The Signal Chat Leak and the NSA

US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities.

"I didn’t see this loser in the group," Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the chat. "Whether he did it deliberately or it happened in some other technical mean, is something we’re trying to figure out."

Waltz’s implication that Goldberg may have hacked his way in was followed by a report from CBS News that the US National Security Agency (NSA) had sent out a bulletin to its employees last month warning them about a security "vulnerability" identified in Signal.

The truth, however, is much more interesting. If Signal has vulnerabilities, then China, Russia, and other US adversaries suddenly have a new incentive to discover them. At the same time, the NSA urgently needs to find and fix any vulnerabilities quickly as it can—and similarly, ensure that commercial smartphones are free of backdoors—access points that allow people other than a smartphone’s user to bypass the usual security authentication methods to access the device’s contents.

That is essential for anyone who wants to keep their communications private, which should be all of us.

It’s common knowledge that the NSA’s mission is breaking into and eavesdropping on other countries’ networks. (During President George W. Bush’s administration, the NSA conducted warrantless taps into domestic communications as well—surveillance that several district courts ruled to be illegal before those decisions were later overturned by appeals courts. To this day, many legal experts maintain that the program violated federal privacy protections.) But the organization has a secondary, complementary responsibility: to protect US communications from others who want to spy on them. That is to say: While one part of the NSA is listening into foreign communications, another part is stopping foreigners from doing the same to Americans.

Those missions never contradicted during the Cold War, when allied and enemy communications were wholly separate. Today, though, everyone uses the same computers, the same software, and the same networks. That creates a tension.

When the NSA discovers a technological vulnerability in a service such as Signal (or buys one on the thriving clandestine vulnerability market), does it exploit it in secret, or reveal it so that it can be fixed? Since at least 2014, a US government interagency "equities" process has been used to decide whether it is in the national interest to take advantage of a particular security flaw, or to fix it. The trade-offs are often complicated and hard.

Waltz—along with Vice President J.D. Vance, Defense Secretary Pete Hegseth, and the other officials in the Signal group—have just made the trade-offs much tougher to resolve. Signal is both widely available and widely used. Smaller governments that can’t afford their own military-grade encryption use it. Journalists, human rights workers, persecuted minorities, dissidents, corporate executives, and criminals around the world use it. Many of these populations are of great interest to the NSA.

At the same time, as we have now discovered, the app is being used for operational US military traffic. So, what does the NSA do if it finds a security flaw in Signal?

Previously, it might have preferred to keep the flaw quiet and use it to listen to adversaries. Now, if the agency does that, it risks someone else finding the same vulnerability and using it against the US government. And if it was later disclosed that the NSA could have fixed the problem and didn’t, then the results might be catastrophic for the agency.

Smartphones present a similar trade-off. The biggest risk of eavesdropping on a Signal conversation comes from the individual phones that the app is running on. While it’s largely unclear whether the US officials involved had downloaded the app onto personal or government-issued phones—although Witkoff suggested on X that the program was on his "personal devices"—smartphones are consumer devices, not at all suitable for classified US government conversations. An entire industry of spyware companies sells capabilities to remotely hack smartphones for any country willing to pay. More capable countries have more sophisticated operations. Just last year, attacks that were later attributed to China attempted to access both President Donald Trump and Vance’s smartphones. Previously, the FBI—as well as law enforcement agencies in other countries—have pressured both Apple and Google to add "backdoors" in their phones to more easily facilitate court-authorized eavesdropping.

These backdoors would create, of course, another vulnerability to be exploited. A separate attack from China last year accessed a similar capability built into US telecommunications networks.

The vulnerabilities equities have swung against weakened smartphone security and toward protecting the devices that senior government officials now use to discuss military secrets. That also means that they have swung against the US government hoarding Signal vulnerabilities—and toward full disclosure.

This is plausibly good news for Americans who want to talk among themselves without having anyone, government or otherwise, listen in. We don’t know what pressure the Trump administration is using to make intelligence services fall into line, but it isn’t crazy to worry that the NSA might again start monitoring domestic communications.

Because of the Signal chat leak, it’s less likely that they’ll use vulnerabilities in Signal to do that. Equally, bad actors such as drug cartels may also feel safer using Signal. Their security against the US government lies in the fact that the US government shares their vulnerabilities. No one wants their secrets exposed.

