Conversation

Notices

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 05-May-2025 08:33:33 JST Kevin Beaumont

   The third party version of Signal the White House has been using has been hacked, and Signal messages from devices stolen (as they were being sent to the supplier)

   https://www.404media.co/the-signal-clone-the-trump-admin-uses-was-hacked/

   • Steve's Place and Rich Felker repeated this.
   • Embed this notice
     EndicottRoad59 (endicottauthor@mastodon.social)'s status on Monday, 05-May-2025 13:59:33 JST EndicottRoad59

     in reply to

     @GossiTheDog How about we just gut the White House and start over?

   • Embed this notice
     Steve's Place (steter@mastodon.stevesworld.co)'s status on Monday, 05-May-2025 14:00:22 JST Steve's Place

     in reply to

     @GossiTheDog This is treason in plain sight.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 05-May-2025 21:23:28 JST Kevin Beaumont

     in reply to

     The SignalNotSignal hack of US government is really big. Some examples for those who haven’t seen it. The USG managed to take an encrypted platform, backdoor it, and got owned.

     Rich Felker and GreenSkyOverMe (Monika) repeated this.
   • Embed this notice
     8tpercent (8tpercent@fosstodon.org)'s status on Monday, 05-May-2025 21:48:19 JST 8tpercent

     in reply to

     @GossiTheDog
     Other customers... https://web.archive.org/web/20250310170118/https://www.telemessage.com/customers/

   • Embed this notice
     JP (jplonie@aus.social)'s status on Monday, 05-May-2025 21:57:12 JST JP

     in reply to

     @GossiTheDog more like an Mosad intel collection op just got burnt.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Monday, 05-May-2025 21:57:59 JST Rich Felker

     in reply to

     • JP

     @Jplonie @GossiTheDog This. You'd have to be incompetent af to use any security/comms product from an Israeli company.

   • Embed this notice
     Kool Depeche Moe Dee (eviljarred@infosec.exchange)'s status on Monday, 05-May-2025 21:58:48 JST Kool Depeche Moe Dee

     in reply to

     @GossiTheDog I think there is a different lens to view this through. They didn't write the software for this Signal "clone."

     What they did was ignore USG requirements for obtaining and provisioning vetted software, and bypassed the normal channels via shadow IT to use software from some sketchy Israeli intelligence-linked hacks.

     And this illustrates why the red tape and bureaucracy that Trump and DOGE and all of those cronies bemoan exists. It exists based on prior assessments of risk and the appropriate controls needed to manage that risk, which the current administration wholly ignores.

     Where this has happened, you can guarantee there are even greater, more consequential risks being taken in the name of "efficiency" and "cutting through red tape."

     Fucking amateurs.

   • Embed this notice
     RootWyrm 🇺🇦:progress: (rootwyrm@weird.autos)'s status on Monday, 05-May-2025 21:59:09 JST RootWyrm 🇺🇦:progress:

     in reply to

     @GossiTheDog and people are still sleeping on the fact that this is not some 'small fry' company. "TM_SGNL" can reasonably be assumed to reflect the practices of OTHER products at parent company Smarsh. Which is actually a fairly large player in the compliance archiving space.

     Which tells me that there's a non-zero chance their other products (which are all SaaS) have similar 'security' practices.

     Just what you want from a company selling you 'Conduct Surveillance.'

     Rich Felker repeated this.
   • Embed this notice
     RootWyrm 🇺🇦:progress: (rootwyrm@weird.autos)'s status on Monday, 05-May-2025 21:59:23 JST RootWyrm 🇺🇦:progress:

     in reply to

     @GossiTheDog and boy howdy are those products full of red flags.

     For example:
     https://www.smarsh.com/platform/enterprise/conduct

     "Supervise[s] more than 100 communication channels (including audio and video)"

     So it's not so much 'archiving' as 'spyware' where everything is being dumped into S3 buckets by people with ... *questionable* security practices.

   • Embed this notice
     VessOnSecurity (bontchev@infosec.exchange)'s status on Monday, 05-May-2025 22:20:44 JST VessOnSecurity

     in reply to

     @GossiTheDog
     In case you missed it in the actual article:

     "The hacker was able to access data that the app captured intermittently for debugging purposes, and would not have been able to capture every single message or piece of data that passes through TeleMessage’s service."

     That is, this was only debug data, not actual logged messages. As far as I understand, the actual logs are encrypted with a password - although that probably doesn't amount to much, since the password seems to be hard-coded in the app.

     Also, you have to pick one:

     - Trump's government is bad because they use Signal's disappearing messages to avoid scrutiny

     or

     - Trump's government is bad because they complied with a judge's order to log Signal messages.

     You can't criticize them for both simultaneously and still have any credibility that your reasoning isn't obscured by your politics.

     Oh, and Telemessage was procured by the Biden administration - it is not a Trump thing. They just used it to comply with the judge's order.

   • Embed this notice
     dave (hologram@cyberplace.social)'s status on Monday, 05-May-2025 22:41:27 JST dave

     in reply to

     @GossiTheDog I caught a few scoops early this am, but I missed this one! thanks for the tip

   • Embed this notice
     dave (hologram@cyberplace.social)'s status on Monday, 05-May-2025 22:57:05 JST dave

     in reply to

     @GossiTheDog looking at 404media, anyone who can donate will get improved access, and it sounds like a good idea 👍

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 06-May-2025 06:48:35 JST Kevin Beaumont

     in reply to

     The SignalNotSignal service used by the USG has been hacked for a second time today by a different threat actor, and has been taken offline. https://www.nbcnews.com/tech/security/telemessage-suspends-services-hackers-say-breached-app-rcna204925

   • Embed this notice
     Antony (diagprov@mathstodon.xyz)'s status on Tuesday, 06-May-2025 06:55:06 JST Antony

     in reply to

     @GossiTheDog think how much good they're doing for encrypted messengers though.

     First, family asked me about signal and considered trying it after I showed them it functions just like WhatsApp.
     Now they just made a great case for how badly wrong mandated backdoors can go.

   • Embed this notice
     Justin Fitzsimmons (smn@l3ib.org)'s status on Tuesday, 06-May-2025 08:16:22 JST Justin Fitzsimmons

     in reply to

     • Rich Felker
     • JP

     @dalias @Jplonie @GossiTheDog especially one that is outwardly advertising its connections to the IDF 🤦♂️

     > I haven't spent a lot of time looking into TeleMessage, but what I did find at a quick glance is that several of the executives on the teams page list Israeli universities in their bios, and the CEO, Guy Levit, says that, "From 1996 until 1999, Guy served as the head of the planning and development of one of the IDF’s Intelligence elite technical units."

     https://infosec.exchange/@micahflee/114440391172505310