I’m somewhat surprised to see that they use a KVM to switch between back and forth between a JWICS and SIPRNET. I would imagine it’s a special KVM as it’s essentially bridging the airgap between the two.
Somewhat related: does there exist a technology where I can encrypt something in a manner that it can only be decrypted after a specific future date? If theoretically possible, what would it take for something like that to exist? ie. "We'd need an authority to broadcast some ongoing pseudorandom number generator that can be trusted" or whatnot.
I was thinking of encrypting a secret in the structure of a Rust program so it can only be decrypted by compiling and running it.
andrepd · 13m ago
? Where's the time component there
Waterluvian · 2m ago
Compiling a rust program!
fmbb · 23m ago
Can’t you just fork the chain?
beloch · 6h ago
The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Public key encryption, like Signal uses, offers good security for most purposes. e.g. It's fantastic for credit card transactions. The problem with using it for transmitting state secrets is that you can't rely on it for long-term secrecy. Even if you avoid MITM or other attacks, a message sent via Signal today could be archived in ciphertext and attacked ten years from now with the hardware/algorithms of ten years in the future. Maybe Signal's encryption will remain strong in ten years. Maybe it will be trivial to crack. If the secrets contained in that message are still sensitive ten years from now, you have a problem.
Anything sent with Signal needs to be treated as published with an unknown delay. If you're sharing intelligence with the U.S., you probably shouldn't find that acceptable.
fidotron · 12m ago
> Anything sent with Signal needs to be treated as published with an unknown delay.
Oddly they have thought of that already, to the point all encryption systems in use in the gov are thought of in these terms.
All that matters are the different assumed times to publication (weeks to years), and then treating the strength of measures involved differently based on what is reasonable for the given use.
If you absolutely need something to never be published then encryption isn't the solution, and nor are computers generally.
codethief · 2h ago
What other type of encryption would you use for state secrets? You seem to be implying that governments and three-letter agencies use some vastly superior cryptographic scheme, whereas AFAIK Signal is as close to the state of the art as it gets.
Also, to be clear, Signal doesn't use public-key cryptography in the naive way (i.e. to encrypt/decrypt messages) as was/is possible with RSA. It uses asymmetric key pairs to first do a Diffie-Hellman key exchange, i.e. generate ephemeral symmetric keys, which are then used for encryption/decryption. This then also guarantees forward secrecy, see https://signal.org/blog/asynchronous-security/ . (Add to that they incorporate an additional post-quantum cryptographic scheme these days, and I'm probably omitting a lot of other details.)
HWR_14 · 18m ago
> Signal is as close to the state of the art as it gets.
For their use case, which requires communication between two (or more) arbitrary users who never communicated before among millions of users, running on cheap commodity hardware over wireless connectivity to the internet.
Leaving encryption aside, looking only at the network level, the DoD is capable of using a dedicated fiber line. Or rather a parallel fiber infrastructure.
galangalalgol · 21m ago
Poking around it seems like pre shared keys are used for the secure stuff, so no public keys, no rsa. It isn't that signal isn't state of the art, it just makes compromises for usability.
Edit: I didn't state something perhaps I should have. Symmetric key is considered more secure because public key is more complicated so more room for side channel mistakes, and the computation needes to break public keys doesn't scale as fast with key size. I am not an expert but that is what I've read.
rocqua · 1h ago
Store now decrypt later still defeats diffie hellman if you capture the handshake. And quantum computers break diffie hellman as easily as RSA.
jxjnskkzxxhx · 1h ago
Quantum computers don't exist. If you want to talk about a hypothetical machine which might exist in the future you should state that plainly.
Forcing the reader to parse thru the literary devices in order to get to the argument weakens the argument.
henryjcee · 2h ago
came here to say similar. GGP is another great example of hn people jumping in to make comments without having even a basic understanding of what they're talking about. Frustrating as it spreads misinfo about security which is the last thing we need.
femto · 5h ago
Even if Signal's encryption implementation is secure, the device on which it is running probably doesn't satisfy TEMPEST requirements. Most consumer crypto is vulnerable in some way to a side-channel attack.
wickedsight · 2h ago
None of that matters if Signal is running on what is effectively a personal device connected to the internet. That device is now the weak link and is what intelligence agencies in many countries are now probably trying to get into.
nicce · 20m ago
Pegasus all the way down as an example.
wickedsight · 55s ago
Exactly. And Pegasus is what we know about. I'm sure there's plenty we don't know about that's used for more high profile targets, like former Fox News hosts.
satanfirst · 5h ago
I'd give different advice.
You shouldn't share state secrets with the US. They will be on or transferred between misconfigured cloud accounts. Some agency will eventually get authorization for analysis of them with an intention of financial espionage. The probable or confirmed loss of them will serve as a plausible deniability for the US when it misuses them.
KennyBlanken · 15m ago
Five eyes have been 'careful' about what they share since they got burned during the first trump presidency.
TiredOfLife · 4h ago
The encryption is completely irrelevant if the information is sent directly to 3rd parties.
concordDance · 3h ago
This is silly, many countries use consumer messaging for internal communications. The UK government famously uses whatsapp for example.
DaiPlusPlus · 5h ago
> The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Right, but this is nothing new: Hegseth is only a recent example of Trump's camp mishandling sensitive docs; I'll bet there's been an inner secret Four Eyes group since the the Mar-a-Lago bathroom official-document-archive story dropped years ago.
What surprises me is that I expected Tulsi Gabbard to be the centre of mishandling allegations, not SecDef.
Discordian93 · 2h ago
Tulsi is a competent mole, she knows better than to be this obvious.
20after4 · 2h ago
Maybe Tulsi is just staying out of the spotlight while Hegseth was hired to be in the spotlight.
jandrewrogers · 5h ago
Signal has been used widely in US intelligence for many, many years. Nothing about this is new, though perhaps people that never paid attention are just now becoming aware of it. As for the rest of Five Eyes, they use WhatsApp the same way. I’m not sure that WhatsApp would be considered an improvement.
It is clear there is a gap between how people imagine this works, or should work in theory, and how it actually works.
HWR_14 · 56m ago
> Signal has been used widely in US intelligence for many, many years.
For lunch orders and office softball schedules. Not top secret information.
0xEF · 3h ago
They're paying attention to Signal now because Hegseth doesn't know his ass from his elbow when it comes to tech and secrecy, instead acting like someone who has watched too many action films and thinks those are just like real life. The problem is not Signal. The problem is incompetence. Plain and simple. Because he blindly added persons to the group that probably didn't belong there, we now have the infamous "we have OPSEC" line, but instead of questioning why this idiot still has a job anywhere near the intelligence agencies, we're wasting our breath scrutinizing what is easily one of the best opens for secure comes if the user understands how it works.
chuckadams · 19m ago
> why this idiot still has a job anywhere near the intelligence agencies
Because competence is a disqualifying attribute in the kakistocracy known as the Republican Party.
standardUser · 6h ago
If you're going to put a guy in charge who is completely unqualified and has a history of alcohol abuse you should at least make sure he's competent. It's actually very grating to see someone operating at this highest level of authority and treating it like its beneath them. It feels like we're watching history get written by the most entitled and inept among us.
sillyfluke · 5h ago
What kind of tickles me is that any new poltical thriller tv series or movie that posits that matters of state in the US are conducted by serious and knowledgable people is now virtually unwatchable for me. It's virtually impossible to suspend the disbelief required to enjoy something that is so far removed from the reality of today's politicians.
(The recent cringe inducing Deniro series comes to mind)
mycatisblack · 3h ago
You should watch Civil War (2024) some time. The disbelief is shrinking on that one.
sillyfluke · 28m ago
As I recall the battle lines were a bit awkwardly drawn for that one. The realism would increase if Cali and Texas were governed by the same party for some time in real life (as I recall they were allies in that movie).
I would like to see someone take up the idea of Canamerimex Union in a movie for kicks -- that is, the idea of Canada, California and Mexico forming a union on the west coast (and maybe continuing down the east coast, with Canada bridging both coasts)
mnky9800n · 2h ago
I found that movie to be disgusting as it takes real footage of war horrors such as 20 days in Mariupol, suicide bombers, etc. and sanitizes that for American audiences. Using this visual style of movies like 20 days in Mariupol indicates the filmmakers watched those movies and thought that could make them buck. Then it gives you some bullshit feel good call of duty action at the end to go kill the president which is tonally different both in visual style and in the context of the narrative. And it replaces the horrors of war such as bombing maternity hospitals and watching pregnant women be dragged from the wreckage with stereotypical racist Americans. And it justifies all this because it tells the tale of some war time reporters and asks the question what if they are just adrenaline junkies which is why they do their jobs? Thereby undercutting the real value and heroism of those who report on these conflicts who are captured, tortured, and murdered (e.g., Viktoriia Roshchyna). It does nothing to connect the audience with anything that is actually happening in the world and even serves to insulate Americans from the horrors of Ukraine and elsewhere while attacking journalists. I thought that movie was disgusting.
nathan82 · 26m ago
Do you have a different example other than 20 Days in Mariupol? Because the filmmakers definitely didn't watch that and think it could "make them buck". Principal photography for Civil War took place the year before 20 Days in Mariupol premiered.
decimalenough · 1h ago
...huh? Civil War is about a group of reporters in the final days of a future civil war in America where a rather Trumpian president is about to be overthrown by rebels. It's not "replacing" anything in Ukraine because it's an entirely different story than Ukraine.
mnky9800n · 49m ago
I am talking about the visual language of the movie and how it takes the style of documentary films like 20 days in Mariupol (a movie about the beginning of the war in Ukraine). not the narrative.