I have long advocated for a "defense dominant" cybersecurity strategy. As long as smartphones are in the pocket of every government official, police officer, judge, CEO, and nuclear power plant operator—and now that they are being used for what the White House now calls calls  "sensitive," if not outright classified conversations among cabinet members—we need them to be as secure as possible. And that means no government-mandated backdoors.

We may find out more about how officials—including the vice president of the United States—came to be using Signal on what seem to be consumer-grade smartphones, in a apparent breach of the laws on government records. It’s unlikely that they really thought through the consequences of their actions.

Nonetheless, those consequences are real. Other governments, possibly including US allies, will now have much more incentive to break Signal’s security than they did in the past, and more incentive to hack US government smartphones than they did before March 24.

For just the same reason, the US government has urgent incentives to protect them.

This essay was originally published in Foreign Policy.

Tags: , , ,

Posted on March 31, 2025 at 7:04 AM43 Comments

Comments

Clive Robinson March 31, 2025 7:46 AM

@ Bruce, ALL,

With regards,

“So, what does the NSA do if it finds a security flaw in Signal?”

The fault is not to do with Signals use of crypto algorithms but making “group” –be they users or devices– comms “efficient”.

And it’s not just Signal IT IS ALL “secure apps” on consumer or commercial platforms that do “groups”[1]

I mentioned this issue back in the early days of “lockdown” when Zoom and Teams “were the thing”.

It’s a “Key Managment”(KeyMan) issue to do with a simple DataBase.

What ever type of “group” user/device it is there needs to be a record for every member.

Thus if you can “change the database” then you can include “new members” that can “listen in” to the “group” chat. And as long as they remain “silent participants” it’s unlikely they will be noticed.

For those paying attention to “Law Enforcement” requests back around the EncroChat time, this “backdoor” was what was favoured because it is “built in” as an ordinary system function that users will use most of the time.

[1] The user interface may give users or devices, but that is for human convenience because the “security endpoint” where the encryption key has to go is always on a device. Which in it’s self opens up another security issue users are not devices and nor are they numbers which means there are several translations down to a device ID that can be hooked. To see why,

Jo Blogs has a phone number that gets converted in one or more “network databases” to another number or several in turn untill a device ID and network location give a point where the device can be communicated with. All those numbers are not in the slightest bit secure in any way, nor in reality are the databases used to do the translations.

Winter March 31, 2025 8:03 AM

“I didn’t see this loser in the group,” Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the chat. “Whether he did it deliberately or it happened in some other technical mean, is something we’re trying to figure out.”

tl;dr: There is no bug in Signal. The vulnerability in play was to let this group use a mobile phone unsupervised.

The insulting wording itself used by Mr Waltz and others in his group to criminalize the journalist already shows that this is an attempt to divert attention from their own incompetence.

Group chats have long been known to be less secure than person-to-person communication. Signal does not hide these limitations of group chats.

But it is a crucial aspect of group chats that people can be added to these groups. There is absolutely no protection against intentionally letting in a person whom you do not want to be inside.

Bank vaults are not suddenly “insecure” when the accredited bank personnel accompanies an unknown stranger into the vault and let them alone.

Obviously, the relevant security measures, eg, using security-only end-point devices with classified cleared contact lists and locked down groups, were beyond the competence and attention span of the participants. I also suspect that the reason they wanted to use a non-government non-secure mobile was for deniability of involvement in war-crimes. [1]

So, there is still no evidence of an unknown vulnerability in Signal. The vulnerability illustrated here is that of letting incompetent people[2] use their personal mobile phones for work.

[1] Leveling a fully occupied civilian residential building is a war crime.

[2] The word “Fools” came to mind, but that would be an unprofessional choice of words.

ResearcherZero March 31, 2025 8:36 AM

DOGE now has access to highly sensitive systems.

‘https://www.nytimes.com/2025/03/31/us/doge-musk-federal-payroll.html

DOGE workers potentially are “creating security holes that they don’t fully understand that could be exploited.”

https://therecord.media/doge-opm-treasury-cybersecurity

DOGE’s apparent lack of cybersecurity competence is reflected in some of its first actions.
https://umbc.edu/stories/is-doge-a-cybersecurity-threat-a-security-expert-explains-the-dangers-of-violating-protocols-and-regulations-that-protect-government-computer-systems/

Ricardo Cabeza March 31, 2025 8:39 AM

It’s not the NSA’s job to facilitate treason from the executive branch. Just because Putin appointed his stooge to the presidency, doesn’t allow the NSA to fall in line too and help Orange Bastard destroy America.

