Comment by guerrilla
8 months ago
Yeah, that's what I thought you meant. This situation is what MAC and specifically MLS are actually for, so that exactly this doesn't happen. There must be mobile devices and texting apps that actually support that but as far as I understand it Android is very far from being able to implement that kind of policy (despite heavy use of SELinux).
It's actually weird we don't see this in the corporate world either. These problems, as many of us know personally, exist everywhere, not just at the White House and it's going to lead to huge issues down the road.
Anyone here know if the DoD actually has their own stuff for this? It was they who came up with these technologies back in the rainbow books days.
A stupid simple way to do it would be to use control groups as security pools. If you are not a member some master control group, then you can't be added to related spawned "child" groups. Better than what is there now, which is nothing. Would have to be client level controls, maybe a smart contract could govern, but could Signal build on the current abstractions by having groups be members of groups and inherit the same "phonebook" as the group they are a member of. Just spitballing.