A4ET8a8uTh0_v2 · 1m ago
I am confused. What is your complaint here? That US author's stole the visual approach?
ryukoposting · 1h ago
In that case, you may enjoy Veep.
sillyfluke · 37m ago
Yes, I am familiar. When the dust has settled, it should probably go down as one of the best written shows this side of the century.
trhway · 1h ago
Total endorsement for Veep!
There is a significant difference though which even Veep didn't predict - the people in Veep were still riding in the well-oiled deep-state car, while those clowns today is actively destroying that car.
Wrt. clowns - note that the most important Hegseth's staffer is his wife who was his producer back at Fox and basically does the same for him at the Pentagon.
pjc50 · 2h ago
On the other hand, the UK Spitting Image puppet series of sketches The President's Brain is Missing holds up remarkably well, due to being about Reagan.
wickedsight · 2h ago
I'm currently watching 24 again and it now feels even more like fiction than it ever did.
mnky9800n · 2h ago
24 was a wonderful piece of American propaganda whose only goal was to make it seem like torture was okay.
pjc50 · 6h ago
The entire administration is selected for loyalty. In this environment competence is a threat.
SequoiaHope · 4h ago
> It feels like we're watching history get written by the most entitled and inept among us.
I suspect this is somewhat common in history (this is not meant to excuse it), but we can’t tell because those people still wrote the narrative.
twixfel · 2h ago
So Trump will be looked back on as a good president? Highly unlikely, I'd say. Trump is quite uniquely awful in the history of the US.
VierScar · 1h ago
Japan's WWII history is uniquely bad but they don't learn about it.
Can threaten authors with treason for negative books like he did in an EO recently. Change school curriculums. Then Maga can start revising history..
Was the 2025 recession from tarrifs? Nah it was Biden's inflation, or Ukraine aid. Actually.. didn't China impose tarrifs on US and US just reciprocated?
The reality will be altered and murky
yobi0h · 48m ago
> Japan's WWII history is uniquely bad but they don't learn about it.
I see this claim form time to time, but the unsavory side of WW2 is thought in classes, although not without controversy [1]:
Despite the efforts of the nationalist textbook reformers, by the late 1990s the most common Japanese schoolbooks contained references to, for instance, the Nanjing Massacre, Unit 731, and the comfort women of World War II, all historical issues which have faced challenges from ultranationalists in the past. The most recent of the controversial textbooks, the New History Textbook, published in 2000, which significantly downplays Japanese aggression, was shunned by nearly all of Japan's school districts.
On the other hand, after the occupation, GHQ had imposed a press code [2], i.e. censorship of mass media, that undoubtedly had an impact on postwar Japan, so you could say that the point still stands.
For a High-Tech President, a Hard-Fought E-Victory
For more than two months, Mr. Obama has been waging a vigorous battle with his handlers to keep his BlackBerry, which like millions of other Americans he has relied upon for years to stay connected with friends and advisers. (And, of course, to get Chicago White Sox scores.)
He won the fight, aides disclosed Thursday, but the privilege of becoming the nation’s first e-mailing president comes with a specific set of rules.
“The president has a BlackBerry through a compromise that allows him to stay in touch with senior staff and a small group of personal friends,” said Robert Gibbs, his spokesman, “in a way that use will be limited and that the security is enhanced to ensure his ability to communicate.”
[...]
The presidency, for all the power afforded by the office, has been deprived of the tools of modern communication. George W. Bush famously sent a farewell e-mail address to his friends when he took office eight years ago.
While lawyers and the Secret Service balked at Mr. Obama’s initial requests to allow him to keep his BlackBerry, they acquiesced as long as the president - and those corresponding with him - agreed to strict rules. And he had to agree to use a specially made device, which must be approved by national security officials.
verisimi · 1h ago
There was also all that nonsense about Hillary's laptop and emails.
It's fascinating to see the difference in coverage.
JumpCrisscross · 2h ago
> the difference in coverage
Because there was a difference in conduct. Obama consulted "lawyers and the Secret Service," "agreed to strict rules" and "use[d] a specially made device...approved by national security officials." Hegseth yelled YOLO before effectively tweeting target co-ordinates for our warbirds.
darkerside · 2h ago
It's fascinating to see the victim mentality on behalf of those who really don't need it
whydid · 5h ago
This is an example of the False Equivalency logical fallacy.
kubb · 5h ago
When you feel real love for your favorite celebrity convict, whose incompetence is beyond denying, you'll put your mind to work to search for any device that will enable you to excuse anything he does and who he nominates.
People will talk about "politicians being incompetent", or act like actually anyone who has ever been in the office was like this. It's a pretty close and comforting way to deal with the reality of supporting a fraud without having to admit that you were duped.
gadders · 2h ago
"A false equivalence or false equivalency is an informal fallacy in which an equivalence is drawn between two subjects based on flawed, faulty, or false reasoning"
What is the faulty reasoning here? Apart from "My side good, your side bad."
verisimi · 4h ago
I don't think so. The original post is based in 'false equivalency'.
My position - for many years - is that government is immoral, and the people who serve in it are the worst; I don't have a preference between blue or red.
pjc50 · 2h ago
> government is immoral
Maybe you're going to find out how much more immoral warlordism is. "Not having a government at all" is a weird fantasy of teenagers.
(the really odd combo is people who hold both the "government is immoral, especially the US federal government" and the "the US federal government should go to war with China" combo, which a few moments thought will show the contradiction)
verisimi · 1h ago
Let's imagine we do go to warlordism and I do get to see how immoral it is.
At least I won't have to pretend that the coercion and theft is actually moral and good, right? At least I won't have to doublethink myself, turn myself inside out to justify the unjustifiable.
Ackonwledging the problem (immoral government) is just the first, esxential step towards making an actual difference. Why continue to pour in more effort to support an already failed system?
HWR_14 · 1h ago
> I won't have to pretend that the coercion and theft is actually moral and good, right?
Of course you will. Not praising the warlord as moral and good will result in real physical consequences for disloyalty, maybe even summary death. As opposed to saying the same thing on HN when just your position is attacked.
DonHopkins · 3h ago
>I don't have a preference between blue or red.
In other words, you prefer red, but prefer not to admit it.
JumpCrisscross · 2h ago
> In other words, you prefer red, but prefer not to admit it
Lazy nihilism doesn't belong exclusively to one party.
darkerside · 2h ago
No, but in this context, it's hard to disagree with the comment
verisimi · 1h ago
> In other words, you prefer red, but prefer not to admit it.
What a coincidence that the Kremlin has been pushing that exact line of propaganda to western audiences through mouthpieces like Hegseth for years
JumpCrisscross · 2h ago
"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."
"Some of the classified emails found on former secretary of state Hillary Clinton’s home server were even more sensitive than top secret, according to an inspector general for the intelligence community."
vkou · 3h ago
Generally there would be a few garbage appointments, not an avalanche, and more important people have been shitcanned for lesser scandals.
1oooqooq · 2h ago
they at least had to pretend. and to pretend they had to let competent staffers do the work so they could take credit.
even bush fooled everyone he was literate (save from the two times he held books upsidedown) while in office.
enaaem · 5h ago
Imagine Hegseth was a black woman…
pjc50 · 2h ago
UK comparison: https://www.bbc.co.uk/news/uk-england-london-47996907 ; black woman MP has a train can, everyone treats it as a massive scandal. I think someone had a survey once where they found that one third of all hate mail and death threats directed at UK MPs was aimed at her.
prawn · 48m ago
For anyone else confused by the phrasing:
"Shadow Home Secretary Diane Abbott has apologised after a photo emerged of her sipping a can of M&S mojito on a London Overground train."
Meanwhile in Australia, the opposition leader visited a pub during his campaign and the crowd yelled at him to drink a beer out of his shoe.
gadders · 57m ago
There are no excuse for death threats but she is widely acknowledged as borderline competent at best.
xanderlewis · 2h ago
(It’s easy if you try…)
mmooss · 7h ago
Let's pretend you work for a non-US state intelligence agency. How would you find Hesgeth's personal computer in his office on the public Internet? A genuine thought experiment.
o11c · 7h ago
Write an article that he's likely to be interested in reading, spread the link, then mine the browser data just like every other website.
JumpCrisscross · 6h ago
Literally just @ him on X. These are the moments of strategic ineptitude you hoard zero days for decades to score.
Teever · 6h ago
I don't want to derail the conversation too much with this but this is the kind of thing that blows my mind with seeing obscenely wealthy/powerful people like Musk and Trump on social media.
