Comment by GVIrish
8 months ago
Using Signal in this case is wrong and foolish full stop, and the extremely likely reason they did so is so they could escape standard government record keeping compliance (NARA).
To start with, classified information is ONLY supposed to viewed in a SCIF. Secondly, it should never be loaded onto private devices. The private phones of national security leadership would be prime targets for every hostile intelligence agency in the world. It matters little if the information was encrypted in transit if the host device is compromised.
One would have to be a fool to not trust all of the classified tools and safeguards the US government uses only to then use a commercial app on commercial phones to communicate classified data in public while stateside and abroad. Just the fact that someone could accidentally add an unauthorized person to the chat is but one reason it was crazy for them to do this.
The most likely reason is convenience, not escaping record keeping.
The report includes notes on certain messages having durations set before they would disappear. This indicates intent.
Sure, but I’m willing to give them the benefit of the doubt on that count. I’m fairly sure that’s because they felt it would be safer if the confidential info they sent wouldn’t stay around.
It can certainly be both. Just like they have already tried to shield DOGE from FOIA transparency requests.
Then why would you enable the disappearing messages functionality?
Avoiding government record keeping is literally part of the Project 2025 plan.
[flagged]
10 replies →
Avoiding FOIA requests is the reason every secretary of state since Collin Powell uses private email to conduct business.
"classified information is ONLY supposed to viewed in a SCIF"
No.
No, no, no.
Most classified information is NOT designated SCI. When classified info was mostly paper, it was placed in GSA approved safes in regular 'ole office buildings. You'd get to work, open your safe, and do your work. Most SIPRNet computers are not in SCIFs.
Heck, you can even mail classified documents via USPS. Confidential and secret documents can be sent registered mail.
SCIFs are for viewing TS materials, whether or not they are SCI. Even then, SCIFs are often employed for processing things that are only marked Secret or systems only handling Secret. But yes, if we want to be specific, Secret has a lower bar and can be worked on outside of SCIFs but still not in public or at home.
Again, no. Not all TS material is SCI. You only need a SCIF for SCI.
"SCIFs are often employed for processing things that are only marked Secret or systems only handling Secret"
No. SCIFs are expensive. They are not built when they are not needed. They are only needed for SCI materials.
1 reply →
There are a ton of assumptions in here that have yet to be proven true.
CISA explicitly promoted the use of signal by all top government officials.
This is true, but lacks specificity. Do you think CISA would recommend sharing details of imminent military operations via signal?
Where? They recommended it for members of the public as part of their general recommendation for end-to-end encryption but that’s a very different scenario than government employees who have official systems.
[citation needed]
Assuming this is true, how did they determine what a "top" government official is? So if you're the SecDef you should use it but not the deputy SecDef? How would this guidance not pertain to all government officials?
Sure, those are the reasons for, but would be interesting for you to address the salient point of not trusting those government systems. I'm sure you can make the counterargument.
That doesn't really make sense. If they had strong reason to believe that the secure comms systems they were supposed to be using were compromised, using personal phones to communicate outside of SCIFs is very, very far from what any competent person who understands and is briefed on the threat environment would do. Note that none of the people involved are making that argument because it would make them look even more incompetent.
Not arguing it was the best choice. But, I'm curious, if you were in the position where you had strong reasons to believe the official secure channels available to you were compromised by your political opponents who were leaking information received via those channels to undermine your policy initiatives, and needed to act and coordinate nonetheless, what would you do?
21 replies →
So what would the smart move have been in that case?
If the CIA and NSA (let alone Russian and Chinese intelligence) are illegally spying on you, your civilian phone is toast. You shouldn't be ordering DoorDash on the thing.
Imagine the resources the Chinese and Russian governments devote to accessing these phones. The value to them could be trillions of dollars and/or existential differences in national security outcomes. The owners have to assume they are hacked, and that China and Russia know where they are going to dinner (which itself is a problem - they know who is meeting with who and when).
The administration has not made this argument though. You have.
So why should we default to the position of not trusting those systems when every previous administration has used it without issus.
Many people are making the argument that this administration is unlike all previous administrations. I infer you disagree with that.
4 replies →
The argument is that there are many organizations in the current government, a lot of them independent agencies, that are politically aligned against the Trump administration. Many people in these organizations have backdoor or spying access to government communications, and so members of the Trump admin can't trust government systems for communication.
11 replies →
They are the government. You're suggesting trusting a third party over trusting themselves.
The government is not a unitary entity. The Constitution provides for three branches of government explicitly to offset each other's power. And the civil service is essentially a 4th branch of government. Just replacing the titular heads of government does not guarantee any ability to control the body. Witness the outpouring of protest at "the government's" attempts to control "the government" via DOGE. They are not the same.
2 replies →
I mean, the conversation included references to materials sent on 'the high side' (classified-material email systems). If they consider those systems secure, what's the point of using Signal instead?
I don't think it was a particularly good tactic, but if there was some motivation, it may have been more about political sabotage than foreign adversaries. I think that is the more interesting conversation, personally. What do you do if your political (domestic) antagonists control your comms? This question applies to all sides politically. Signal itself is promoted for "activist" use cases to protect comms from domestic antagonists. I'm presenting a similar dilemma. If one part of the government, (e.g., the military) controls secure comms, then another (e.g., the political) may have no choice but to opt-out. This problem is maybe better seen in the context of another country. It may be "too close" for us to see it clearly in the U.S. Other countries face this problem all the time, and Signal is used for the same reasons. I find it an interesting security problem.
1 reply →