Or maybe I’m wrong.

ResearcherZero March 31, 2025 8:47 AM

@Clive Robinson, Winter, Bruce

The next question to ask after that is how did DOGE setup an email server at OPM, what was running on that server and who then was accessing information from SSA? What security qualifications does their team possess and what precautions did they take, if any?

Given they asked for a list of everyone working at the CIA to be mailed to them by email, security would seem as the last priority on their minds. Are these systems now compromised?

Artifakt March 31, 2025 9:24 AM

While the points about NSA hoarding vulnerabilities are as strong as ever, I am concerned that this essay may give cover to incompetents behaving horribly. Nothing here says code issue, rather someone’s lack of focus to the job at hand seems the most likely cause. This is supported by the bluster and name calling and lack of the investigation into the supposed ‘hack’ by Goldberg. Cue “Yackaty Sax”, something we should all expect to hear in your heads frequently as the next four year unfold.

Winter March 31, 2025 9:57 AM

@ResearcherZero

The next question to ask after that is how did DOGE …

My suspicion is that the would-be American Javier Milei intends to destroy all of the existing federal layer(s) of the USA, with the exception of the Police and the Armed forces. [1]

So, what DOGE intends to do is to “outsource” all administration to the private sector to create the Libertarian Nirvana. [2]

Security and privacy do not play a role in this Nirvana, nor do public goods.

[1] That is what “exorcising bureaucracy” actually is. An administration without a bureaucracy is a head without senses and without a body.

[2] This has been tried before in Grafton, New Hampshire. This attempt is well documented in “A Libertarian Walks Into a Bear: The Utopian Plot to Liberate an American Town (And Some Bears)“, by Matthew Hongoltz-Hetling. I do not think this is accepted reading material inside DOGE or the MAGA movement.
For a summary, see:
‘https://newrepublic.com/article/159662/libertarian-walks-into-bear-book-review-free-town-project

Celos March 31, 2025 10:44 AM

Just the usual modus of incompetent losers in high places when they screw up very publicly: Deny everything and blame somebody else.

Hence what I actually read this as is an admission by Waltz that he is too dumb to use the Signal UI. The actual target audience of his statement (inclusing his boss) will now obviously think that Signal is to blame.

Federico March 31, 2025 11:27 AM

Smaller governments that can’t afford their own military-grade encryption

What kind of government is that? Element estimates it would cost about 5 M€/year to fund the necessary development.

https://mastodon.matrix.org/@element/113843349949907135

According to the SIPRI database, as of 2023, only Costa Rica, Panama and Iceland have a military budget lower than that figure and 152 countries have a military budget above 100 M€/y (PPP equivalent).

Winter March 31, 2025 11:29 AM

@Privacy

I’ve read that the Olvid app is the best of the messaging apps, in terms of privacy.

Olvid might indeed be the best, but I have some hesitations using something promoted by the French government.

I admit this might be totally unfounded and is certainly fueled by prejudice against the French government and their security policies.

Winter March 31, 2025 11:30 AM

@Privacy

I’ve read that the Olvid app is the best of the messaging apps, in terms of privacy.

Olvid might indeed be the best, but I have some hesitations using something promoted by the French government.

I admit this might be totally unfounded and is certainly fueled by prejudice against the French government and their security policies.

tfb March 31, 2025 11:52 AM

@Federico

It’s not countries with defence budgets below the cost of developing and maintaining a secure system: it’s countries for which that cost is a significant proportion of the total budget. Spending, say, 5% of your total defence budget on such a thing might not be very popular, especially when you can use a security-audited open-source solution which is almost certainly better.

lurker March 31, 2025 1:06 PM

@Privacy, Winter

If the present suspects can’t safely use Signal, I doubt they could safely use Olvid.

NeverGoogler March 31, 2025 2:13 PM

@ResearcherZero
DOGE workers potentially are “creating security holes that they don’t fully understand that could be exploited.”

What would that group of child geniuses not understand? But whether they do or not, Russia is likely interested of those holes.

Clive Robinson March 31, 2025 2:17 PM

@ Privacy, Winter, lurker,

Olvid uses “Amazon Cloud” which is unfortunate.

I posted earlier about the US CLOUD act of 2018 and what it means from a european perspective. But it appears to have been moderated.

But to put it in context I doubt anyone could safely use Olvid.

