"To be clear, this is not to suggest that in similar circumstances, a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now."
...no it isn't? Whataboutism is when you redirect attention from issue #1 to unrelated issue #2 in an attempt to change the conversation topic: "forget that, look at this!"
OP's comment was pointing out the similarities between issue #1 and issue #2. There's no dismissal.
The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Public key encryption, like Signal uses, offers good security for most purposes. e.g. It's fantastic for credit card transactions. The problem with using it for transmitting state secrets is that you can't rely on it for long-term secrecy. Even if you avoid MITM or other attacks, a message sent via Signal today could be archived in ciphertext and attacked ten years from now with the hardware/algorithms of ten years in the future. Maybe Signal's encryption will remain strong in ten years. Maybe it will be trivial to crack. If the secrets contained in that message are still sensitive ten years from now, you have a problem.
Anything sent with Signal needs to be treated as published with an unknown delay. If you're sharing intelligence with the U.S., you probably shouldn't find that acceptable.
Signal’s encryption algorithm is fine. The problem is the environment in which it runs: a consumer device connected to the general internet (and it’s hard to believe that someone who does this installs patches promptly). He’s one zero day or unwise click away from an adversary getting access to those messages and potentially being able to send them. Signal’s disappearing message feature at least helps with the former risk but runs afoul of government records laws.
The reason why the policies restrict access to government systems isn’t because anyone thinks that those systems are magically immune to security bugs, but that there are entire teams of actually-qualified professionals monitoring them and proactively securing them. His phone is at risk to, say, a dodgy SMS/MMS message sent by anyone in the world who can get his number, potentially not needing more than a commercial spyware license, but his classified computer on a secure network can’t even receive traffic from them, has locked down configuration, and is monitored so a compromise would be detected a lot faster.
That larger context is what really matters. What they’re doing is like the owner of a bank giving his drunken golf buddy the job of running the business, and the first thing he does is start storing the ledger in his car because it’s more convenient. Even if he’s totally innocent and trying to do a good job, it’s just so much extra risk he’s not prepared to handle for no benefit to anyone else.
>> The problem is the environment in which it runs
Too deep. The problem is the physical environment, the room in which the machine displays the information. Computer and technological security means nothing if the information is displayed on a screen is in a room where anyone with a camera can snap a pic at any time.
That’s valid in general, but in the specific case being discussed is an official military facility with strict access control and I would assume it’s regularly checked for bugs.
Even if Signal's encryption implementation is secure, the device on which it is running probably doesn't satisfy TEMPEST requirements. Most consumer crypto is vulnerable in some way to a side-channel attack.
None of that matters if Signal is running on what is effectively a personal device connected to the internet. That device is now the weak link and is what intelligence agencies in many countries are now probably trying to get into.
Exactly. And Pegasus is what we know about. I'm sure there's plenty we don't know about that's used for more high profile targets, like former Fox News hosts.
Signal's crypto is quite good. The problem with it is that it has zero authorization functionality, otherwise the government could use something like Signal internally. The lack of military-grade IM solutions is a problem.
What other type of encryption would you use for state secrets? You seem to be implying that governments and three-letter agencies use some vastly superior cryptographic scheme, whereas AFAIK Signal is as close to the state of the art as it gets.
Also, to be clear, Signal doesn't use public-key cryptography in the naive way (i.e. to encrypt/decrypt messages) as was/is possible with RSA. It uses asymmetric key pairs to first do a Diffie-Hellman key exchange, i.e. generate ephemeral symmetric keys, which are then used for encryption/decryption. This then also guarantees forward secrecy, see https://signal.org/blog/asynchronous-security/ . (Add to that they incorporate an additional post-quantum cryptographic scheme these days, and I'm probably omitting a lot of other details.)
> Signal is as close to the state of the art as it gets.
For their use case, which requires communication between two (or more) arbitrary users who never communicated before among millions of users, running on cheap commodity hardware over wireless connectivity to the internet.
Leaving encryption aside, looking only at the network level, the DoD is capable of using a dedicated fiber line. Or rather a parallel fiber infrastructure.
Poking around it seems like pre shared keys are used for the secure stuff, so no public keys, no rsa. It isn't that signal isn't state of the art, it just makes compromises for usability.
Edit: I didn't state something perhaps I should have. Symmetric key is considered more secure because public key is more complicated so more room for side channel mistakes, and the computation needes to break public keys doesn't scale as fast with key size. I am not an expert but that is what I've read.
It get exponentially difficult to add more qubits so it's not a given that we will be able to build one large enough to be a real threat to modern cryptography.
came here to say similar. GGP is another great example of hn people jumping in to make comments without having even a basic understanding of what they're talking about. Frustrating as it spreads misinfo about security which is the last thing we need.
