These boomers think Signal is safe because they use the word encrypted.
Can we please vote these clowns out and get some adults back in government?
Signal is pretty safe. They exploited a specific phishing vector and forged group chat invite links that also send conversation data to their own linked devices.
AFAICT this was a phishing attack, not an attack on Signal.
Disclaimer: I’m not endorsing the use of Signal for government information, which is supposed to be kept for the record.
As of March 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.0.3 using a zero-click exploit. While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device’s microphone and camera, and harvesting information from apps.
This is consumer grade spyware built by Israeli intelligence and loaned out to just about everyone. It’s been around for a decade. Governments use this to hunt down activists and opposition party members.
This Signal leak is one hole in the colander. Sure, water will leak through that hole. But water will also leak through all the other holes. And the countries collecting that water have more than what NSO Group contracts out.
It’s ok. The US government decided Russia isn’t a cyberthreat anymore.
https://www.theguardian.com/us-news/2025/feb/28/trump-russia-hacking-cyber-security
It could also be someone sitting on their bed that weighs 400 pounds
Uh, no shit. State backed espionage groups are targeting the communications channels used by their primary targets. What are you going to tell me next? That water is wet and fire is hot? If the US government started using IP over Avian Carrier (RFC1149) you can bet that the GRU would start up a program to intercept the carriers.
It’s not a surprise Russia and friends are attacking the platform; it’s surprising the Whitehouse is using it for official communications. (or at least it would be, if the WH wasn’t occupied by nazi tech bros…)
Additionally, they’re likely using it on their personal, insecure phones, on insecure networks.
There’s whole layers of security being bypassed here.
It’s a pretty good endorsement of the app!
Honestly, yeah. IIRC, the Swedish military also advised using it.
IPoAC. The ping is pretty slow, but the packet size is incredible
🤔 I wonder how much data a single bird could feasibly carry. Quite a bit more than when this standard was first thought up I’m sure. You can get some incredibly high capacity sd cards now.
Its not a question of where it could grasp the data, it’s a question of weight ratios
African or European swallow?
I wonder how much data a single bird could feasibly carry
I imagine it’s quite a lot. You already brought up high-capacity SD cards, so at that point it’s figuring out how much weight the bird can carry in terms of 1TB SD cards or similar.
Pretty much every time there have been head to head competitions between birds and wires, the birds have won.
The birds stand on the wires to mock their inferior bandwidth
Yeah, it’s not the bandwidth that’s the problem, it’s the ping.
Well, ping and packet loss.
I’d assume range too. Hard to go across the ocean by pigeon.
To be honest, I’m surprised they didn’t use telegram.
https://duckduckgo.com/?q=kremlin+targetting+signal+accounts&t=fpas&ia=web
it seems there’s some real mechanism, involved in this…
Here’s the best-quality information I could readily-find…
https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger
Witkoff in Moscow when added to chat?
https://bsky.app/profile/olgalautman.bsky.social/post/3ll663snbc224
Even if they do get access to the chat logs, good luck brute forcing those encryption keys Putin!
I can think of easier ways of compromising the data besides brute forcing the keys, off the top of my head, and I’m just some schmuck. Relevant XKCD: https://xkcd.com/538/
-
Compromise their endpoint with a malicious app on the app store.
-
Gain physical access to the device and compromise it. Use your imagination – pickpocket, traffic stop or customs inspection by a compromised agent, seduce them with a honeypot, etc.
-
Socially engineer them to mistakingly add you to their group chats.
-
SIM swap
Signal might be fine for journalists, criminals, cheating spouses, and general privacy when used properly with good OpSec but nation state adversaries have significantly greater resources than your average attacker, and thus require more significant security.
-
Well, he just needs to get them to accidentally add his spy to their group chat. How hard can it be?
Wasn’t there a hacker group some years ago that released Signal binaries with backdoors that allowed attackers to read decrypted messages?
Removed by mod
Many comments, one post mad about jordanlund. What do you think happened today that’s more important? Clearly you must not think it’s important if you didn’t post anything about it.
