👊🇺🇲🔥leaks

Author: WyIted
signal
leak

Posts

Total: 127
#61
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
Previous statements were generalizations from people who clearly have no inside information.
I did cut down the quote so that I wasn't just covering the page with examples, but several quotes from the article that upheld those statements, so that's pretty dismissive for no reason. Then again, looking further down, it seems like you don't really think these experts are worth listening to anyway, so I don't know why you bother responding to any of them in the first place. It's not that they have no inside information, it's that they're too biased to provide information that we can have any trust in.

"phone's secure enclave", the implication that a phone is more secure than a PC is naive. Maybe an iphone because of their rather wise policy of using full drive encryption without making users jump through too many hoops.

Otherwise nonsense, an off the shelf android phone from samsung has no automatic encryption around app storage or much else nor are phones generally immune from spyware anymore than PCs. In both cases spyware is either baked in (somebody tampered with the OS installation), or it was let in by the user.
Not really responsive to any of the points he made. The argument here is not that a phone, as a device, is less hackable than a PC. The argument is that the more devices information is shared to, the more opportunities there are for one of those devices to be hacked. Increasing the number of devices by, say, sharing that data with a PC is the problem, not the fact that it's a PC vs. a phone. Yes, there will always be multiple devices involved, but no, that does not mean that more devices is better for cybersecurity.

Also, I already acknowledged that the app encrypts those messages, so I don't know why you're responding by pointing that out. Encryption, by itself, isn't enough to assuage security concerns, and I don't know why your pointing it out is responsive to anything I quoted.

Suffice to say Signal, in the hands of experts, would have been secure; and the greatest efforts of the Pentagon would have failed to keep this information out of the news after having invited a blabbing journalist to participate.
Fair. Optimally using this app would probably have prevented anyone from even knowing it was being used. Was it in the hands of experts in this case? Was it foolproof in this instance? Doesn't seem so. Also doesn't seem particularly likely that an internally developed program that is not open source would offer the opportunity to invite a journalist to join. Maybe that's just my assumption.

BS, look at what happened with the obamacare website.
Don't know why you're going off on this tangent. Yes, I can acknowledge that the experts aren't always right and there are some major fuck-ups. Not sure why this applies or how this invalidates their insights on cybersecurity.

... and yea if it was intentional that implies that they would be willing to do it again, but under that conditional who cares?
Feels like this should matter for pretty obvious reasons. Your response here is, essentially, if they're doing this optimally, then there's no harm. First off, we shouldn't assume that they will always do this optimally, i.e. selectively managing information so that the only information that is ever released can do no harm whatsoever through it's release. The more this happens, the more opportunities they have to release vital and dangerous information. Second, it matters anyway because perception is everything. If the US public and our allies perceive the military complex of the US as leaking information to the press like a sieve, that's a problem. If they have to keep being dragged before Congress to answer for it, that's a problem. People need to trust in their security.

1-5 people are consulted by propagandists in the AP cabal and then they repeat the same claim a hundred times.
I mean... do you want me to just give you a list of sources that all provide similar information? Doesn't seem like you care because they're part of "the AP cabal" and so their information is prima facia useless. They're a source you don't trust, ergo their expertise doesn't matter. We have to reference experts at some point since none of us are, but if all of them are just biased hacks, then there's no point in discussing any of this and we might as well just throw up our hands.

Topic's author
#62
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@whiteflame
I mean... do you want me to just give you a list of sources that all provide similar information?
If they are cyber security professionals I would be open to reading their opinions.
#63
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@WyIted
If they are cyber security professionals I would be open to reading their opinions.
I’ll do some research and get back to you.
#64
Sidewalker
Sidewalker's avatar
Debates: 8
Posts: 3,319
3
2
5
Sidewalker's avatar
Sidewalker
3
2
5
-->
@WyIted
There is a myth that the government has stronger encrypted apps than what they actually do. They don't have anything stronger than signal. Open source is always going to be stronger than anything proprietary because literally millions of people are looking for exploits in open source software
Nonsense, I spent decades selling telecommunications equipment to the government, especially the military, and they are freakish about security and encryption, they won't even consider it if it isn't the absolute best.  And by the way, it doesn't have to be proprietary to be the best there is, you just have to be willing to pay the price, and for secure channels, they do.  

