[Cryptography] Signal chat fallout.

Tom Mitchell mitch at niftyegg.com
Tue Apr 1 11:48:55 EDT 2025 

On Fri, Mar 28, 2025 at 5:27 PM Henry Baker <hbaker1 at pipeline.com> wrote:

> On 3/28/25 12:55, Kent Borg wrote:
>
> On 3/28/25 11:59 AM, Ray Dillinger wrote:
>
> The thing that pisses me off most about cell phones is, no matter how
> secure you personally may have your own set up, when you set up a
> supposedly secure chat, if ANYBODY on the list has accidentally […]
>
>
> Beyond securing the endpoint devices, securing the endpoint people is a
> fundamental problem of any group.
>
>  ...

> This is the Los Angeles/Washington DC "Kibu" company whose CEO is Ari
> Andersen, not the CT-based "Kibu" which is aimed at disabilities.
>
...

> Kibu pods are end-to-end encrypted spaces for private, secure
> collaboration between verified members. Members can protect confidential
> workflows, assets, and communication, ***knowing exactly who is on the
> other end***.
>

The only way they can do this is to exactly know the ID of all. That makes
them the weak point of trust.
Years ago key exchange for PGP and the like was "In person" and It did not
work with groups.

Phones are promiscuous and not a secure endpoint. Even if phone A is
secure phone B can image the screen of A.
This is why all gadgets are checked Outside the secure space of a secure
facility.

There is more security with the next episode of White Lotus than the
members of this Group Chat exhibited.
Some reviewers do get early access but do not break trust.

It is possible this group expects secrets be marked as secret which is also
naive.

Even 24 hours after the attack the plan has secrets that are critical.
Time of flight order or attack and time between attack
waves to avoid friendly fire are hidden in the plan shared on Signal and
validated in detail by ground observations. Coaches
know to watch for offense and defense from scouting reports and alter their
play accordingly.

Recall the then NEW radar on Hawaii saw the attack.  The report was
dismissed because friendly traffic was expected and radar "new".
Had the navy and air core known two hours in advance that an attack was
coming the outcome could have been very different.

The silly BUT DANGEROUS ax throwing event tells me weapons are not
understood by too many,






-- 
    T o m    M i t c h e l l  (on NiftyEgg[.]com )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20250401/d958e19f/attachment.htm>

More information about the cryptography mailing list