Including the most senior of French Politicians or other countries Politicians[1]

Or for that matter any software that uses any US Corp or Corp with US offices no matter what country outside the US the data is held in.

[1] The UK politicians us Cloud based MS Office… With their files and much else besides held on the same computers in Southern Ireland that caused the FBI to take Microsoft to court, which precipitated the US CLOUD Act that go signed back in 2018.

As written the US can without any kind of oversight request all those politicians data at any time and Microsoft would have to hand it over.

Winter March 31, 2025 5:05 PM

@Clive

Olvid uses “Amazon Cloud” which is unfortunate.

So does Signal. But that is the beauty of E2E encryption, the “cloud” doesn’t get to see what’s going on. Amazon can only block traffic, not see it. And AFAIK, no one can see metadata either.

My reservations are that I am not sure French law enforcement cannot meddle with the Olvid servers like they did with ProtonMail who were forced to open up the data of a French activist.

ProtonMail court order leads to the arrest of French climate activist
‘https://www.theverge.com/2021/9/6/22659861/protonmail-swiss-court-order-french-climate-activist-arrest-identification

Important clarifications regarding arrest of climate activist
‘https://proton.me/blog/climate-activist-arrest

Clive Robinson March 31, 2025 7:04 PM

@ Winter,

With regards,

“But that is the beauty of E2E encryption, the “cloud” doesn’t get to see what’s going on. Amazon can only block traffic, not see it. And AFAIK, no one can see metadata either.”

E2EE encryption as I’ve stated already is not the issue, which is where people go wrong.

For a “group” to work you have two basic options,

1, Every member uses the same key.
2, Each member has a different key with every other member for 0.5(N^2-N) encrypted links.

Either way you have to “distribute the key(s)” to each member of the group (ie N devices).

The first way is way more efficient than the second and that is the way “group chats” are usually done.

You will see what ever you do you need a “database of members” of a group with their details so you can distribute the key(s) to them.

Have a think about how the key distribution happens, and how it can be subverted.

As I’ve repeatedly said it’s not,

1, The “message crypto” algorithms you need to break.
2, Nor do an “end run attack” through the OS to the UI and thus “plaintext”.
3, When you can futz with the “Key Management”(KeyMan).

The easy way to futz with the KeyMan is to get at that database, or harder but as effective get at the “Key Generation”(KeyGen) such as the entropy source. All of which are done on the server.

Another way is to futz with the key transport or “rendezvous protocol”.

Let’s assume for the sake of a simple short explanation it uses a simple, centralised and “ill advised” PubKey system.

One easy to see way you can attack it is to just change the copy of a members PubKey in the database, to one you have the secret key for.

You then can perform a “Man in The Middle”(MITM) attack, decrypt the key, then re-encrypt it with the correct PubKey and send it on to the member.

There are other “KeyMan” and “Rendezvous” attacks that can be done, getting it all done securely is difficult at best. And not only do few people talk about the majority never think about it when designing systems.

But there are other attacks as well on servers, that don’t get talked about… One of the things Signal did originally was use the “secure enclave” on the server to try to stop/limit such issues…

Secure Enclaves on other peoples hardware is just another form of “Magic Thinking” by use of,

“Invisable ‘Pixie Dust’ you just have to trust[1]”…

Then it became clear that it could not be trusted… because the underlying hardware for the “secure enclaves” was vulnerable to certain types of low level resource use side channels Opps. Some of which could be exploited “on the wire” others by being “on the same hardware” in the server.

Thus the enclave was not as secure as was “advertised”, and apparently on consumer and commercial hardware none of them are “for efficiency reasons”…

So anyone who uses any hardware in the system they don’t 100% control and can segregate correctly to do KeyMan correctly will not have a secure system.

For group chats that are efficient that means you have to use a central or nominated server or both Rendezvous and KeyMan when it is most definitely not 100% under your control… Which means you have a very weak and easily exploitable link in the chain.

I explained this more than half a decade ago when “group video meetings” became a thing in “lockdown” and prior to that when pointing out that none of the secure messaging apps were secure as an overall system…

People thought I was being paranoid, but now they are starting to find out I’m not nor was I at the time. Worse as you should well remember some people accused me of “saying too much” and complaining to the moderator…

Do you trust “Amazon Web Services”(AWS) and it’s “Cloud Computing Services”(CCS) or it’s actual hardware or Gov CLOUD legislation? Because for a multitude of reasons only some of which I’ve indicated I really don’t at all.