Isn't that true for basically everything though? I'm not familiar with what other encrypted messaging systems security agencies use, but either (1) they store ciphertexts that can in theory be attacked later or (2) they delete their data after some time, but signal has that option was well.
Obviously using signal here is a terrible opsec failure, I'm just not sure how what you are saying changes anything
I worked at a videoconferencing hardware/software company. We provided systems to USA government offices like the NSA and State Department and provided an input for which they gave us hardware specs but told us nothing else, the customer did the final testing on it to make sure it worked as specified. We assumed it was for some sort of encryption method of which they revealed to us as little as possible, the hardware engineers who saw it tested only saw a large, portable black box. Otherwise our system used the standard encoding/decoding methods of the day in the 1990s.
The most secure method of communication is a one-time pad, a pre-shared private key.
"A one-time pad (OTP) is considered theoretically the most secure method of communication — when it’s implemented correctly. That means:
1. The key (pad) is truly random.
2. The key is at least as long as the message.
3. The key is used only once.
4. The key is securely shared in advance and kept completely secret.
When all these conditions are met, a one-time pad provides perfect secrecy — an eavesdropper cannot learn anything about the message, even with infinite computing power."
There are significantly fewer concerns about symmetric encryption, and while it doesn't scale to the size or budget of a service like Signal, it's exactly the type of thing the military is good at:
Distribute a bunch of physical artifacts (smartcards) across the globe; guard a central facility (a symmetric key exchange center) extremely well etc.
The military can also afford to run its (encrypted or plaintext) communications over infrastructure it fully controls. The same isn't true for a service provided out of public clouds, on the public Internet.
> Anything sent with Signal needs to be treated as published with an unknown delay.
Oddly they have thought of that already, to the point all encryption systems in use in the gov are thought of in these terms.
All that matters are the different assumed times to publication (weeks to years), and then treating the strength of measures involved differently based on what is reasonable for the given use.
If you absolutely need something to never be published then encryption isn't the solution, and nor are computers generally.
It's the entire mandate of the NSA's Utah Data Center. Archive all the world's encrypted data until such a time as it can be decrypted when either the algorithms have been cracked or machines are powerful enough to brute-force.
You shouldn't share state secrets with the US. They will be on or transferred between misconfigured cloud accounts. Some agency will eventually get authorization for analysis of them with an intention of financial espionage. The probable or confirmed loss of them will serve as a plausible deniability for the US when it misuses them.
> Even if you avoid MITM or other attacks, a message sent via Signal today [...]
That's not the threat model. The threat model is that Signal is a tiny LLC making an app on behalf of a foundation and open source software project. It's a small group of human beings.
Small groups of human beings can be coerced or exploited by state-level actors in lots of ways that can't feasibly be prevented. I mean, if someone walks up to you and offers $2M (or blackmails you with whatever they found in your OneDrive, etc...[1]) to look the other way while you hand them your laptop, are you really going to say no to that keylogger? Would everyone?
At scale, there are auditing techniques to address this. The admins at e.g. github are (hopefully) not as vulnerable. But Signal is too small.
[1] Edit: Or, because let's be honest that's the scale we're playing at: straight up threatens to Novichok you or your family.
> The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Right, but this is nothing new: Hegseth is only a recent example of Trump's camp mishandling sensitive docs; I'll bet there's been an inner secret Four Eyes group since the the Mar-a-Lago bathroom official-document-archive story dropped years ago.
What surprises me is that I expected Tulsi Gabbard to be the centre of mishandling allegations, not SecDef.
It would be gauche to attack Tulsi Gabbard, because you would have to start with her connections Russia's Assadist interests and to RT & the Russian web brigades, and we have established (we voted on it) that any connection to Russia is Old News and Not A Big Deal and Hillary's Dirty Tricks. But Hegseth? Hegseth leaked something to The Atlantic. A far greater threat than Russia.
Even before thus, Ukraine learned painfully that it shouldn't share every plan and every detail with the US. It kind of looks like a sad, self-fulfilling proficy. Ukraine makes a plan, some details get leaked state side, plan goes disastrously. Ukraine plans another operation, doesn't say anything, the plan goes off ok. The US feels betrayed and Ukraine looks like an ungrateful ally abusing trust, the relationship is strained. The election happens and Trump points at how they're a bad partner yadda yadda. Ukraine is blamed for the outcome of what is originally an American problem, the US leaking like a sieve.
Signal has been used widely in US intelligence for many, many years. Nothing about this is new, though perhaps people that never paid attention are just now becoming aware of it. As for the rest of Five Eyes, they use WhatsApp the same way. I’m not sure that WhatsApp would be considered an improvement.
It is clear there is a gap between how people imagine this works, or should work in theory, and how it actually works.
This is a factually incorrect and very naive take. The same topic has been in the news in European countries too about the widespread use of WhatsApp when discussing secret information. It isn’t just the US government, everyone is doing it.
