To every veteran and aerospace engineer who honored the classification of information, this incident and likely prior ones, is horrendous and criminal.
Violators are immediately arrested and charged. I hate to see top-level exceptions to both record-keeping and mishandling of classified information. That's where they do the most damage.
As others have noted, the flaw in using Signal on consumer phones is due to vulnerabilities in the phone itself. And it was wrong to use consumer phones.
That said, I was recommending Signal to friends in order to have online discussions, using the conferencing feature, since it is cross-platform and cross-device. However, one friend lost their Apple login and can't install software on their phone. I sent a very long explainer on how to reset it.
Guess I'll try face-time conferencing, which works on Apple Devices [0] and will work with others via web [1]. Requires ios 15 or Monterey to initiate.
Signal makes it very difficult to even tell what parties are talking to each other (though if you have nation-state-level internet tracking, you can probably tell.)
Signal doesn't know anything about you except your number or screenname, when you signed up, and when you were last active.
Zoom is none of those things and the grandparent commenter has no idea what they're talking about.
signal may be e2e encrypted, but if i root your phone with a 0 click exploit. Which most of the state level actors we care about can and do do. Then I can just read your signal messages out of memory as soon as you open them. period. end of.
Using a public smartphone to conduct discussions about classified information is straight crazy. E2E encrypted or not.
I read this as you suggesting that signal is somehow at fault here?
If I'm getting that wrong, ignore me, if I'm not, could you expand that? I don't follow how signal did anything wrong here, or was in any way responsible.
I don't see any part they are saying this is Signal's fault (vs the fault of the people who committed the "horrendous and criminal" acts? Which part are you referring to?
I thought I made it clear that the phone OS is vulnerable. Like, what good is encryption when malware can steal your camera, microphone and screen? Zero. I have been a Signal fan for a long time.
The problem isn't specifically the release of this information, which to my understanding didn't reduce the effectiveness of the operation. But the real problem is that now that other state actors and intelligence agencies know that our top military and intelligence officials sometimes share details of impending operations on their personal cell phones, there is now a pretty strong incentive to try to crack those phones or crack the Signal protocol somehow to get access to that information. And Signal and Apple do their best but they don't have the kind of resources that the NSA or CIA can bring to bear on securing a piece of equipment from espionage.
Violators are immediately arrested and charged. I hate to see top-level exceptions to both record-keeping and mishandling of classified information. That's where they do the most damage.
As others have noted, the flaw in using Signal on consumer phones is due to vulnerabilities in the phone itself. And it was wrong to use consumer phones.
That said, I was recommending Signal to friends in order to have online discussions, using the conferencing feature, since it is cross-platform and cross-device. However, one friend lost their Apple login and can't install software on their phone. I sent a very long explainer on how to reset it.
Guess I'll try face-time conferencing, which works on Apple Devices [0] and will work with others via web [1]. Requires ios 15 or Monterey to initiate.
We have been using free, limited, zoom sessions.
[0] https://support.apple.com/en-us/111767 [1] https://support.apple.com/en-us/109364