[1] Much like the use of “Crypto Secure”(CS) algorithms to hide very poor performing on chip RNGS which I’ve mentioned over and over since Intel first pulled this dumb move.

Winter March 31, 2025 9:01 PM

@Clive

For a “group” to work you have two basic options,

I don’t pretend to fully understand the schemes you describe, but they don’t seem to match the scheme Signal uses for group chats:

Technology Preview: Signal Private Group System
‘https://signal.org/blog/signal-private-group-system/

For what I understand of it (not enough time to digest it all), the Signal people go over most, if not all of your concerns. And concluding the server is not able to determine who is member of which group.

There was a vulnerability in Signal’s and WhatsApp’s group chat protocol in 2018, but AFAIK, that was closed in 2019 as described in the blog post linked.

Clive Robinson March 31, 2025 9:52 PM

@ Winter,

“I don’t pretend to fully understand the schemes you describe, but they don’t seem to match the scheme Signal uses for group chats”

Actually they do match at the fundamental level of,

1, You have a “group member” database stored on a server.

It’s encrypted not in plaintext but that actually makes little difference when you subvert the KeyMan process in some way.

Also at the fundamental layer,

2, You have a “root of trust” issued by the server.

3, The “root of trust” is communicated to all members of the group.

4, Adding or removing a member is done by the server via an authenticated request.

Logically the server can add or remove an entry to the database irrespective of any “authentication process”.

All that is required is any addition matches “a format” that would without an appropriate root of trust have a very low probability of success.

Do you need me to carry on, or do you see the problem there?

Winter March 31, 2025 10:10 PM

@Clive

It’s encrypted not in plaintext but that actually makes little difference when you subvert the KeyMan process in some way

That “KeyMan process” of group data is handled by zero-knowledge proofs, so we have to worry when these zero-knowledge proofs have been cracked.

There is yet no indication these zero-knowledge proofs have vulnerabilities, AFAIK. I’ll wait with worrying about Signal’s group chat security until such vulnerabilities have been found

As the alternative is to have even less secure or no group chats, I can live with this uncertainty.

Steve April 1, 2025 1:27 AM

While the leak, so called, needs to be solved, the public records accusation strikes me as weak tea. This electronic meeting has no more public record requirement than an in person meeting. By which I mean, meeting notes. In fact it has more than that, metedata considered.
Let’s not push things unreasonably far.

Gesetz ist Gesetz April 1, 2025 3:55 AM

@Steve

I don’t know of any legal authority for your proposition that text messages exchanged between parties constitutes an “electronic meeting” which is somehow exempt from record keeping laws which apply to all other forms of written communication between officers of the U.S. federal government.

Can you cite any?

Clive Robinson April 1, 2025 4:43 AM

@ Winter,

You have clearly not read the,

Chase, Perrin, and Zaverucha

2019 Paper,

The Signal Private Group System and Anonymous Credentials Supporting Efficient Verifiable Encryption

Where in the Introduction they explain why they stopped using an older distributed method and switched to putting the database on the “Signal servers” and use “shared KeyMat” on the member devices.

Untill you just read the paper “Introduction” and actually understand it, it’s fairly pointless discussing things with you.

Till you do that, all I’m going to end up doing is rebutting your hazy assumptions given as assertions and filling up column inches here needlessly yet again.

You don’t have to read all 58 verbose pages of the paper, just the basic method. Then draw it out on a piece of paper with flow lines of where KeyMat starts is shared and stored and then put in dashed lines to show the various security interfaces are.

Then just look at the picture like an attacker who knows where the weaknesses –I’ve already described– are.

Bob Cat April 1, 2025 5:19 AM

Go on the Signal subreddit and dare to ask if it could possibly have any security issues at all.

You will be banned.

Yet somehow, Tucker Carlson’s Signal messages to a Putin underling asking for an interview ended up in the New York Times.

I want answers.

Ren April 1, 2025 7:22 AM

For some groups, it should not be possible for a single member to add a member. But rather send a request to the group to agree to the addition.

Mailman April 1, 2025 2:07 PM

What I like most about this entire debacle is that it is giving more visibility to the Signal app than any advertising campaign ever could, and at no cost to the operators of the app.

… all thanks to a government who is repeatedly trying to force the weakening of encryption protocols in the name of “public safety”.

