← Back to context

Comment by zdragnar

8 months ago

CISA explicitly promoted Signal for use by top level government officials. The fact that an outsider was invited to a conversation they didn't belong in is troubling, but basically nothing else about this seems to be outside of recommended policy.

The administration is also claiming that there was no confidential information in the conversation, which I think is certainly debatable, but the rest of the story seems overblown to me.

11 comments

zdragnar

Reply
ModernMech  8 months ago

You're talking about this document:

https://www.cisa.gov/sites/default/files/2024-12/guidance-mo...

Which says:

  Organizations may already have these best practices in place, such as secure communication platforms1 and multifactor authentication (MFA) policies. In cases where organizations do not, apply the following best practices to your mobile devices.

And goes on to say:

  Adopt a free messaging application for secure communications that guarantees end-to-end encryption, such as Signal or similar apps.

But concludes:

  Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by CISA.

So they mention signal as an example of an app that they are talking about, but they explicitly state that by mentioning it they are not implying to endorse or recommend or even favor it.

Moreover, the advice doesn't apply to organizations that have their own best practices in place, which the organizations in question certainly do. So the question isn't what CISA recommends it's what the CIA, DoD, Department of State, etc. recommend.

tailefer  8 months ago

You should read the release that CISA put out [0]. The use of Signal for classified discussions is not a suggested use. True, it's not explicitly forbidden, but people entrusted with that access should know better.

Saying that CISA approved Signal (and, in right-wing sources, saying "Biden administration CISA") is an attempt to minimize and distract.

They shouldn't have been texting classified information. Full stop.

[0] https://www.cisa.gov/sites/default/files/2024-12/guidance-mo...

  • dionian  8 months ago

    What classified info was in the chat? The only reference I saw to classified info was explicit references to getting out of that medium to discuss classified info

    • jandrese  8 months ago

      I have not verified this, but reporting suggests they had targeting data down to the names of individuals in Yemen, as well as flight times and originating sources for the airstrikes, which if leaked would be very valuable to whatever air defenses were in the country. It is not clear if intelligence sources were also potentially compromised.