The comments of that tweet are nothing but “Signal is full of huge design flaws”
Right, because “add user to group” is a design flaw.
If it’s full of design flaws, they probably shouldn’t be using it for military planning. It’s sad to see the cult members grasping at straws to make this the fault of anyone but those incompetent buffoons.
They are trying to divert that the problem was journalist in the chat. In reality journalist present is the only good thing about the whole thing, he acted responsible and made us aware of this. I wouldn’t be surprised if Waltz did it on purpose to expose how they are threatening country’s security.
The actual problem is that it looks like they use signal on personal insecure phones for all their communication. Signal is meant for consumer use not for classified information, but even if it was secure or doesn’t matter if the phone can be compromised and smartphones are constantly being broken into and the country doesn’t even need to be Russia and China to be capable of doing it. It is so bad that there are products that governments can buy to tap into their citizen’s phones.
You can also explicitly see in the screenshot that Waltz set the group to automatically delete messages after 4 weeks, in blatant violation of government record keeping laws. It’s probably why they’re using Signal in the first place.
Exactly they violated the Federal Records Act for every message that was automatically deleted. Federal Judge Jeb Boasberg is currently presiding over the lawsuit.
I’ve never used Signal, so can’t speak to it’s quality, but the founder’s attitude is pretty funny
Its pretty great, my default messaging app when someone’s on it.
deleted by creator
Usernames are a thing now, so it’s no longer necessary to share your phone number with other users.
Still good to make your contacts find you easily
It still requires a phone number to make an account though iirc
You can use usernames, so I think it’s great for communicating with people who you don’t want to share your phone number with too
My friends already know my political opinions and my family would probably turn me in if they knew.
Been a solid messaging app for the past couple years I’ve been using it. Unlike Whatsapp, it’s much easier to control its notifications and media shared
As an old user of textsecure they’ve been solid for a surprising amount of time. Back in the day (ca like 2013?) me and all my friends would use CyanogenMod which at the time had textsecure built in to the ROM. It used an early version of the Signal encryption protocol layered onto plain SMS messages, and the ROM support meant I didn’t even need to install a special app - it would intercept all incoming and outgoing SMSes at the OS level and transparently encrypt and decrypt each one based on who it was coming from or going to. Since messages were direct, the textsecure servers afaik were only used to host public keys.
Also since it was layered onto SMS, we had a handful of fun occurrences of re-flashing ROMs and forgetting to re-register and then we’d get gibberish texts from our friends whose phones still had our old key.
Very good these days! They’ve also been tested, all the gov gets are unix account creation date timestamps.
Was pretty buggy back in 2016 especially with embeds and video codec support between android and apple devices.
edit: There’s also Molly-FOSS a signal fork on https://molly.im/ with more optional security features but the FOSS branch doesn’t use google proprietary blobs/services. Great for GrapheneOS users especially.
I recommend this blog post he published a few years ago. The way this is written is so funny and amazing at the same time.
Lmao that last paragraph ahahahaha
I really enjoy this paragraph as well: https://signal.org/blog/cellebrite-vulnerabilities/#the-rite-place-at-the-cellebrite-time
The rite place at the Celleb…rite time
By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite. Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy (tells you something about their customers I guess!), and a bizarrely large number of cable adapters.
What does Karina add to this meme?
Brought to you by the Department of Meme Efficiency (DOME)
✊🇺🇸🔥
So the military uses Signal…
Been using it since Zuckerberg went on Joe Rogan
Man I bet having a buch of handles and email accounts and user names that are just a letter off from heads of departments and cabinet staff would get you a lot of unsolicited classified US documents and plans.
Sure, there are plenty of great reasons to use Signal… like if you want your private messages you’ve sent linked back to you via a phone number. No tool intended for maximum security is going to require you to provide a phone number, which is incredibly difficult to acquire in the US without some form of KYC metadata. But sure if you’ve never read Moxie’s blog to see he is obviously invested in Israel’s agenda, then go ahead.
What on Earth does Signal requiring phone numbers have to do with Israel?
Just keep using it, especially if you plan any protests & maybe you’ll find out.
You sound like a lunatic.
“Ohhhh you’ll see! I can’t tell you what, how, when, or why, but oh will you alllllll see something, someday, somehow!”
you would expect that response it from a .ml account
Right, cause clearly their push to use your biometric phone lock for encryption is so secure. If you at least want some security you won’t use the official app but one like Molly that has actual passphrase encryption, automatic locking, memory clearing & Orbot support.
See, now you’re actually providing some substance. We’re not mind readers, so put up or shut up.
My signal has never asked for anything biometric. Where is this supposed to be happening?
I’ve literally read the code for Signal’s double-ratchet protocol. It’s extremely high quality cryptography, written in Rust, open source, with several independent audits.
The server code isn’t open, but we know they (used to?) use Intel SGX enclaves so the contact metadata is sealed from even the Signal Foundation. Admittedly SGX fell prey to a number of speculative execution attacks, but Signal had no way of foreseeing that.
Also, Moxie hasn’t been involved since 2022.
Phone numbers are easy to get for verification. Molly is great i agree.
Did Moxie use AI to write this post? I honestly can’t tell.
Huh? It’s not that badly written and it references a recent event. Why do you think it’s AI?
No it’s her voice and the way she reads the teleprompter like a literal robot with imitation emotions. She sounds like text-to-speech. Sorry I was unclear about which kind of AI lol
Her voice? Who are you talking about?
You know that Moxie is a dude, right?
I did not. Him it is then. It’s been a female name whenever I’ve seen it in the past.
