[Cryptography] Signal chat fallout.
Nico Williams
nico at cryptonector.com
Fri Mar 28 17:57:25 EDT 2025
On Fri, Mar 28, 2025 at 08:26:42PM +0000, iang wrote:
> On 28/03/2025 23:15, Nico Williams wrote:
> > One very serious problem here is that Signal doesn't do multi-level
> > authorization or any real authorization at all. You really want a good
> > authorization solution in a military setting.
>
> So we're back to the eierlegende Wollmilchsau otherwise known as the
> identity system that actually knows who your counterparty is...
What?? The military has got to "know" who its service members,
officers, employees, and other parties are and what their authorizations
are, and should be able to authenticate them and perform access control
accordingly.
If the military can't do that then they might as well go home.
This was a tiny group though, so very manual authorization was
plausible. Someone flubbed up, or else perhaps an insider added Mr.
Goldberg _on purpose_ e.g., to leak or even to cause the scandal that
did in fact ensue. Either way Signal's lack of stringent military-style
authorization functionality is one root cause of this incident.
Signal just cannot do these things well. They should not be using
Signal.
Here's an opportunity for some vendor to make a military grade IM system
with multi-level mandatory access controls or better, probably using DOD
CAC smartcards and PKI for authentication, and charge them a bundle.
Nico
--
More information about the cryptography
mailing list