Jonathan Wilson April 1, 2025 2:58 PM

The big problem with the NSA (and other agencies in the US and elsewhere) is that in the modern world where the bad guys and good guys are using the same systems, when figuring out the balance between “we need to be able to spy on the bad guys” and “we need to stop the bad guys from spying on us”, they have (in general) chosen to prioritize offense over defense in a way that is bad for everyone (see the hacking of telcos by the Chinese via backdoors)

Dave April 1, 2025 9:42 PM

The fault is not to do with Signals use of crypto algorithms but making “group” –be they users or devices–comms “efficient”.

That’s because 99.9% of Signal users are using it in the same way you use Fecebook Messenger, to share memes and cat photos and whatnot. So it’s tuned to work well for the most common use case, which isn’t discussing classified war plans.

ResearcherZero April 1, 2025 11:35 PM

Apparently Mike Waltz was also using Gmail for communicating sensitive information, so the concerns that the White House has a fairly flippant approach to national security seem well grounded. I do doubt that they will take themselves to the nearest police station and lock themselves up, but not using unsecured email in future for official government business is something they may want to strongly consider to avoid foreign intelligence collection.

Amazingly, officials are already provided with both dedicated official and secured options.
Plus it is a very short walk to the Secure Room if they want a confidential meeting.

They might also want to take a closer look at who is directing the sabotage of vehicles, as
deporting Russian agents to Venezuela may not actually be the most well thought out plan. It may be smarter to first establish what is taking place, then formulate a ‘brain fart’.

Given that they show a pattern of rushing to conclusions, this could also be doubtful.
The White House looks to be preoccupied with ‘China Initiatives’ and ‘Liberation’.

‘https://arstechnica.com/security/2025/03/computer-scientist-goes-silent-after-fbi-raid-and-purging-from-university-website/

A phone can be seen liberated from a woman believed to be the professor’s wife.
https://www.nbcnews.com/tech/security/fbi-searches-homes-indiana-university-cybersecurity-professor-rcna198944

Blowing ‘over the limit’ may be enough to land someone on the radar…
https://www.nytimes.com/2025/03/31/us/minnesota-student-immigration-arrest.html

ResearcherZero April 2, 2025 12:16 AM

@Jonathan Wilson, ALL

This is because politicians make the decisions and they have no security qualifications or any senior military command experience. They flat out ignore security recommendations for decades and the warnings of the consequences, then task the security agencies with offensive operations when the proverbial hits the fan. Meanwhile they spruik their national
security and public safety ‘credentials’ and how they will make a ‘strong’ leader.

Behind the scenes “being a strong leader” consist of abdication of responsibility, moaning that it is or will be “someone else’s problem,” hiding all the future challenges the public must face from the people, and then blaming everyone else for their own failures.

One of the reasons for many vulnerabilities in telecom networks is the police want access to many of the records, yet the police are a major source of insider threats and rogue operators. It is because law enforcement is itself highly corrupt and therefor unable to secure conviction, that organised crime is so wide spread. The police also ignore foreign agents and allow them to commit crimes without taking any action to detain them. This makes it extremely hard for the intelligence services, which have no powers of arrest, as foreign agents often use criminal tactics or use criminals to carry out crimes for them.

Often the police cannot actually be bothered, or will not assist victims of crime, as they are far more chummy with the crooks. This can be evidenced in the enormous quantities of evidence that the police already possess, that they never want the public to see. The very simple reason for so many unsolved murders and crimes is, the police would have to lock up their own colleagues, then further serious corruption and crime would come to light. They regularly also decline to assist intelligence agencies in detaining spies.

This is far more common than the public are told and a constant cause of investigative failure. All of the drug rings set up by Australia’s top investigator still operate today.
There are many more like him in each state and operating internationally in each country.

‘https://www.abc.net.au/news/2025-03-31/mark-standen-crime-commission-four-corners/105098992

ResearcherZero April 2, 2025 12:25 AM

The moral of the story is that eventually the crooks end up in government. The end product of three decades of ignoring problems, an increasingly frustrated public, and very well resourced and established crooks willing to take advantage of all that public frustration.

The business community has always been, and is, completely willing to work with criminals.

lurker April 2, 2025 3:12 AM

@ResearcherZero
“This is because politicians make the decisions and they have no security qualifications or any senior military command experience.”

21st century hardware and software, fifth century mindset. It’s been many years since the monarch rode out to battle at the head of his army. But there’s a charlatan who claims he will have a cyber update for mindsets, standing close to POTUS.