They're paying attention to Signal now because Hegseth doesn't know his ass from his elbow when it comes to tech and secrecy, instead acting like someone who has watched too many action films and thinks those are just like real life. The problem is not Signal. The problem is incompetence. Plain and simple. Because he blindly added persons to the group that probably didn't belong there, we now have the infamous "we have OPSEC" line, but instead of questioning why this idiot still has a job anywhere near the intelligence agencies, we're wasting our breath scrutinizing what is easily one of the best opens for secure comes if the user understands how it works.
I feel bad for the Signal devs. If they weren't personally targets for state level actors before, they are now.
Say what you want about the usability of DoD home grown solutions, but it was a military system backed up by military budgets and guns - civilians are less likely to be collateral damage in an attack against these systems.
Now, all the civilians using Signal are potential splash damage casualties in a military conflict.
I also suspect Signal does not have the budget, staffing, or desire to serve as a front line soldier in a cyber war; but this exposes them to military-grade risks, whether they like it or not.
Valid concerns about op-sec and personal responsibility aside, I think this is another example of why "security at the expense of usability comes at the expense of security". Official DoD communications equipment sucks, so people use the less secure, more usable encrypted communications platform when they feel they can get away with it.
Maybe the DoD should work on developing some internal Android and Signal forks that focus on adding additional critical security controls without impacting usability. There's an obvious desire path here.
That's possible I suppose, but do you have any evidence of that or is it just your personal biases causing you to assume the worst motivation you can imagine must be the correct one?
I know personally that given the choice I'd probably rather use Signal than whatever messaging system the DoD contractors managed to come up with. And private conversations between senior military officials over encrypted DoD communication channels probably aren't FOIAable anyway.
> That's possible I suppose, but do you have any evidence of that
Yes, in the chat where a reporter was accidentally present, many of the messages were set to be disappearing. I don't know why anyone would do that if not to avoid recordkeeping laws.
> The images of the text chain show that the messages were set to disappear in one week.
Oddly, the Project 2025 training videos that presumably the members of the executive cabinet have seen say _not_ to delete messages or set messages to auto-deleting _because_ that would be in violation of federal record keeping legislation.
The dude has a staff of 30 people who's whole job is to connect him to literally anyone he wants to communicate with -- you're telling me that the usability of concierge service with more than two dozen staffers is inferior to using signal in a building with shitty cell service?
a) beaurocrats' real comms setups (3 telephones, four monitors all sitting on the desk – versus mounted on arms/wall) full of clutter and sitting on an anachronism of a wood desk
and b) what you'd see in any "spy" movie with dark-mode graphics displaying fancy l33t charts displayed on quad-monitor setups mounted on arms, probably in a low-light setting and the beaurocrat doesn't look at the "small" monitors himself, his cronies do that, the only monitor he looks at is the single 136" on the wall used for teleconferencing with villains
If you're going to put a guy in charge who is completely unqualified and has a history of alcohol abuse you should at least make sure he's competent. It's actually very grating to see someone operating at this highest level of authority and treating it like its beneath them. It feels like we're watching history get written by the most entitled and inept among us.
What kind of tickles me is that any new poltical thriller tv series or movie that posits that matters of state in the US are conducted by serious and knowledgable people is now virtually unwatchable for me. It's virtually impossible to suspend the disbelief required to enjoy something that is so far removed from the reality of today's politicians.
(The recent cringe inducing Deniro series comes to mind)
Yeah it has ruined the old zombie movies where the government ends up the bad guy but a competent bad guy that makes unilateral decisions like quarantining a city or bombing a civilian center to contain infection. I am pretty sure they are gonna all be either 1) running around panicking with the rest of us 2) infighting and useless 3) denying the truth before their eyes if such a catastrophic crisis ever were to happen.
As I recall the battle lines were a bit awkwardly drawn for that one. The realism would increase if Cali and Texas were governed by the same party for some time in real life (as I recall they were allies in that movie).
I would like to see someone take up the idea of Canamerimex Union in a movie for kicks -- that is, the idea of Canada, California and Mexico forming a union on the west coast (and maybe continuing down the east coast, with Canada bridging both coasts)
> As I recall the battle lines were a bit awkwardly drawn for that one. The realism would increase if Cali and Texas were governed by the same party for some time in real life (as I recall they were allies in that movie).
I actually liked that little detail and don't think it's too farfetched. In real life those two states are currently on opposite sides of the political spectrum, but (iirc) we don't actually know why the civil war started in the movie and it seemed careful to avoid any kind of left vs right ideology. California and Texas both have a rich history of calls for secession from the union, and both have heavyweight economies that could allow them to stand as their own countries. I think if a civil war did break out where both states disagreed with the Federal government, they'd be more likely than you think to form an alliance.