When it comes to military operations, this was a hopelessly inept move, anyone who walks into the Situation Room must take off watches, jewelry, phones, etc, to make sure there is nothing recorded and no surveillance possible, the room itself is wrapped in a dozen security features we know about, and a dozen more that nobody knows about, it is about as secure as anyplace on the planet.  The only place hackers get into secure military channels is on television. The military takes their secure communications channels very very seriously, I think they go overboard myself, but hey, they were willing to pay for the best shit and I was willing to sell it.  I mean, the situation room is in the fucking white house, do they really need it to be so tightly wrapped, they think so.  A secure transmission channels are just as tightly wrapped, when there is a security breach, it's never because of the equipment, it's always the people.

Point being, Larry, Curley, and Moe at the Pentagon really fucked up this time, we are talking total incompetence.

And this nonsense pablum being spewed is being spewed by the same people who chanted "Lock her up" because of relatively harmless state department shit being sent from an unsecure email account, what fucking hypocrites.  You can try to put lipstick on this pig, but it isn't going to help, .
Topic's author
#65
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@Sidewalker
Nonsense, I spent decades selling telecommunications equipment to the government, especially the military, and they are freakish about security and encryption, they won't even consider it if it isn't the absolute best.  And by the way, it doesn't have to be proprietary to be the best there is, you just have to be willing to pay the price, and for secure channels, they do. 
So you're talking about hardware? 

Why would you state "nonsense" and then follow it up with absolutely nothing that contradicts anything I said?

By necessity, not everything is going to be discussed in the situation room. 

Do you know how often the government is tricked into buying fake Cisco routers which is a major security concern? I think you are overstating the governments paranoia.
#66
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
it seems like you don't really think these experts are worth listening to anyway, so I don't know why you bother responding to any of them in the first place.
They can't see what I post, people on this site can.

I commented on the supposed expert opinion to demonstrate that it is not very expert; thus justifying the attitude of considering them not worth listening to.


It's not that they have no inside information,

For example
"...members of Trump’s Cabinet — including the vice president, Defense Secretary Pete Hegseth, and Director of National Intelligence Tulsi Gabbard, among others — were likely using personal devices, since in most cases, Signal cannot be downloaded onto official federal devices."

Were they using personal devices? Can we even confirm these people were part of the conversation or was it all a script?

"People can link Signal messaging to a desktop application.' he said. 'This means that Signal data is being delivered to potentially multiple desktop and laptop computers"

Were they using desktops and laptop computers?



it's that they're too biased to provide information that we can have any trust in.
Biased or ignorant, doesn't really mater in the end does it?

Bias can be in the selection of comment as well. How many opinions did the propagandist gather? What percentage of that was presented, even from the same person?

I don't trust the editor's editing or interpretation, I don't trust the sources, and I certainly don't believe the wizard of consensus is behind the curtain. That status quo for me though. If I was a truster I wouldn't be a debator.

In this particular case my mistrust was (once again) validated by specific, demonstrably misleading claims.


The argument here is not that a phone, as a device, is less hackable than a PC.
That was absolutely the implication.

Here is the quote again:
“People can link Signal messaging to a desktop application,” he said. “This means that Signal data is being delivered to potentially multiple desktop and laptop computers where it isn’t being stored in a phone’s secure enclave. That data is then at risk from commodity malware on the system.”


Also doesn't seem particularly likely that an internally developed program that is not open source would offer the opportunity to invite a journalist to join. Maybe that's just my assumption.
That's probably a safe assumption (if that program exists), which compounds the oddness if it was not an intentional leak.

If it was intentional on the other hand, of course they could not be so obvious about it by having a journalist meet with NSA or DoD techs to get him setup.

If there is a secret government app package and phone with messaging that isn't just a repacking of off the shelf products which I would guess is 50/50, why would the entire Trump admin decide to use Signal instead?