Paul April 2, 2025 10:24 PM

Hello Bruce and everyone else. Sorry to be late at the party.
I do have a question, but i want to assure everyone that i am not affiliated with that company in any way.
So in 2015 this news break the internet more or less:

Silent Circle’s encrypted phone app cleared for US government use

I will not post the link to the page, any internet search will reveal it.

What i want to ask Bruce and professionals reading this, i understand that by today standards this app/company is no good because not open source and so on, but to have an app deemed safe for secure communication in our government i see it as a total win.

Still, how come there are not too many news about this app (u need to pay to use it) and why government people steer towards signal or other “free” sources.

Thank you very much.

ResearcherZero April 3, 2025 2:07 AM

@lurker

You are indeed right and they also like to go with what is popular or cool. Security theatre is extremely popular with political figures. They like to flex and boast that they will provide strong leadership, protect public safety and national security, then a tornado plows straight through the middle of town and demolishes everything in it’s path.

I have never seen muscles prevent the theft of health data, or stop any bullets. I have also never seen muscles prevent famine, flood or disease either. But I’m still waiting.

Perhaps you have to wear the right kind of hat and Italian shoes?

‘https://www.bloomberg.com/news/articles/2025-03-28/oracle-warns-health-customers-of-patient-data-breach

Clive Robinson April 3, 2025 4:19 AM

@ lurker, ResearcherZero,

With regards,

“It’s been many years since the monarch rode out to battle at the head of his army. But there’s a charlatan who claims he will have a cyber update for mindsets, standing close to POTUS.”

There is an old game, I call it the “King Game” where you convince superstitious and uneducated people you have some kind of power you control. That will act like a horn of plenty for all, if they just get their self entitlement first as the “Head of the que” or even “God Head”. It’s been happening for many thousands if not tens of thousands of years we see it in other tribal primates so it might be an innate failing or they learned it from us. Rudyard Kipling wrote about it in “The man who Would be King”[1] That actually describes the process in a slightly fanciful way.

One way of old of showing it was to be fearlessly brave in battle with a tactic or weapon the enemy were unaware of, and what starts as a small snowball advantage gives others courage and an avalanche happens and the enemy not just defeated but enslaved. Having that first victory gets leveraged against many much smaller kingdoms and they fall one by one to become an Empire. In 1899 Kipling wrote a poem about Empire building that is still seen by some as their cause, though short “The White Man’s Burden” tells much of what is still evolving,

‘https://en.m.wikipedia.org/wiki/The_White_Man’s_Burden

But history tells us another story Empires always fail it just takes time. This is because of the greed of the self entitled leaders, who
build for a short while by plunder and pillage they call profit. Then they become decadent, uneducated and in some cases inbreed and ugly as they try to keep power and wealth in the family. It happened with Rome they become ousted, Spain likewise and Mexico and below… Showing that like roaches some scuttle and hide but find other ways to return in different form. But behind these increasingly mindless puppets are the real danger of “Your humble servant” the pious men of faith who whispers in the ear of the fool on the throne…

A couple of years later in 1901 the American author Mark Twain wrote “To the Person Sitting in Darkness”,

‘https://en.m.wikipedia.org/wiki/To_the_Person_Sitting_in_Darkness

An essay of repudiation that slashed open the underbelly of such behaviours. Sadly though the lessons are seldom learned and fools rise up to ignoble ends.

Capitalism for a short while has become King and Religion has hidden from strong light. However with idiots abounding “The Church” is once more arising to power behind the throne…

But what is the fate of such become feckless leaders in “Italian shoes”?

All to often “flight abroad” in one case in a Storch off of a mountain top when the helicopter failed,

‘https://warbirdfanatics.com/2019/04/30/3-fun-facts-about-the-crazy-slow-plane-that-saved-benito-mussolini/

More recently with the helicopter working to the airport carrying the “British Dentist” who is for now cooling his heels in Moscow.

Thus the question of who will protect the current crop of “idiots in charge”. When those who have failed to heed George Santayana who lived through Kippling and Twains works and both the world wars that followed have proved yet again

“Those who forget the past are condemned to repeat it.”

