[Cryptography] Signal chat fallout.

[Ray Dillinger]

I have told people time and again that nothing happening on a cell phone 
should be considered private.  Cell phones, regardless of how good an 
individual piece of software on them may be, leak like mesh bags full of 
loose shit and unless completely redesigned from the ground up 
absolutely have no place in any security infrastructure.  There are a 
lot of reasons for this, from malevolent apps to Stingrays to whatever 
else.  But the biggest reason is that if you use a device to do insecure 
things, you want it to be quick and convenient and free of checks and 
stumbling blocks, and you want to be able to configure it for your 
convenience.  Such a device rapidly becomes a device which you cannot 
trust to do secure things.  You want it to carry out your commands 
rather than refuse them for security reasons, and when you're doing 
insecure things you tend to give a lot of commands and make a lot of 
configurations which are not suitable for a secure device.

It's possible, and tremendously easy, for ordinary people to screw up 
their phones in ways that make them insecure.  Insecurity is the default 
condition of all cell phones.  And when you have screwed up, everything 
appearing on the screen of their phone, or in front of its cameras or 
microphones, is available to attackers. In the case of powerful 
officials in national governments, it's even worse.  There are entire 
teams of very sharp people with access to tools and secrets, in multiple 
countries trying to induce or take advantage of any such screwup.  If 
you're a high official in a government, you have to treat your phone as 
a completely public device that cannot be trusted to hold any secret for 
anybody. Whatever's on it, is most likely known to whatever adversary cares.

And now, because of a colossal screwup, we have word about American 
officials (Vice President JD Vance, Secretary of Defense Pete Hegseth, 
CIA director John Ratcliffe, Director of National Intelligence Tulsi 
Gabbard, National Security Adviser Mike Waltz, Secretary of State Marco 
Rubio, and others, ALL OF WHOM KNOW, PROFESSIONALLY, THAT PHONES LEAK 
LIKE MESH BAGS FILLED WITH DIARRHEA) discussing plans for bombing the 
Houthi in Yemen, in real time, on their damn phones!

I can hardly count the number of fundamental mistakes required to even 
reach the point of using a Signal chat to discuss these things on cell 
phones, but all those mistakes were made.  Mike Waltz apparently made an 
*ADDITIONAL* mistake and added Jeffrey Goldberg, an editor-in-chief of 
The Atlantic Magazine, into a private group that, two weeks later, had 
the discussion in question.  This mistake, like most of the rest, should 
not have been possible.  In a system set up for secure communications, 
the contact information available would not have included Goldberg, nor 
anyone else whose security information had not been vetted. There would 
have been one person authorized to add people to the contact list, and 
several other people whose job would be vetting each person's security 
clearance with respect to the subject matter before opening the 
communication.

Additionally, the use of an e2e app which automatically deletes messages 
(one of Signal's features) for government business appears to be a 
violation of the US Federal Records act.  Any discussion of government 
business in text is a federal record, and the Federal Records Act 
requires that it must be preserved, giving subsequent office holders and 
officials at least some insight into what their predecessors committed 
to, or were promised, and why and when and by whom.  And also preserving 
information in case it needs to be researched and/or investigated. 
Nothing in a phone prevents this from being deleted.  This is yet 
another reason why cell phones as we understand them are not capable of 
being used for government business (and cynically speaking, likely part 
of the motivation for using them - these are people with guilty 
consciences who want to avoid scrutiny).  And who is responsible for 
seeing that the National Records act is observed?  Why, the National 
Archivist - Marco Rubio, who is also the Secretary of State, who was 
actually on the chat violating the National Records act!

The messaging app involved was 'Signal' - an encrypted communications 
app that does e2e encryption.  If such an app works perfectly, only 
someone who can see the screen of your phone will know what is being 
said.  See above about phone operating systems and attackers being able 
to see what's on the screen of your phone from the middle of a different 
continent.  But 'Signal' was not working perfectly.  On February 25, the 
NSA had sent an urgent bulletin to all of its employees warning of 
multiple vulnerabilities in Signal being taken advantage of in the wild. 
On March 18, a week before this disaster, chat, the Pentagon had issued 
a special bulletin on how Russian hackers exploit signal. That seems 
like the sort of thing that the National Security Adviser and the 
Secretary of Defense, both of whom were on the chat, damn well ought to 
have been fully aware of.

I'm a bit salty about this, because it goes so far beyond left/right 
politics.  This is a piece of sheer towering incompetence, lawbreaking, 
and just plain bad faith, on the part of effectively everybody involved 
except one person.


That Person?  The only person on that chat who was not violating law, 
professional ethics, sworn oaths, and duty to his country? Jeff 
Goldberg.  Honest to God he's literally the ONLY person there who wasn't 
breaking the law.


'Scuse my rant, but ... these are the supposed professionals, right at 
the very top of the people who have the greatest need for security, with 
all the resources the US government has to provide security, and they 
have not a single CLUE about security.  How the hell can I convince 
ANYONE to take security seriously, if these clowns don't?

Bear