At some level of wealth you reach a point where no one can get to you physically. You're completely physically safe and isolated and can't be hurt. That means that the only way someone can get to you is through communicating with you and making you hurt yourself.
That means that social media is your only weakness. This is how adversaries can affect your plans and goals and disrupt your mind. Yet so many of these people seem so oblivious to this and are as terminally online as your average 4channer or facebook mom.
Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
JumpCrisscross · 6h ago
> Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
They're online because their followers are online. Social media may be the actual lead pipes to our empire [1].
So yes, they are absolutely weaker than leaders with digital hygiene. But the reason they're there is because the American public is similarly weaker.
> Social media may be the actual lead pipes to our empire [1].
In America, the lead pipes of their empire are the literal lead pipes still in use all over the country.
Teever · 5h ago
Sure, I get that there's utility in having an online presence, but these people are wealthy/powerful so they can afford to have someone do that work for them with the public non the wiser.
sjsdaiuasgdia · 1h ago
That wouldn't give that kind of narcissist the same level of satisfaction as they get from the army of sycophants clicking "Like" on their latest hot take.
I think that direct connection is particularly attractive to the right kind of narcissist. Might be the best drug they've ever had.
snowwrestler · 39m ago
> At some level of wealth you reach a point where no one can get to you physically. You're completely physically safe and isolated and can't be hurt.
This definitely is not true, and billionaires know it’s not true. Hence Bezos’ extensive work with the “gift of fear” guy, and Elon’s complaints about tracking his airplane, etc.
In fact the physical paranoia of the extremely wealthy is what isolates them, and arguably that is what is attractive about social media: they can interact socially without physical risk.
All that said, Hegseth is not super rich. He was a mildly successful TV personality before becoming SecDef.
wmf · 6h ago
Yep. The CIA uses these same techniques to track foreigners of interest (e.g. Putin's entourage) so we should assume other countries are attempting to use similar techniques on American officials.
Title:”0-click deanonymization attack targeting Signal, Discord, other platforms”
Maybe not 0-click anymore, but still applies if the user browsing the internet.
snowwrestler · 48m ago
You would just send him a link in a Signal message. His phone number is widely known and he has Signal installed on his desktop computer.
Signal’s protocol secures the message in transit. But their desktop app may or may not have client-side vulnerabilities. And if he clicks a link, you’re out of Signal and into the browser. If the link downloads a file, you’re into the OS.
overfeed · 4h ago
Compromise the device of one of his contact and send him a juicy link via telegram that renders "Error: Not viewable on mobile" when opened a phone. Bonus points if the link has 0-day malware dropper
rasz · 4h ago
I would make Witkoff sit on his ass in hotel for 8 hours while my team one room over wirelessly breaks into his phone and gets into those Signal chats.
I think a pretty good show would be something written like West Wing, where everyone takes themselves very seriously, but with rampant, blatant incompetence. Like, not funny at all. Nothing tongue in cheek, no winks to the audience. A drama of morons.
Get me inside the minds of these freaks.
toomanyrichies · 1h ago
That's basically "Veep". You might also enjoy "In The Loop", "The Thick Of It", or most of Armando Iannucci's oeuvre.
ryukoposting · 1h ago
Veep. You're describing Veep. I guess that's more "assholes" than "morons" but there's plenty of both.
jajko · 2h ago
The office. In White house.
netbioserror · 32m ago
I'm simply going to point out the blaringly obvious that has somehow missed the armchair commentariat for this whole narrative debacle:
1) DoD and other departments have either tacitly or explicitly approved the use of Signal for internal matters for several years now, with proper opsec.
2) You cannot govern exclusively from a SCIF, hence 1.
wmf · 6h ago
If some tech geniuses wanted to improve government efficiency, one thing they could do is create secure yet easy to use collaboration software. Maybe give the app a catchy one-letter name.
purpleidea · 5h ago
I can only imagine two possible explanations:
1) He is avoiding some sort of corrupt signals intelligence folks from knowing what he's working on.
2) He is avoiding the government catching him in some corruption by avoiding the official records act.
Anything else?
vkou · 3h ago
3) He's an idiot who hasn't given it a shred of thought, and was hired for loyalty, not brains.
elsjaako · 4h ago
The same reason teenagers might use Instagram DMs to communicate about school projects - It's just the platform he's familiar with.
Or the same reason I have Whatsapp - communication in my social groups happens there, and if I don't have it I get left out.
Your explanations assume there is some deeper meaning, looking at the tradeoffs for each communication platform, and then coming to some rational conclusion. I don't think there's much evidence for that.
The people around trump just happen to be used to using signal to communicate, and if Pete doesn't get on board he gets left out.
Loughla · 26m ago
Incompetence only applies if you're not running the literal federal government.
We have to assume malicious intent. These people could start a nuclear war. They get zero flexibility or grace.
codeulike · 3h ago
Not a fan of the Trump administration but I imagine the official pentagon communications systems must be extremely clunky and annoying, and about 20 years behind civilian tech.
During the UK Covid-19 enquiry into gov decision making at that time it came to light that most of the UK cabinet were co-ordinating via Whatsapp groups. Again, I'm not a fan of Boris and Dom Cummings but this makes some sort of sense to me. I recognise the need for government teams to have quick convenient chat available to them. Things move too fast these days to wait for the next cabinet meeting or to arrange things via a series of phone calls.
The problem here is that the convenience is coming at the expense of proper identity management. SignalGate is a good example of the principle. Some Apple convenience feature helped the user by putting the phone number of the reporter into the addressbook under the identity of a government official. Signal then cheerfully used that incorrect phone number to add the reporter to the group chat.
That 20 year old tech is simply more secure... specifically because it is less convenient. By doing things the way they do them they can enforce access to desired levels of security by controlling physical access to the equipment. With something like Signal, that access is entirely the responsibility of the user. The user will inevitably mess that up, particularly when things get exciting. ... and Signal is not even really all that good at preventing the user from messing the identity thing up.
You are right, but I'd also say that high security brings a lot of friction that slows down decision making. Irrespective of Trump and his friends (whom I dont like) as a point of principle I think world leaders have to choose between secure and slow vs fast and risk of leaks. For most purposes, fast and risk of leaks is going to be more optimal.
pjc50 · 2h ago
> quick convenient chat available to them.
And unarchived. It's very convenient to not have to do things in meetings with minutes where people might later question your decisions. Or report them to the police.
codeulike · 23m ago
Yes you are right and these people probably are crooks. But in principle I think politicans should be able to have private conversations. These used to happen in literal back rooms but these days everyone is geographically spread out and thats not so possible. Formal decisions should be ratified in official minuted meetings but informal chat should also be possible. Because people need to actually talk to each other in an unguarded way to figure things out sometimes. At the moment the principle seems to be 'anything that a politican types to anyone else should be archived for later perusal' and I'm not sure that thats going to give us better decisions.
snowwrestler · 37m ago
To be fair, quite a lot of in-person meetings among U.S. federal government leaders are private and do not produce minutes.
graemep · 2h ago
The British government was officially using Zoom for cabinet meetings during lockdown which was a whole lot worse.
codeulike · 17m ago
The whole world had to shift online with about 2 weeks notice, so I'll forgive them that. At the time I was kind of impressed to be honest that red tape didn't bring the govt machinery to a halt and that they were actually able to improvise a bit. But yes Zoom is not generally the platform I'd want them to use.
twixfel · 2h ago
> but I imagine
Do you know at all or are you just relying completely on your imagination to justify the Trump admin's actions?
codeulike · 15m ago
I dont like Trump but I'm interested in the idea of what technology we want our politicians to use if we actually want them to be functional teams. This seems like a topic that might be good to talk about on HN.
JensRantil · 2h ago
Of course the guy needs to have an end-to-end encrypted direct line to the president. It's the president that runs the show and all decisions must go through him.
Where is the "but her emails" crowd now? There are three main issues here:
1. The Defense Department bans the use of Signal for everybody else. Why is that? Why is the Secretary exempt?
2. As we've seen it's pretty easy to add unauthorized people to what should be secure communication channels where classified information is shared; and
3. There are laws around the preservation of governmental records. Expiring Signal messages seems like it's intentionally meant to circumvent these legal requirements ie it's illegal.
We're only 100 days in. We've got 1200 more days of this.
sokoloff · 2h ago
Re: 1. If a team at work has a long-standing policy implemented by and applying only to that team and I come in as the new team lead, I can change that policy.
NB: I’m not arguing that this change in policy was done after a careful Chesterton’s Fence analysis and weighing of all relevant factors, but it would seem stranger if a new leader couldn’t change any policies than if they can.
sjsdaiuasgdia · 1h ago
But did they change the policy, or did they do whatever because they felt like it regardless of what the policy said?
Supermancho · 7h ago
> Where is the "but her emails" crowd now?
Same place everyone else is now. Nobody cares about the flagrant violations by the executive. This is the foxes walking around freely now.
nonethewiser · 7h ago
Nobody? Including yourself?
jmull · 1h ago
That’s a common idiom which isn’t literal. (Obviously?)
mschuster91 · 3h ago
> It is remarkable to what great lengths Hegseth went to use the Signal app, because as defense secretary he has his own communications center which is specialized in keeping him in contact with anyone he wants. This center is commonly called SecDef Cables and is part of Secretary of Defense Communications (SDC) unit.