As Mark Bradley, sports writer for the The Atlanta Journal, and thus no stranger to over blow contesting egos, observed in 2020, of Santayana’s most famous quote,

“That’s the thing, though. None of us have forgotten. Darned if we’re not repeating it anyway…”

So in turn an observation of my own,

Thus the folly of mankind is once again being writ large across the pages of history. As though impressed by the oppressive wheel of fortune, but driven by the flexed muscles of authoritarian whims. Such that it grinds endlessly, over and over, ever onwards, so our bones to crush.

[1] Not only a fun and actually educating read, but a quite good film of the book had Mr Connery and Mr Cain as leads. Oddly it was first published in 1888 a year that keeps getting drawn to my attention for many diverse reasons, and is developing a “1969 vibe” about it. A series of wars built over the next quarter century culminating in “The Great War” which over in Russia, saw the seeds of what was to become the mess we see today of a man who would be Emperor and send ravening hords to their doom.

Clive Robinson April 3, 2025 4:55 AM

@ Paul,

With regards your question of,

“why government people steer towards signal or other “free” sources.”

Because the fail to understand the difference between

1, Free to use.
2, Use it freely.

Thus “they get hoist by their own petard”. Of not just

1, Using it to freely, but
2, Speaking to freely…

As I note from time to time there is a balance of

“Individual Rights -v- Social Responsibility”

These people are “not of the government”, but of the Executive, not elected, just selected, for their most undesirable attributes.

One of which is they are all about their “Rights” and nothing about their “Responsibilities”.

There are three main reasons I warn against all “Secure Messaging Apps” and the like,

1, None are secure as a system.
2, They paint a vulnerability on the users backs.
3, They always engender stupid irresponsibility in the users.

I think all three points have been demonstrated clearly with this use of Signal.

We’ve seen it before with WhatsApp, with Telegram, with… Need I go on?

Let’s just say “The Wheel rolls on” and people are not learning from the past.

Clive Robinson April 3, 2025 6:54 PM

@ Bruce, ALL,

Google lobs an E2EE swerve

On Tuesday Google dropped the impression it was going E2EE, but no it’s doing something else with certificates.

Exactly what, and what vulnerabilities it has potential or actual are yet to be determined[1].

“Google unveils end-to-end messages for Gmail. Only thing is: It’s not true E2EE.”

“Google says that E2EE Gmail abstracts away this [S/MIME] complexity. Instead, Bob drafts an email to Alice, clicks a button that turns on the feature, and hits send. Bob’s browser encrypts the message, and sends it to Alice. The message decrypts only after it arrives in Alice’s browser and she authenticates herself.”

Hmmm,

https://arstechnica.com/security/2025/04/are-new-google-e2ee-emails-really-end-to-end-encrypted-kinda-but-not-really/

[1] Looks like I’m spending the weekend in front of the whiteboard looking at / getting a feeling, for potential holes, that will be there somewhere, as is true for all “new non trivial programs”.

ResearcherZero April 4, 2025 1:40 AM

If everything is national security then nothing is.

‘https://foreignpolicy.com/2025/03/31/trump-tariffs-national-security-russia-canada-mexico/

Increased risk – U.S. tariffs are being walked back to more than 100 years ago. The United States now has the most internationally integrated economy and supply chains in the world.

If a trade war does erupt, the US may feel the worst inflationary effects of any nation. As a result security budgets and checks will be cut and holes will emerge that cannot be imagined or accounted for. Rather than securing supply chains, it may have the opposite effect. That will include critical infrastructure and the ability to monitor these crucial systems. Numerous vulnerabilities will open up along with new opportunities for attack.

https://theconversation.com/trumps-liberation-day-tariffs-are-the-highest-in-decades-an-economist-explains-how-that-could-hurt-the-us-253685

ResearcherZero April 4, 2025 1:54 AM

There are up sides. Product inventories originally destined for the US will flow to countries without tariffs, so for some countries at least, electronics may get cheaper.

New trade agreements and markets will be established that bypass the United States and perhaps opportunities to forge new alliances which increase security. The public will have to push to ensure improved privacy and protections are included that protect the people.

Demanding real transparency and sustained pressure on officials will be essential.

lurker April 4, 2025 4:08 AM

@Clive Robinson

This latest trick with gmail looks like it might only work if Bob and Alice are using Gmail via the web interface, on a browser. I used to annoy some people at my last day job by using a proper mail client, not webmail. And the same proper mail client using the TLS/IMAP port allowed me to carry on using gmail in China, when other people’s webmail was blocked. Sure, they probably read every word as it went past, but I never noticed any harmful MITM effects.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.