A photograph of Trump administration official Mike Waltz’s phone shows him using an unofficial version of Signal designed to archive messages during a cabinet meeting.
Mike Waltz, who was until Thursday U.S. National Security Advisor, has inadvertently revealed he is using an obscure and unofficial version of Signal that is designed to archive messages, raising questions about what classification of information officials are discussing on the app and how that data is being secured, 404 Media has found.
On Thursday Reuters published a photograph of Waltz checking his mobile phone during a cabinet meeting held by Donald Trump.
The screen appears to show messages from various top level government officials, including JD Vance, Tulsi Gabbard, and Marco Rubio.
Lemme get this straight
It’s a problem for the government to use signal because all govt correspondence needs to be on record and retrievable in the future
But it’s also a problem to use archiving of encrypted chats?
Not an American, can someone explain?
Sure. You are legally required to archive all correspondence by approved by our security departments software, not a corporate app that shares the info with corporations and are on unsecured servers. Our security warned them to not do this and they did it anyway.
Also, do you remember “but her emails” for Hillary Clinton? That was because she used a private app for some of her emails. She wasn’t using it to wage a war.
What stops the government approving the app themselves?
Nothing, but it hasn’t been done, therefore this is illegal.
Lmao that’s pretty funny, why am I getting downvoted
Asking questions with obvious answers. You come off as a sealion troll.
What is a sealion?
Obvious answers for Americans maybe
God forbid you ask a question on the internet these days
Obvious for anyone with an internet connection and half a brain. Case in point, you could google “sealion troll” and get far more info than you’d ever get from a lemmy comment.
Defined as trolling by asking for evidence? What the fuck
What the fuck does that mean
Sea lioning.
Yes.
The answer is that this is all a bunch of stupid bullshit and that the Trumplicans truly don’t give a damn about laws that no one can force them to follow.
At this point, there’s really no point in trying to look for consistency or rational justification for anything these people do.
What laws are being broken? If republicans control both houses, why don’t they approve the app or change the law?
Government communications must be archived.
By using Signal, they’re intentionally breaking the law since Signal doesn’t retain communications. The only conclusion that can be drawn from this is they don’t want a record so they can’t be held accountable in the future.
The simple answer is that this wouldn’t pass the Senate, because the filibuster still exists (for now) and you need 2/3s vote to end debate and hold a vote (called cloture). It’s unlikely you’d get the 15 or so Dems needed for this to happen.
The complicated answer is that Congress has been perfectly happy ceding more and more of its authority to the Presidency for a long time now. When you’re elected for a two-year term (as Representatives are) but spend 1+ year campaigning (because seriously, fuck US elections) you don’t want to do anything that even the short-term-memories of American voters might remember. So they’re perfectly happy letting the President take the blame for anything if it’s their party in the White House, or obstructing him if it’s not.
The point they’re trying to make seems to be that the specific unofficial Signal app they are using does archive those messages. So the fact Signal by itself doesn’t, is irrelevant. The government is paying TeleMessage for this Signal app instead of using the official Signal app… The only reason for that would be for the archiving capability.
I mean… If they’re using Signal specifically because it doesn’t store messages, and they are trying to hide the communications and not archive them… They wouldn’t be using the app capable of archiving them in the first place, they’d just use the official Signal app.
Not sure why this is hard for people to understand since the article is explaining exactly what this app is and does and how it bypasses the “Signal doesn’t arching texts” issue entirely, because it doesn’t matter what the official Signal app does or doesn’t do.
Everyone gets that. What you don’t seem to get is that when the law says government communications must be archived, it doesn’t mean “an Israeli company has a copy of all my sensitive texts” is how to accomplish that.
How do you know they have access to the archived data? That’s possible… but requires making assumptions that the application sends the archive data back to the company, which is not a guarantee by any means. Not everything operates via vendor-run infrastructure, most enterprise applications are designed to work with an enterprise-run solution for exactly this type of reason. This isn’t a program aimed at the general public.
They make the client application, it is entirely possible that the client simply sends that data to a specified database, and the apps on these devices are set to a server run by the US government. It’s not hard to verify where the archive info leaving a device via any network interface is going. You can’t just hide a connection from the phone to an additional random server, especially if you’re looking for weird connections when validating solutions to implement.
Is it possible that they have it running to a server run by the company? Of course it’s possible. That doesn’t mean it’s plausible, or even likely here. We don’t know how the app is set up or where it archives to. Assuming it must archive back to the company though is ignorant of how anything remotely related to these types of things work.
On a side note… When was the contract for this application setup? Was it signed by the Trump admin or has it been in place for years to archive these types of communications and we’re only talking about it now because of the Trump officials being idiots brought it into the news cycle?
An archiving application isn’t inherently insecure just because it’s third party, or even made by a foreign company. There’s a shit ton of technology bought from foreign countries because that’s the best option.
No, both are a problem because they aren’t approved and controlled.