... but unlike Signal, SDC respects laws requiring accurate record-keeping. And that's why this bunch of lawbreakers want to use Signal. They want to evade any and all accountability once this administration is over.
mcfedr · 8h ago
Why are your police not investigating this? The guy is actively breaking the law
foota · 7h ago
If you're not aware, these are federal laws, and the force responsible for investigating and arresting people who break them are a part of the executive branch.
hypeatei · 1h ago
And the attorney general just confirmed in a cabinet meeting that the U.S. marshals would not be arresting any of them (marshals handle court orders, e.g. if you're in contempt)
Morizero · 5h ago
And the top executive is arguing that they are only accountable to him
t-3 · 6h ago
How many politicians have you seen blatantly breaking the law like this and having no problem? It happens over and over again. A lower-level flunky would be in prison, but a political appointee is going to be just fine, forced resignation is the worst that could possibly happen to him. Our system is just that corrupt. The same thing happens with leaks - politician or cabinet member leaking is normal, rando bureaucrat leaking is enemy of the state.
idle_zealot · 7h ago
Judges are investigating and holding trials. The Executive is being obstructive and outright ignoring court orders. Rule of law and the balance of powers have collapsed. Turns out that running a decade+ long misinformation campaign to sow distrust of all legal institutions, as well as expertise and professionalism in general is sufficient to topple the world's oldest democracy. If only there had been any effective counter-messaging things may have been different, but that's impossible with our "left" hollowed out by capital.
SubiculumCode · 7h ago
Because Trump does not investigate himself, and the once independent Attorney General is now just another political arm of Trump, but with prosecutorial power and discrtion. We are in dark times.
jdminhbg · 7h ago
> the once independent Attorney General
This has never been the case; JFK appointed his little brother AG. The problem is that the Congress should be investigating and prosecuting the president but will not.
intermerda · 7h ago
> This has never been the case;
Independence of the Justice Department has been the norm since and because of Watergate.
jdminhbg · 6h ago
It's been a nice kind of fig leaf, but constitutionally the president is the AG's boss, so it doesn't make any sense for the AG to investigate the president. There's an entire branch of government given this power in the Constitution, they've just decided they don't want it.
xp84 · 4h ago
Exactly. Congress doesn’t want any of their duties. War declaration? Nah, let the President do it and call it “not a war.” Budget? Well, technically we’ll appropriate funds, but we’ll only do a big CR once in a while. Tariff policy? Nah, let the President do it all with the “national security” loophole, no matter how absurd. Impeachment and removal? Well, not when it’s your party’s guy.
For all the hate Trump gets, it’s Congress who’s created and who props up this monarchy.
vkou · 3h ago
Except that this Congress was hand-picked by him, since he purged anyone who would push back.
sokoloff · 2h ago
Could you point to say 3 concrete examples where he purged a legislative candidate or removed an elected legislator?
DFHippie · 1h ago
I believe "purged" here means primaried or threatened to primary. I'm sure you know of certain famous examples. Here are some recent headlines:
always have been, its just current admin is less subtle about it
Loughla · 19m ago
And you have hit the nail on the head for how Trump is operating this term.
How can he do these things?
Turns out they all could've, they just chose not to.
Maybe we should strengthen the checks and balances, and Congress shouldn't abdicate ANY of its authority to the president. Maybe the system should work how it's supposed to instead of how is easiest.
SubiculumCode · 7h ago
So you say, but I've seen plenty of independence...see Trump's first term for some examples.
JohnTHaller · 8h ago
Of course, there will be no consequences for his complete lack of... everything
mlinhares · 8h ago
Oh there will be, just not for him. We’ll never know how many state secrets have been leaked through these shenanigans.
JumpCrisscross · 6h ago
> there will be, just not for him
Everyone in this administration has to know they’re spending the decade after Trump in front of the Congress and various investigators.
gmac · 5h ago
Let’s hope so. But of course this is also a heavy incentive for all of them to make sure their regime never leaves power.
xp84 · 4h ago
Nah, because the Dems can’t win elections, and Republicans will never hold any Trump ally accountable.
JumpCrisscross · 4h ago
This is probably what the DOGE kids are being pitched. There is a reason the most wantonly criminal conduct is coming from those too stupid or naïve to understand we haven't transitioned to a one-party state.
CapricornNoble · 3h ago
Can't Trump just pull a Biden, and toss a blanket decade-long pardon to his entire staff? Would anyone bother to investigate them after that?
collingreen · 3h ago
He can do that - presidents have a long history of abusing pardons. Trump has shown he is happy to pardon people without much thought either for media attention (j6?) or for money (levandowski?).
On the other hand trump isn't very loyal to his people so far - remember the wasteland of trump advisors and officials in the first term getting convicted of various frauds without getting pardoned (or the lawyer on tape saying he needs a pardon for trying to overturn the election and him not getting it).
Not that it matters but I don't think Biden gave a blanket pardon to his entire staff I think he pardoned people who he thinks are dangerously and unfairly targeted by some extreme media like fauci and Bidens son hunter.
At the end of the day pretty much all of the limits of presidential power come from restraint, especially (but not exclusively) in todays world of a tame judiciary. If the president cares about or wants to be seen as caring about the rule of law it is a bad look to wantonly disregard it too often.
Yes, there are a lot of folks who want to believe everything their chosen guy does is absolutely right but realistically each bad thing chips away at their ability to ignore the evidence. I know several people who have lost faith in trump as the evidence continues to absolutely pile up that he doesn't match the values they were told to appreciate (rule of law, respect for the constitution, human rights, fairness, Christian values, intelligence). If he gives a blanket pardon to everyone that worked for him a few more people will say "wait, maybe the other side was right and this IS a huge abuse" so it's possible, especially if we continue to have elections, that we won't see this kind of thing.
mmooss · 7h ago
There will be none if you do nothing.
gotoeleven · 7h ago
My understanding is that the use of signal started during biden's term. Is this not true?
cosmicgadget · 6h ago
Are you being intentionally nonspecific? The use of Signal for some purpose doesn't somehow mean it is appropriate for any purpose.
mmooss · 7h ago
Do you have any evidence?
TiredOfLife · 4h ago
During Obama they used a shared Gmail account by passing messages using the drafts feature.
collingreen · 3h ago
Who is "they"?
vkou · 3h ago
The director of the CIA sending sexts (and as it later turned out, classified materials) to his mistress.
He was fired the day after it reached Obama's desk, and eventually got a slap on the wrist and two years' probation.
collingreen · 2h ago
Thanks for the link! It looks like this affair over webmail sparked a lot of investigation and resulted in a firing, two years probation, and a $100,000 fine. That sounds like a great start for this kind of thing and they were just talking dirty, not actively sharing mission details!
Overall, yes let's please investigate and appropriately punish wrongdoing at all levels.
whattheheckheck · 7h ago
Nope
intermerda · 7h ago
Not true at all. The use of Signal started during Obama's first or second term. While the app's first release was during his second term, it existed under various names and forms way back. Wikipedia has a great article on its history.
I personally started using signal some time around 2018 and I'm sure there were millions of users by the time Biden began his term.
rcbdev · 5h ago
You must be intentionally acting dense.
mmooss · 7h ago
I thought the GP means that goverment officials such as the Secretary of Defense started using Signal during Biden's administration (though with no basis for that offered, yet).
Aeolun · 1h ago
Maybe just let the man use Signal?
If someone gave me a whole set of locked down _windows_ computers and a bunch of achaic phone lines and told me to use them in 2025, I’d also try to circumvent such inconvenience.
Loughla · 18m ago
Are you in charge of federal secrets?
iambateman · 8h ago
I wish more people, especially media writers, would start with the presumption that "circumventing the state-approved security machine" is a _feature_ of this administration.
Not to pick on this in particular – nearly all the reporting on this starts and ends with "Signal is insecure" as if that was all it took to be wrong. And in other eras, that was enough.
The man likes Signal. For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
There's so many questions I genuinely don't have an answer for...
Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
Here, his signal comms are likely top secret and we would have no way of knowing if his office followed the legally allowed step of forwarding after the fact for many years.
godelski · 7h ago
There's similar record keeping for lots of officials. Government loves keeping records
collingreen · 3h ago
And now we won't know, ever. Which is exactly the point of avoiding the system.
glaucon · 7h ago
> What is the probability that China is reading these messages in real-time
Real-time might be nice but there's value in reading material at this level with almost any delay.
In 1949 a US counter-intelligence program(me), the Venona project[1] decrypted Soviet cables from 1945 which made it almost certain the First Secretary to the British Embassy in Washington DC [2] was a Soviet asset. That wouldn't have happened if the Soviets hadn't misused their channels of communication.