Either they don't trust the NSA (understandable) or this particular leak is a sham. There are other possibilities but they imply large sprawling conspiracies; i.e. NSA didn't tell them about the in-house option.

The simplest explanation is that everyone is a lot stupider than 'we' are giving them credit for.

The NSA and the Pentagon are full of idiots who are being paid because government always tends towards waste and corruption. They don't have any workable equivalent to Signal, they've been relying on firewalls to protect them while they use Microsoft Outlook to plan their dastardly deeds; meanwhile the Trump team really did think Signal was fine, and this leak was a thumb fumble in a contacts list.

The stupidity of the Trump team in this case would not be using Signal but changing details of an attack two hours before executing it. That is rushing that would be inexcusable outside of battle context.

From the politco article:
The app has become increasingly popular in recent months in Washington, following the discovery of a massive Chinese government-linked breach of U.S. telecommunications networks that allowed hackers to steal a trove of Americans’ cell phone records and spy on the conversations of senior U.S. political figures, including Trump and Vice President JD Vance.

If you believe that, that would mean they were using straight SMS before?

From the same article:
A former intelligence and security official, granted anonymity to discuss the handling of likely classified information, noted that the situation could have been averted if the U.S. government had a chat service certified to handle classified information.
So the ever reliable anonymous source claims there is no better option, what do you believe?


BS, look at what happened with the obamacare website.
Don't know why you're going off on this tangent. Yes, I can acknowledge that the experts aren't always right and there are some major fuck-ups. Not sure why this applies or how this invalidates their insights on cybersecurity.
Halfway there, more like:
1.) Just because the government hired them, doesn't mean they're experts.
2.) Just because the government spends billions of dollars doesn't mean they have nice toys, it is mostly money laundering after all.

Which both tie into the reasonability preferring Signal over the hypothetical secret alternative.


the more opportunities they have to release vital and dangerous information
Opportunities? They are the top of the hierarchy. They can release everything at any time they want.


I mean... do you want me to just give you a list of sources
You do whatever you want to do, I am explaining why you might get the impression that there is a consensus of experts when there is not. It's a very old trick at this point.

They're a source you don't trust, ergo their expertise doesn't matter.
Hypothetical expertise.


We have to reference experts at some point since none of us are
Should have finished with "on everything", I'm an expert on some things (by comparison to the average knowledge). If you aren't an expert on something it's surprising you support yourself financially.


then there's no point in discussing any of this and we might as well just throw up our hands.
You have not brought me a consensus of experts, you brought me some quotes; one of which demonstrated shallow expertise. A consensus of experts or a single idiot, what matters is the argument.

People on this site can respond to arguments, quotes from third parties cannot. If you have nothing to say but "I believe this because I believe experts believe this" then yea, throw up your hands because that is an utterly useless statement to make. There is nothing to debate there but epistemology.


#67
Sidewalker
Sidewalker's avatar
Debates: 8
Posts: 3,319
3
2
5
Sidewalker's avatar
Sidewalker
3
2
5
-->
@WyIted
Nonsense, I spent decades selling telecommunications equipment to the government, especially the military, and they are freakish about security and encryption, they won't even consider it if it isn't the absolute best.  And by the way, it doesn't have to be proprietary to be the best there is, you just have to be willing to pay the price, and for secure channels, they do. 
So you're talking about hardware? 
Communications systems are necessarily integrated systems, so yeah, there's hardware, and inside of the hardware is software, it's like magic.

Why would you state "nonsense" and then follow it up with absolutely nothing that contradicts anything I said?
Maybe because you were talking nonsense. 

By necessity, not everything is going to be discussed in the situation room. 
That was just an example of how obsessed they are about security in regard to military command and control, command and control is what was shared by this clown car full of National Security department heads.

Do you know how often the government is tricked into buying fake Cisco routers which is a major security concern? I think you are overstating the governments paranoia.
Sounds like you never tried to sell secure communications systems to the government or the military, you can't imagine what it's like trying to sell to be who keep saying "Lives are at stake" and "National Security" and that kind of shit, they really do think they are special. 

But they spend a shit ton of money, and that makes them special.



