communications between many Republicans, including the Trump Campaign, and known Russian intelligence operatives. I would expect the FBI to do this.

Whatever the justifications were and whatever you call it, it was functionally the same thing as spying.

So they choose worse - to use untrusted channels?

This is a phenomenal level of stupidity - to use illegal channels of communication because of the bad vibes they are feeling from other people?

Did it help? How many adversary spy agencies has duplicate signal accounts for these officials and see all of the communication live?

I think some foreign leaders probably are reading summaries of these messages in complete disbelief and amusement.

Once again you are making this assertion.

No one in the Trump administration has come out and said the secure systems can’t be trusted.

They are the government. You're suggesting trusting a third party over trusting themselves.

I'd love to hear how a modern national elected government can function without executive agencies, and how those agencies resist strongman corruption and ensure stability without guaranteeing the independence of some roles.

I'm aware of the branches of government. It's not relevant. Neither is protests, as no one is in the streets protesting about government secure communication policies.

I mean, the conversation included references to materials sent on 'the high side' (classified-material email systems). If they consider those systems secure, what's the point of using Signal instead?

I don't think it was a particularly good tactic, but if there was some motivation, it may have been more about political sabotage than foreign adversaries. I think that is the more interesting conversation, personally. What do you do if your political (domestic) antagonists control your comms? This question applies to all sides politically. Signal itself is promoted for "activist" use cases to protect comms from domestic antagonists. I'm presenting a similar dilemma. If one part of the government, (e.g., the military) controls secure comms, then another (e.g., the political) may have no choice but to opt-out. This problem is maybe better seen in the context of another country. It may be "too close" for us to see it clearly in the U.S. Other countries face this problem all the time, and Signal is used for the same reasons. I find it an interesting security problem.