I don't understand it either. It's not as if you can accidentally message war plans to unauthorized parties on Signal.
ineedasername · 7h ago
“We are currently clean on OPSEC.” -Pete Hegseth
mitthrowaway2 · 8h ago
I think one of the issues is that at least some of the Signal war-plans chat group participants had their messages set to auto-delete. If that's the reason that they're using Signal, it is indeed a problem, even if Signal is secure.
sudahtigabulan · 7h ago
nitpick: disappearing messages are either enabled for everyone in the group or for no one.
grimpy · 7h ago
> There's so many questions I genuinely don't have an answer for...
> Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
Is your point that, in the space of your own lack of knowledge, that reasonable rational may exist? Could you share what gives you trust in this administration to be so generous?
iambateman · 7h ago
Great question, thanks for asking.
My point is that “make liberals sad” is also a stated policy goal of this administration.
I think this article is about one of two things…either there is a possibility that SecDef using Signal represents an ongoing, material national security crisis that should be a concern for all Americans…or it’s really the author grieving for a time when they felt safer because the strict protocols of confidentiality signaled (pun intended) a sense of seriousness about government secrets.
If this is a material security threat, I need a lot of writers to explain why because most people don’t know. If it’s a sad liberal, the result will be counter-productive and large numbers of people-in-power will read this article as a win for their team.
ineedasername · 7h ago
The fact that everyone in the country knows specific details of what and how he communicates, is a national security crisis. If signal was secure and/or he was following reasonable precautions, no one would know anything about this issue.
billiam · 7h ago
Clown take. The use of Signal or any app on a non-secure device by SecDef for what we know he messaged about in his office is absolutely a primary national security threat. Firing offense for any senior Pentagon official dealing with highly classified traffic. Nothing to do with politics.
CapricornNoble · 3h ago
Agreed. I thought Lloyd Austin should have been fired for going into surgery without advising his deputy or any of his staff of the risks, and his deputy should have been fired for taking over for him.....without leaving her vacation in Puerto Rico.
I think SecDef Hegseth is actually an even bigger disaster than SecDef Austin. That said....I think the Deep State/ military industrial complex/ Israel lobby is trying to get Hegseth fired because he's one of the Big 3 (Vance/Hegseth/Gabbard) opposed to going kinetic with Iran. But he's making it really easy for his adversaries, because he legitimately sucks at some foundational skills for management at his level.
rl3 · 7h ago
>If this is a material security threat, I need a lot of writers to explain why because most people don’t know.
Because personal smartphones aren't considered secure for protecting classified information. Signal in and of itself might be fine when used properly, but it doesn't matter when the underlying platform is consumer-grade security. The risk of side-channel attacks is astronomical.
>My point is that “make liberals sad” is also a stated policy goal of this administration.
>If it’s a sad liberal, ...
I'm not sure any of that furthers whatever argument you're trying to make. Signal being used in that manner didn't only violate a myriad of established protocols, but it was straight up illegal on top of it. In any normal political climate we would've seen resignations from day one, regardless of party.
zmgsabst · 7h ago
I see this as partisan:
- one side ignored Clinton using a private server as sec of state
- this one ignores using Signal
I haven’t seen arguments about what the standard is supposed to be or why this in particular is egregious. That would be more convincing than hyperventilating.
Edit:
If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
I don’t follow the allegation its mere presence is problematic, when discussing general communications with other parts of the administration. Especially when accessed via separate/dedicated machine (distinct from secured systems).
If you want to talk about the specifics of, eg, the Yemen war plans then do that — but this article does not.
freddie_mercury · 7h ago
How was an FBI and DOJ and investigation by the Obama administration "one side ignoring it"?
collingreen · 3h ago
This. So much this. The fantasy land behind these "Clinton's emails" takes is bizarre enough to seem intentional.
JumpCrisscross · 6h ago
> what specifically is the problem the administration uses Signal together with unsecured comms?
The DoD kit makes it a little bit harder to add randos to chats where one needlessly posts tactical air strike details.
godelski · 7h ago
What if you believe both Clinton and Hegseth are in the wrong?
I hold this position and I don't think it's uncommon. Plenty of people think if something is wrong then it doesn't matter who does it.
There's definitely perception bias. Usually conversations are short when we're in agreement. Doesn't create engagement. Doesn't make for good news
watwut · 5h ago
There was whole massive campaign against her comparatively much milder infraction. It is crickets now. It was huge.
So, maybe 10 of you care, but the assymetry is beyond apparent.
For that matter, I remember when Obamas tan suit was horrible unpresidential infraction amd lack of respect. Same people voted for Trump not a peep about respectability.
sokoloff · 2h ago
How many people were complaining about “her emails” 28 days after the first one was sent? You’re looking at two very different points on the timeline of each event and concluding that everyone thinks they’re different because of the difference in magnitude of discourse on the topics.
Do you think the difference will remain at this level through the next election cycle?
I think plenty of people see massive amounts of equivalence and are more caught up in other, more urgent piles in Washington’s reinvention of the Augean Stables.
jorts · 7h ago
Sharing details as he has done would put my brother who works for the Navy in the brig. As someone in his role he should know better but he’s only in his role as he will do whatever Trump asks him to. He was a O4, there’s a zero percent chance of him being knowledgeable enough to be competent in his role.
collingreen · 3h ago
He knew better when saying Clinton's behavior amounted to treason.
We don't need to argue about if he knew better; he did, from his own mouth. We need to argue about if it is ok and if it is ok for the people in power to do nothing about it because it's "their team".
At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
CapricornNoble · 3h ago
I know some pretty competent O-4s...but also a TON of mouth-breathing field grade officers too. Hegseth sucks on his own merits (or lack thereof) as a person.
Just as a few examples of adequately-successful SecDefs coming from "unimpressive" paper resumes.
2419410794 · 7h ago
> If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
There are two issues. First, official communications about the workings of government ought to occur on government platforms, so that there's a permanent record for the communication. (As others have mentioned, this is required by the Federal Records Act.)
Second, the Pentagon has limited phone service and limited public internet access by design. The other computers in the office, while for unclassified material, are not (as I understand it) connected to the public internet like Hegseth's personal laptop is.
That said, I have no issue if Hegseth wants to use Signal to make dinner plans with other government officials.
logifail · 7h ago
> First, official communications [..]
Unfortunately the list of politicians who either don't care about records of their communications being properly kept, or who went out of their way to keep their comms "off the books" is long.
We should want to hold all of them to account, not just this one.
JumpCrisscross · 6h ago
> We should want to hold all of them to account, not just this one
We should and do. FBI investigated Clinton because of her emails.
logifail · 4h ago
> FBI investigated Clinton because of her emails.
Correct, and this was the outcome:
[FBI director James Comey said] "Clinton had been 'extremely careless' but recommended that no charges be filed because Clinton did not act with criminal intent, the historical standard for pursuing prosecution"
Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
JumpCrisscross · 4h ago
> Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
Yes, mens rea is a deeply-precedented standard that's a good default.
> Yes, mens rea is a deeply-precedented standard that's a good default
(From the other side the pond) it does seem that legal standards such that one are applied very selectively in the USA, apparently depending heavily on the political leanings of those involved in any (potential) case.
On the other hand, at least you do actually run elections to pick your POTUS, this side of the Atlantic we get the President of the European Commission based on a back-room deal and a Soviet-style "vote" in the Parliament with no choice. To top it off, when she first got the job in 2019, VdL wasn't even a candidate for it during the immediately preceeding European elections.
logifail · 6h ago
> We should and do
The European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
> European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
Sure. They still wound up in court. Hegseth hasn't had to go to court to defend himself because he hasn't even been investigated. You really have to go back to the Austro-Hungarian Empire to find these levels of exploitable ineptitude at the highest ranks of a major military structure.
logifail · 4h ago
> Sure. They still wound up in court.
That case was brought by the New York Times, not any oversight body or investigative function of the EU, which makes it even more cringe-worthy.
"The European Commission faced an embarrassing grilling for almost five hours on Friday as top EU judges cast doubt on the executive’s commitment to transparency on the Covid-19 vaccine negotiations. The EU institution defended itself in a packed EU court in Luxembourg in the so-called Pfizergate case, brought by the New York Times and its former Brussels bureau chief Matina Stevis-Gridneff."
The NYT is presumably welcome to try to take Hegseth to court?
JumpCrisscross · 4h ago
> The NYT is presumably welcome to try to take Hegseth to court?
The Times sued to get Von der Leyen to share information. Hegseth already does that because he's an idiot. To my knowledge, SecDef isn't subject to FOIA in a meaningful way.
logifail · 4h ago
> The Times sued to get Von der Leyen to share information
...and failed
> To my knowledge, SecDef isn't subject to FOIA in a meaningful way
...and as it turned out, neither is VdL.
JumpCrisscross · 3h ago
The case didn't succeed in producing the records. But the process uncovered a lot of shit.
But again, you're comparing non-disclosure to irresponsible disclosure. VdL didn't send highly sensitive scramble times to a rando.
logifail · 3h ago
(With apologies if this appears provocative)
Is there evidence that SECDEF 'acted with criminal intent'?
We've already clarified that '[being] extremely careless' is not enough for a court case.