Topic's author
#68
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@Sidewalker
Bro are you pretending politicians have special cellphones the rest of us don't? They use the same shit we do and attach MDM software. 

Are you comparing some random shit you sold for field communications to cellphone chats on signal?
#69
Dr.Franklin
Dr.Franklin's avatar
Debates: 32
Posts: 10,757
4
7
11
Dr.Franklin's avatar
Dr.Franklin
4
7
11
My view was that this was on purpose to somehow "prove" the Europeans or egyptians something.

What a cringe administration. Go ahead and deport Ukranian mothers or attack France but give everything to Israel and Indian migrants. Fuck MAGA and fuck Elon.
#70
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
Frankly, I just don’t see much reason to continue this conversation, as it seems clear that your goal is more to introduce uncertainty about what could have happened rather than defend it. On that basis, I’m fine ending this by saying that yes, there are circumstances where things might have turned out this way and everyone was doing their due diligence. Even in that instance, it doesn’t present the government in a positive light, but hey, it’s possible.

Based on what we do know, I don’t think that’s the most likely reason all this happened, and I suspect further investigation will reveal as much, but there’s room for uncertainty now, so I’ll concede that and we can wait to see what happens.
Topic's author
#71
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
The thing that makes me think it is maybe not a chess move is that Walz did it and he's not really a MAGA Republican
#72
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
Frankly, I just don’t see much reason to continue this conversation, as it seems clear that your goal is more to introduce uncertainty about what could have happened rather than defend it.
...and you're looking for defenders, not people pointing out what you can't know. Got it.
#73
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
...and you're looking for defenders, not people pointing out what you can't know. Got it.
...no? The original post you responded to was engaging with an argument in defense of these leaks, but I wasn't expecting you to take up that banner. I just don't want to have a prolonged discussion where I can already see the end result: we don't have enough information and the investigation has to play out to figure out more of what went on.
#74
Greyparrot
Greyparrot's avatar
Debates: 4
Posts: 27,460
3
4
10
Greyparrot's avatar
Greyparrot
3
4
10
-->
@whiteflame
Yeah, I definitely do not have enough info to make even a guess to defend it. Honeypot seems  implausible with the current info, there doesn't seem to be any malice on the part of the reporter.... on the other hand, Tulsi seemed to be holding back a smile when questioned about it. Something is definitely up.
#75
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
...and you're looking for defenders, not people pointing out what you can't know. Got it.
...no? The original post you responded to was engaging with an argument in defense of these leaks
I contradicted two assertions:

1.) Signal is insecure
2.) An intentional leak is a risk of unintentional leak (the dam analogy)
#76
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@Greyparrot
Is it possible that they pulled the same trick on a larger group of people and only one went public before contacting them? I can't see the point of that since a journalist publishing is hardly a betrayal of trust.
#77
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
I contradicted two assertions:

1.) Signal is insecure
2.) An intentional leak is a risk of unintentional leak (the dam analogy)
For the former, your responses largely came down to there being a lot we don't know about the accessibility of data from Signal vs. other methods of communication that they could be using internally. I accept that. I also acknowledged that Signal is secure in some ways from the start, so it's mainly a matter of whether it has vulnerabilities that their other methods do not. I presented evidence to that effect, you dismissed it as uncertain. I accept that there's information we don't know. I don't know where we go from there.

The latter is not a point I made. You criticized my dam analogy because you thought it implied unintentional leaks would happen, but I stated (now a few times) that that wasn't my intention with the analogy. I'll acknowledge that it's a poor choice for an analogy, but I thought I was pretty clear about what I meant: that an administration willing to engage in this kind of intentional information leak once would likely do so again, and that there's a substantial risk with each one.
#78
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
and that there's a substantial risk with each one.
Why?
#79
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
Why?
Because we shouldn’t assume that they will be consistently judicious about what information they include. More leaks mean more opportunities for intelligence failures, even if all of them are planned.
Topic's author
#80
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@whiteflame
Things can go wrong with leaks but every intelligence agency on the planet engages in intentional leaks. Some is for misinformation some is to leak legitimate information for political gain. 