[I have a mental picture of a Venn diagram with three circles: "Politicians", "Idiots" and "Criminals"...]
JumpCrisscross · 2h ago
> Is there evidence that SECDEF 'acted with criminal intent'?
Tough to say if there’s no investigation!
> We've already clarified that '[being] extremely careless' is not enough for a court case
Investigation.
jandrewrogers · 7h ago
The issue is much deeper and more concerning. They’ve been using Signal like this across multiple administrations because the “official” tools are broken to the point of being almost useless. Signal has been one of the major workarounds.
It isn’t enough to say “don’t use Signal”, at some point they need to address the reality that there are no functional alternatives.
patrickhogan1 · 8h ago
Bingo. If a hacker did this it would be understood as a sign that the comms aren’t secure and praised. He was clearly briefed on Salt Typhoon.
The thing I am more bothered by is why would he take a picture of his desk, thereby narrowing the attack profile.
h4ck_th3_pl4n3t · 6h ago
Regarding Signal:
Check out what happened to the Signal FOSS fork.
Then check out what Molly is doing, and why.
Personally I'd favor Briar over Signal any day.
2419410794 · 7h ago
> Has Congress made it illegal to use an off-brand messaging app for secure communications?
Yes. The law requires that classified information be handled under certain standards.
> _Why_ is it insecure?
Classified data is being transmitted on an unsecured device. If Hegseth's personal phone has Uber, Tinder, ... whatever apps installed, that software is running on a device that's contains national secrets.
Systems which handle classified data are meant to be airgapped from the normal internet/normal software.
The issue is not that signal is insecure, but rather that sensitive government information demands additional precaution (e.g. airgapping).
There's a separate issue that there are legal requirements for maintaining records of government communication. Using a personal device (especially with disappearing messages) is illegal since it doesn't maintain this documentation.
Additionally, classified information is tracked to see who read it and when. In the event of a security leak, this can help isolate where the leak happened. If the information gets posted on Signal, then there's nothing more that can be tracked.
> For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
That's not the way rule of law works. The Secretary of Defense doesn't get to _decide_ we're doing things differently now. His actions, as well as the actions of his staff, are bound by the laws that congress has passed.
> We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
The onus should not be on the general public to convince the Secretary of Defense to adhere to bog standard requirements for handling sensitive information. If he has an idea, "I think using Signal on my personal phone to discuss imminent military actions is better than using a secure line," he could push that idea forward. Have the Pentagon's security staff evaluate the idea. Instead, he simply did it.
vkou · 2h ago
Anyone in the military who did this, and didn't have the president personally protecting him would be cooling his heels in an 8x8 cell in Fort Leavenworth for a very long time.
SubiculumCode · 7h ago
The issue is that it has all been done with great incompetence, and with apparent glorification of ignorance as a sign of bravado. I, for one, want serious people in charge of my defense, not sycophants more concerned with their stage makeup, hair, fitted suit, and with 'owning the libs' than defending our nation.
curiousgal · 8h ago
> help coordinate our national defense
I mean, thinking the DoD is actually defending the U.S. is where you went wrong. The stakes are so incredibly low that none of this actually matters.
I’m guessing that’s the product in question: https://www.vertiv.com/490454/globalassets/products/monitori...
I was thinking of encrypting a secret in the structure of a Rust program so it can only be decrypted by compiling and running it.
Public key encryption, like Signal uses, offers good security for most purposes. e.g. It's fantastic for credit card transactions. The problem with using it for transmitting state secrets is that you can't rely on it for long-term secrecy. Even if you avoid MITM or other attacks, a message sent via Signal today could be archived in ciphertext and attacked ten years from now with the hardware/algorithms of ten years in the future. Maybe Signal's encryption will remain strong in ten years. Maybe it will be trivial to crack. If the secrets contained in that message are still sensitive ten years from now, you have a problem.
Anything sent with Signal needs to be treated as published with an unknown delay. If you're sharing intelligence with the U.S., you probably shouldn't find that acceptable.
Oddly they have thought of that already, to the point all encryption systems in use in the gov are thought of in these terms.
All that matters are the different assumed times to publication (weeks to years), and then treating the strength of measures involved differently based on what is reasonable for the given use.
If you absolutely need something to never be published then encryption isn't the solution, and nor are computers generally.
Also, to be clear, Signal doesn't use public-key cryptography in the naive way (i.e. to encrypt/decrypt messages) as was/is possible with RSA. It uses asymmetric key pairs to first do a Diffie-Hellman key exchange, i.e. generate ephemeral symmetric keys, which are then used for encryption/decryption. This then also guarantees forward secrecy, see https://signal.org/blog/asynchronous-security/ . (Add to that they incorporate an additional post-quantum cryptographic scheme these days, and I'm probably omitting a lot of other details.)
For their use case, which requires communication between two (or more) arbitrary users who never communicated before among millions of users, running on cheap commodity hardware over wireless connectivity to the internet.
Leaving encryption aside, looking only at the network level, the DoD is capable of using a dedicated fiber line. Or rather a parallel fiber infrastructure.
Edit: I didn't state something perhaps I should have. Symmetric key is considered more secure because public key is more complicated so more room for side channel mistakes, and the computation needes to break public keys doesn't scale as fast with key size. I am not an expert but that is what I've read.
Forcing the reader to parse thru the literary devices in order to get to the argument weakens the argument.
You shouldn't share state secrets with the US. They will be on or transferred between misconfigured cloud accounts. Some agency will eventually get authorization for analysis of them with an intention of financial espionage. The probable or confirmed loss of them will serve as a plausible deniability for the US when it misuses them.
Right, but this is nothing new: Hegseth is only a recent example of Trump's camp mishandling sensitive docs; I'll bet there's been an inner secret Four Eyes group since the the Mar-a-Lago bathroom official-document-archive story dropped years ago.
What surprises me is that I expected Tulsi Gabbard to be the centre of mishandling allegations, not SecDef.
It is clear there is a gap between how people imagine this works, or should work in theory, and how it actually works.
For lunch orders and office softball schedules. Not top secret information.
Because competence is a disqualifying attribute in the kakistocracy known as the Republican Party.
(The recent cringe inducing Deniro series comes to mind)
I would like to see someone take up the idea of Canamerimex Union in a movie for kicks -- that is, the idea of Canada, California and Mexico forming a union on the west coast (and maybe continuing down the east coast, with Canada bridging both coasts)
There is a significant difference though which even Veep didn't predict - the people in Veep were still riding in the well-oiled deep-state car, while those clowns today is actively destroying that car.
Wrt. clowns - note that the most important Hegseth's staffer is his wife who was his producer back at Fox and basically does the same for him at the Pentagon.
I suspect this is somewhat common in history (this is not meant to excuse it), but we can’t tell because those people still wrote the narrative.
Can threaten authors with treason for negative books like he did in an EO recently. Change school curriculums. Then Maga can start revising history..
Was the 2025 recession from tarrifs? Nah it was Biden's inflation, or Ukraine aid. Actually.. didn't China impose tarrifs on US and US just reciprocated?
The reality will be altered and murky
I see this claim form time to time, but the unsavory side of WW2 is thought in classes, although not without controversy [1]:
Despite the efforts of the nationalist textbook reformers, by the late 1990s the most common Japanese schoolbooks contained references to, for instance, the Nanjing Massacre, Unit 731, and the comfort women of World War II, all historical issues which have faced challenges from ultranationalists in the past. The most recent of the controversial textbooks, the New History Textbook, published in 2000, which significantly downplays Japanese aggression, was shunned by nearly all of Japan's school districts.
On the other hand, after the occupation, GHQ had imposed a press code [2], i.e. censorship of mass media, that undoubtedly had an impact on postwar Japan, so you could say that the point still stands.
[1] https://en.wikipedia.org/wiki/Japanese_history_textbook_cont...
[2] https://www.hiroshimapeacemedia.jp/?p=139387
For a High-Tech President, a Hard-Fought E-Victory
For more than two months, Mr. Obama has been waging a vigorous battle with his handlers to keep his BlackBerry, which like millions of other Americans he has relied upon for years to stay connected with friends and advisers. (And, of course, to get Chicago White Sox scores.)
He won the fight, aides disclosed Thursday, but the privilege of becoming the nation’s first e-mailing president comes with a specific set of rules.
“The president has a BlackBerry through a compromise that allows him to stay in touch with senior staff and a small group of personal friends,” said Robert Gibbs, his spokesman, “in a way that use will be limited and that the security is enhanced to ensure his ability to communicate.”
[...]
The presidency, for all the power afforded by the office, has been deprived of the tools of modern communication. George W. Bush famously sent a farewell e-mail address to his friends when he took office eight years ago.
While lawyers and the Secret Service balked at Mr. Obama’s initial requests to allow him to keep his BlackBerry, they acquiesced as long as the president - and those corresponding with him - agreed to strict rules. And he had to agree to use a specially made device, which must be approved by national security officials.
https://www.theguardian.com/us-news/2016/sep/02/hillary-clin...
Because there was a difference in conduct. Obama consulted "lawyers and the Secret Service," "agreed to strict rules" and "use[d] a specially made device...approved by national security officials." Hegseth yelled YOLO before effectively tweeting target co-ordinates for our warbirds.
People will talk about "politicians being incompetent", or act like actually anyone who has ever been in the office was like this. It's a pretty close and comforting way to deal with the reality of supporting a fraud without having to admit that you were duped.
What is the faulty reasoning here? Apart from "My side good, your side bad."
My position - for many years - is that government is immoral, and the people who serve in it are the worst; I don't have a preference between blue or red.
Maybe you're going to find out how much more immoral warlordism is. "Not having a government at all" is a weird fantasy of teenagers.
(the really odd combo is people who hold both the "government is immoral, especially the US federal government" and the "the US federal government should go to war with China" combo, which a few moments thought will show the contradiction)
At least I won't have to pretend that the coercion and theft is actually moral and good, right? At least I won't have to doublethink myself, turn myself inside out to justify the unjustifiable.
Ackonwledging the problem (immoral government) is just the first, esxential step towards making an actual difference. Why continue to pour in more effort to support an already failed system?
Of course you will. Not praising the warlord as moral and good will result in real physical consequences for disloyalty, maybe even summary death. As opposed to saying the same thing on HN when just your position is attacked.
In other words, you prefer red, but prefer not to admit it.
Lazy nihilism doesn't belong exclusively to one party.
No.
I invite you to look into my historical comments: https://news.ycombinator.com/threads?id=verisimi
https://news.ycombinator.com/newsguidelines.html
"Some of the classified emails found on former secretary of state Hillary Clinton’s home server were even more sensitive than top secret, according to an inspector general for the intelligence community."
even bush fooled everyone he was literate (save from the two times he held books upsidedown) while in office.
"Shadow Home Secretary Diane Abbott has apologised after a photo emerged of her sipping a can of M&S mojito on a London Overground train."
Meanwhile in Australia, the opposition leader visited a pub during his campaign and the crowd yelled at him to drink a beer out of his shoe.
At some level of wealth you reach a point where no one can get to you physically. You're completely physically safe and isolated and can't be hurt. That means that the only way someone can get to you is through communicating with you and making you hurt yourself.
That means that social media is your only weakness. This is how adversaries can affect your plans and goals and disrupt your mind. Yet so many of these people seem so oblivious to this and are as terminally online as your average 4channer or facebook mom.
Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
They're online because their followers are online. Social media may be the actual lead pipes to our empire [1].
So yes, they are absolutely weaker than leaders with digital hygiene. But the reason they're there is because the American public is similarly weaker.
[1] https://penelope.uchicago.edu/~grout/encyclopaedia_romana/wi...
In America, the lead pipes of their empire are the literal lead pipes still in use all over the country.
I think that direct connection is particularly attractive to the right kind of narcissist. Might be the best drug they've ever had.
This definitely is not true, and billionaires know it’s not true. Hence Bezos’ extensive work with the “gift of fear” guy, and Elon’s complaints about tracking his airplane, etc.
In fact the physical paranoia of the extremely wealthy is what isolates them, and arguably that is what is attractive about social media: they can interact socially without physical risk.
All that said, Hegseth is not super rich. He was a mildly successful TV personality before becoming SecDef.
Title:”0-click deanonymization attack targeting Signal, Discord, other platforms”
Maybe not 0-click anymore, but still applies if the user browsing the internet.
Signal’s protocol secures the message in transit. But their desktop app may or may not have client-side vulnerabilities. And if he clicks a link, you’re out of Signal and into the browser. If the link downloads a file, you’re into the OS.
https://news.sky.com/story/trumps-fixer-was-made-to-wait-eig...
His personal PC? Send Big Ballz his way to do some upgrades
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...
maybe a free Starlink dish
https://www.nytimes.com/2025/03/17/us/politics/elon-musk-sta...
Get me inside the minds of these freaks.
1) DoD and other departments have either tacitly or explicitly approved the use of Signal for internal matters for several years now, with proper opsec.
2) You cannot govern exclusively from a SCIF, hence 1.
1) He is avoiding some sort of corrupt signals intelligence folks from knowing what he's working on.
2) He is avoiding the government catching him in some corruption by avoiding the official records act.
Anything else?
Or the same reason I have Whatsapp - communication in my social groups happens there, and if I don't have it I get left out.
Your explanations assume there is some deeper meaning, looking at the tradeoffs for each communication platform, and then coming to some rational conclusion. I don't think there's much evidence for that.
The people around trump just happen to be used to using signal to communicate, and if Pete doesn't get on board he gets left out.
We have to assume malicious intent. These people could start a nuclear war. They get zero flexibility or grace.
During the UK Covid-19 enquiry into gov decision making at that time it came to light that most of the UK cabinet were co-ordinating via Whatsapp groups. Again, I'm not a fan of Boris and Dom Cummings but this makes some sort of sense to me. I recognise the need for government teams to have quick convenient chat available to them. Things move too fast these days to wait for the next cabinet meeting or to arrange things via a series of phone calls.
Similarly we can look back to Obama having to fight to keep his Blackberry in 2009 https://www.nbcnews.com/id/wbna28780205
That 20 year old tech is simply more secure... specifically because it is less convenient. By doing things the way they do them they can enforce access to desired levels of security by controlling physical access to the equipment. With something like Signal, that access is entirely the responsibility of the user. The user will inevitably mess that up, particularly when things get exciting. ... and Signal is not even really all that good at preventing the user from messing the identity thing up.
* https://articles.59.ca/doku.php?id=em:sg (my article)
And unarchived. It's very convenient to not have to do things in meetings with minutes where people might later question your decisions. Or report them to the police.
Do you know at all or are you just relying completely on your imagination to justify the Trump admin's actions?
Yours truly, DPRK.
1. The Defense Department bans the use of Signal for everybody else. Why is that? Why is the Secretary exempt?
2. As we've seen it's pretty easy to add unauthorized people to what should be secure communication channels where classified information is shared; and
3. There are laws around the preservation of governmental records. Expiring Signal messages seems like it's intentionally meant to circumvent these legal requirements ie it's illegal.
We're only 100 days in. We've got 1200 more days of this.
NB: I’m not arguing that this change in policy was done after a careful Chesterton’s Fence analysis and weighing of all relevant factors, but it would seem stranger if a new leader couldn’t change any policies than if they can.
Same place everyone else is now. Nobody cares about the flagrant violations by the executive. This is the foxes walking around freely now.
... but unlike Signal, SDC respects laws requiring accurate record-keeping. And that's why this bunch of lawbreakers want to use Signal. They want to evade any and all accountability once this administration is over.
This has never been the case; JFK appointed his little brother AG. The problem is that the Congress should be investigating and prosecuting the president but will not.
Independence of the Justice Department has been the norm since and because of Watergate.
For all the hate Trump gets, it’s Congress who’s created and who props up this monarchy.
https://www.scrippsnews.com/politics/president-trumps-first-...
https://www.cnn.com/2025/04/06/politics/cornyn-texas-senate-...
This list will contain more examples:
https://en.wikipedia.org/wiki/List_of_Republicans_who_oppose...
How can he do these things?
Turns out they all could've, they just chose not to.
Maybe we should strengthen the checks and balances, and Congress shouldn't abdicate ANY of its authority to the president. Maybe the system should work how it's supposed to instead of how is easiest.
Everyone in this administration has to know they’re spending the decade after Trump in front of the Congress and various investigators.
On the other hand trump isn't very loyal to his people so far - remember the wasteland of trump advisors and officials in the first term getting convicted of various frauds without getting pardoned (or the lawyer on tape saying he needs a pardon for trying to overturn the election and him not getting it).
Not that it matters but I don't think Biden gave a blanket pardon to his entire staff I think he pardoned people who he thinks are dangerously and unfairly targeted by some extreme media like fauci and Bidens son hunter.
At the end of the day pretty much all of the limits of presidential power come from restraint, especially (but not exclusively) in todays world of a tame judiciary. If the president cares about or wants to be seen as caring about the rule of law it is a bad look to wantonly disregard it too often.
Yes, there are a lot of folks who want to believe everything their chosen guy does is absolutely right but realistically each bad thing chips away at their ability to ignore the evidence. I know several people who have lost faith in trump as the evidence continues to absolutely pile up that he doesn't match the values they were told to appreciate (rule of law, respect for the constitution, human rights, fairness, Christian values, intelligence). If he gives a blanket pardon to everyone that worked for him a few more people will say "wait, maybe the other side was right and this IS a huge abuse" so it's possible, especially if we continue to have elections, that we won't see this kind of thing.
https://en.wikipedia.org/wiki/Petraeus_scandal
He was fired the day after it reached Obama's desk, and eventually got a slap on the wrist and two years' probation.
Overall, yes let's please investigate and appropriately punish wrongdoing at all levels.
I personally started using signal some time around 2018 and I'm sure there were millions of users by the time Biden began his term.
If someone gave me a whole set of locked down _windows_ computers and a bunch of achaic phone lines and told me to use them in 2025, I’d also try to circumvent such inconvenience.