Leaking information that the administration doesn't want to help Europe when this administration has been pushing Europe to be more independent and strengthen their military seems in the wheel house
#81
Moozer325
Moozer325's avatar
Debates: 29
Posts: 1,249
3
2
9
Moozer325's avatar
Moozer325
3
2
9
-->
@WyIted
You’re right that he shouldn’t have leaked the chat, but he had every right to publish the fact that the government had made a mistake. He shouldn’t have pounced on it, but we have a right to know that our federal government is this incompetent. Also for the record, Signal is fairly safe, but it’s still now allowed as a secure chat by the government.
Topic's author
#82
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@Moozer325
This is false. It is allowed as a secure chat and the state department recommended it's usage
#83
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
Why?
Because we shouldn’t assume that they will be consistently judicious about what information they include.
Once again, they are the executive branch of the government. If you can't assume they are judicious about what they pretend to want to keep secret, why would you assume they are judicious about what they openly declassify.

There is no point you're making here.

If you didn't trust them yesterday nothing has changed.


More leaks mean more opportunities for intelligence failures, even if all of them are planned.
This is a "if you make a move you take a risk" observation.

If a carrier moves to a different location, that was an opportunity to be ambushed. Doesn't mean it was an error.
#84
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@WyIted
Things can go wrong with leaks but every intelligence agency on the planet engages in intentional leaks. Some is for misinformation some is to leak legitimate information for political gain. 
And usually, those leaks are much more controlled, the people involved much more clearly on the same page, and it doesn’t involve inviting random journalists into a private chat. It’s not just about the information that’s being delivered, it’s about the slap-dash, messy nature of its delivery and how that speaks to what they’re likely to do in the future.
Topic's author
#85
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@whiteflame
Why do you think it was slap dash and hastily done?
Topic's author
#86
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
If it was haste it's still pretty impressive given zero damage was done and the message did get to the Europeans
#87
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@ADreamOfLiberty
Once again, they are the executive branch of the government. If you can't assume they are judicious about what they pretend to want to keep secret, why would you assume they are judicious about what they openly declassify.

There is no point you're making here.

If you didn't trust them yesterday nothing has changed.
…not trusting them generally and not trusting them in this particular sense are two different things. I assumed that, at minimum, the delivery of classified information between members of the administration wouldn’t be a shit show that involved inviting a journalist to be a part of the process as it played out. I guess that was a silly assumption. 

This is a "if you make a move you take a risk" observation.
That’s not my point. The nature of how they took that move and their position that nothing was wrong with how they did it strikes me as far more concerning because it tells me that they’re not going to put into place safeguards against this happening again or, if they do, that they won’t learn from the experience because any restrictions will be imposed externally. So, rather than just taking any kind of move, they’re going to continue to take these kinds of moves.
#88
whiteflame
whiteflame's avatar
Debates: 27
Posts: 5,759
4
6
10
whiteflame's avatar
whiteflame
4
6
10
-->
@WyIted
Why do you think it was slap dash and hastily done?
It looks like they weren’t paying attention to what they were doing and just didn’t see that they’d invited a journalist into this discussion without noticing. That comes off as slap-dash and hasty, since there seems to have been no rhyme or reason to the choice or the timing. If the goal was to deliver information to him in the chat, why bother leaving him in there for days at a time? Also, why does the lack of resulting harm suggest care was taken?
Topic's author
#89
WyIted
WyIted's avatar
Debates: 34
Posts: 7,616
3
4
9
WyIted's avatar
WyIted
3
4
9
-->
@whiteflame
It should appear sloppy tbh. The only thing that gives me pause is that Walz was the one to do it.
#90
ADreamOfLiberty
ADreamOfLiberty's avatar
Debates: 0
Posts: 4,396
3
2
2
ADreamOfLiberty's avatar
ADreamOfLiberty
3
2
2
-->
@whiteflame
that they won’t learn from the experience because any restrictions will be imposed externally
Maybe there is nothing for them to learn.

Remember the context:

More leaks mean more opportunities for intelligence failures, even if all of them are planned.
You keep implying that planned leaks are compounding risks, that is the assertion which you have provided no support for.