Not to pick on this in particular – nearly all the reporting on this starts and ends with "Signal is insecure" as if that was all it took to be wrong. And in other eras, that was enough.
The man likes Signal. For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
There's so many questions I genuinely don't have an answer for...
Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
https://en.wikipedia.org/wiki/Presidential_Records_Act
Here, his signal comms are likely top secret and we would have no way of knowing if his office followed the legally allowed step of forwarding after the fact for many years.
Real-time might be nice but there's value in reading material at this level with almost any delay.
In 1949 a US counter-intelligence program(me), the Venona project[1] decrypted Soviet cables from 1945 which made it almost certain the First Secretary to the British Embassy in Washington DC [2] was a Soviet asset. That wouldn't have happened if the Soviets hadn't misused their channels of communication.
[1] https://www.osti.gov/opennet/manhattan-project-history/Event... [2] https://en.wikipedia.org/wiki/Kim_Philby
> Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
Is your point that, in the space of your own lack of knowledge, that reasonable rational may exist? Could you share what gives you trust in this administration to be so generous?
My point is that “make liberals sad” is also a stated policy goal of this administration.
I think this article is about one of two things…either there is a possibility that SecDef using Signal represents an ongoing, material national security crisis that should be a concern for all Americans…or it’s really the author grieving for a time when they felt safer because the strict protocols of confidentiality signaled (pun intended) a sense of seriousness about government secrets.
If this is a material security threat, I need a lot of writers to explain why because most people don’t know. If it’s a sad liberal, the result will be counter-productive and large numbers of people-in-power will read this article as a win for their team.
https://abcnews.go.com/Politics/timeline-key-figures-found-l...
I think SecDef Hegseth is actually an even bigger disaster than SecDef Austin. That said....I think the Deep State/ military industrial complex/ Israel lobby is trying to get Hegseth fired because he's one of the Big 3 (Vance/Hegseth/Gabbard) opposed to going kinetic with Iran. But he's making it really easy for his adversaries, because he legitimately sucks at some foundational skills for management at his level.
Because personal smartphones aren't considered secure for protecting classified information. Signal in and of itself might be fine when used properly, but it doesn't matter when the underlying platform is consumer-grade security. The risk of side-channel attacks is astronomical.
>My point is that “make liberals sad” is also a stated policy goal of this administration.
>If it’s a sad liberal, ...
I'm not sure any of that furthers whatever argument you're trying to make. Signal being used in that manner didn't only violate a myriad of established protocols, but it was straight up illegal on top of it. In any normal political climate we would've seen resignations from day one, regardless of party.
- one side ignored Clinton using a private server as sec of state
- this one ignores using Signal
I haven’t seen arguments about what the standard is supposed to be or why this in particular is egregious. That would be more convincing than hyperventilating.
Edit:
If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
I don’t follow the allegation its mere presence is problematic, when discussing general communications with other parts of the administration. Especially when accessed via separate/dedicated machine (distinct from secured systems).
If you want to talk about the specifics of, eg, the Yemen war plans then do that — but this article does not.
The DoD kit makes it a little bit harder to add randos to chats where one needlessly posts tactical air strike details.
I hold this position and I don't think it's uncommon. Plenty of people think if something is wrong then it doesn't matter who does it.
There's definitely perception bias. Usually conversations are short when we're in agreement. Doesn't create engagement. Doesn't make for good news
So, maybe 10 of you care, but the assymetry is beyond apparent.
For that matter, I remember when Obamas tan suit was horrible unpresidential infraction amd lack of respect. Same people voted for Trump not a peep about respectability.
Do you think the difference will remain at this level through the next election cycle?
I think plenty of people see massive amounts of equivalence and are more caught up in other, more urgent piles in Washington’s reinvention of the Augean Stables.
We don't need to argue about if he knew better; he did, from his own mouth. We need to argue about if it is ok and if it is ok for the people in power to do nothing about it because it's "their team".
At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
SecDef Lovett only rose to O-4 before going into the NYC business community and then becoming a Special Assistant to SecWar Stimpson in 1940. https://history.defense.gov/Multimedia/Biographies/Article-V...
SecDef McElroy came up through Proctor & Gamble, no government or military experience. https://history.defense.gov/Multimedia/Biographies/Article-V...
Just as a few examples of adequately-successful SecDefs coming from "unimpressive" paper resumes.
There are two issues. First, official communications about the workings of government ought to occur on government platforms, so that there's a permanent record for the communication. (As others have mentioned, this is required by the Federal Records Act.)
Second, the Pentagon has limited phone service and limited public internet access by design. The other computers in the office, while for unclassified material, are not (as I understand it) connected to the public internet like Hegseth's personal laptop is.
That said, I have no issue if Hegseth wants to use Signal to make dinner plans with other government officials.
Unfortunately the list of politicians who either don't care about records of their communications being properly kept, or who went out of their way to keep their comms "off the books" is long.
We should want to hold all of them to account, not just this one.
We should and do. FBI investigated Clinton because of her emails.
Correct, and this was the outcome:
[FBI director James Comey said] "Clinton had been 'extremely careless' but recommended that no charges be filed because Clinton did not act with criminal intent, the historical standard for pursuing prosecution"
Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
Yes, mens rea is a deeply-precedented standard that's a good default.
[1] https://en.wikipedia.org/wiki/Mens_rea
(From the other side the pond) it does seem that legal standards such that one are applied very selectively in the USA, apparently depending heavily on the political leanings of those involved in any (potential) case.
On the other hand, at least you do actually run elections to pick your POTUS, this side of the Atlantic we get the President of the European Commission based on a back-room deal and a Soviet-style "vote" in the Parliament with no choice. To top it off, when she first got the job in 2019, VdL wasn't even a candidate for it during the immediately preceeding European elections.
The European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
https://www.theguardian.com/commentisfree/2025/feb/10/i-aske...
https://www.politico.eu/article/ursula-von-der-leyen-eu-comm...
Outcome? A(nother) nothingburger.
Sure. They still wound up in court. Hegseth hasn't had to go to court to defend himself because he hasn't even been investigated. You really have to go back to the Austro-Hungarian Empire to find these levels of exploitable ineptitude at the highest ranks of a major military structure.
That case was brought by the New York Times, not any oversight body or investigative function of the EU, which makes it even more cringe-worthy.
"The European Commission faced an embarrassing grilling for almost five hours on Friday as top EU judges cast doubt on the executive’s commitment to transparency on the Covid-19 vaccine negotiations. The EU institution defended itself in a packed EU court in Luxembourg in the so-called Pfizergate case, brought by the New York Times and its former Brussels bureau chief Matina Stevis-Gridneff."
The NYT is presumably welcome to try to take Hegseth to court?
The Times sued to get Von der Leyen to share information. Hegseth already does that because he's an idiot. To my knowledge, SecDef isn't subject to FOIA in a meaningful way.
...and failed
> To my knowledge, SecDef isn't subject to FOIA in a meaningful way
...and as it turned out, neither is VdL.
But again, you're comparing non-disclosure to irresponsible disclosure. VdL didn't send highly sensitive scramble times to a rando.
Is there evidence that SECDEF 'acted with criminal intent'?
We've already clarified that '[being] extremely careless' is not enough for a court case.
[I have a mental picture of a Venn diagram with three circles: "Politicians", "Idiots" and "Criminals"...]
Tough to say if there’s no investigation!
> We've already clarified that '[being] extremely careless' is not enough for a court case
Investigation.
It isn’t enough to say “don’t use Signal”, at some point they need to address the reality that there are no functional alternatives.
The thing I am more bothered by is why would he take a picture of his desk, thereby narrowing the attack profile.
Check out what happened to the Signal FOSS fork.
Then check out what Molly is doing, and why.
Personally I'd favor Briar over Signal any day.
Yes. The law requires that classified information be handled under certain standards.
> _Why_ is it insecure?
Classified data is being transmitted on an unsecured device. If Hegseth's personal phone has Uber, Tinder, ... whatever apps installed, that software is running on a device that's contains national secrets.
Systems which handle classified data are meant to be airgapped from the normal internet/normal software.
The issue is not that signal is insecure, but rather that sensitive government information demands additional precaution (e.g. airgapping).
There's a separate issue that there are legal requirements for maintaining records of government communication. Using a personal device (especially with disappearing messages) is illegal since it doesn't maintain this documentation.
Additionally, classified information is tracked to see who read it and when. In the event of a security leak, this can help isolate where the leak happened. If the information gets posted on Signal, then there's nothing more that can be tracked.
> For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
That's not the way rule of law works. The Secretary of Defense doesn't get to _decide_ we're doing things differently now. His actions, as well as the actions of his staff, are bound by the laws that congress has passed.
> We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
The onus should not be on the general public to convince the Secretary of Defense to adhere to bog standard requirements for handling sensitive information. If he has an idea, "I think using Signal on my personal phone to discuss imminent military actions is better than using a secure line," he could push that idea forward. Have the Pentagon's security staff evaluate the idea. Instead, he simply did it.
I mean, thinking the DoD is actually defending the U.S. is where you went wrong. The stakes are so incredibly low that none of this actually matters.