The war in the movie starts because authoritarian elected Potus Nick Offerman creates an economic division between the states which causes the states to group up geographically and ally on their divisions. California and Texas today wouldn’t pair but given enough pressure they might to ensure they remain an economic power house.
They currently vote different, but there are a few things they have in common.
They're both ridiculously disenfranchised in the Senate.
They've both got significant antivax elements.
They've both got a very large Hispanic population and a portion of the Mexico border.
They're both large states with large economies and large governments; Whereas the Connecticut governor leading the Connecticut national guard is numerically incompetent at protesting the actions of the federal government, or has to overcome a bunch of coordination problems with other governors, they aren't and don't. Whereas Trump was free to seize the COVID pandemic supplies that Maryland bought and paid for, and redistribute them as political favors to red states, it would have been more difficult to do to a state with six times the population and a power center far from Washington. Any effort to oppressively regulate interstate trade is diminished somewhere you're dealing with large amounts of intrastate trade; Conversely, any impediments on trade with and travel to Mexico are going to be substantial issues in both Texas and California.
I found that movie to be disgusting as it takes real footage of war horrors such as 20 days in Mariupol, suicide bombers, etc. and sanitizes that for American audiences. Using this visual style of movies like 20 days in Mariupol indicates the filmmakers watched those movies and thought that could make them buck. Then it gives you some bullshit feel good call of duty action at the end to go kill the president which is tonally different both in visual style and in the context of the narrative. And it replaces the horrors of war such as bombing maternity hospitals and watching pregnant women be dragged from the wreckage with stereotypical racist Americans. And it justifies all this because it tells the tale of some war time reporters and asks the question what if they are just adrenaline junkies which is why they do their jobs? Thereby undercutting the real value and heroism of those who report on these conflicts who are captured, tortured, and murdered (e.g., Viktoriia Roshchyna). It does nothing to connect the audience with anything that is actually happening in the world and even serves to insulate Americans from the horrors of Ukraine and elsewhere while attacking journalists. I thought that movie was disgusting.
Do you have a different example other than 20 Days in Mariupol? Because the filmmakers definitely didn't watch that and think it could "make them buck". Principal photography for Civil War took place the year before 20 Days in Mariupol premiered.
...huh? Civil War is about a group of reporters in the final days of a future civil war in America where a rather Trumpian president is about to be overthrown by rebels. It's not "replacing" anything in Ukraine because it's an entirely different story than Ukraine.
I am talking about the visual language of the movie and how it takes the style of documentary films like 20 days in Mariupol (a movie about the beginning of the war in Ukraine). not the narrative.
I don't think the approach was stolen. It is fine for artists to take styles and ideas from other works and put them in their own. My point is that I found the film to be generally an affront to the suffering of people in actual, ongoing wars. It trivialized those experiences using them as a costume so american audiences could giggle in delight at the cinema without having to worry about the trappings of an actual war. And it did so all to tell a narrative that was somewhat against war-time journalism, painting their efforts as self absorbed and self serving. Like look at the way they film the death of the Kirsten Dunst, in this hero pose with camera in hand searching for the perfect picture. Contrast that to the actual life and death of someone like Viktoriia Rushchyna who was tortured and had organs removed or Shireen Abu Akleh who was allegedly shot in the head by a sniper while wearing a press vest. I simply found the film disgusting and if people disagree with me that is fine.
Of course any film about war (or perhaps any topic) could be controversial to someone. The WW2 epics starring John Wayne or Sergei Eisenstein's Alexandr Nevsky are both examples where the directors twisted every detail and used every opportunity to present a political message that the viewer may or may not agree with. My view on this is that the director of Civil War, Alex Garland, makes statements with the film that I disagree with. He seems to not see the humanity in people, at least, in my opinion. The movie never doubles down on anything, there is no deeper examination of the characters in the film, they just are until they aren't anymore. This is similar to his 2018 film Annihilation, which is essentially a retelling of J.G. Ballard's The Crystal World, and all of those characters in some way lack a humanity (although I think this works much better in this film as you discover that each character goes into the zone to find something about themselves that is missing and what defines them as human to themselves). And similar to The Beach, the novel he wrote that was turned into the movie The Beach, starring Leonardo Dicaprio about vapid westerners partying in thailand, or 28 days later, the zombie movie he wrote directed by Danny Boyle. Garland seems to see life as cheap and meaningless across the books and movies he has created. He cares more about the visual trappings of the setting he creates than the humans who live there. In the case of Civil War, I find it offensive as it uses the visual style of documentary films about ongoing wars as a costume and set dressing for his movie. And this movie comes from a culture (American) that started a war in Iraq and has done basically no introspection as to how those decisions completely changed their society into what it is today. This also influences the Civil War film. The president is blamed exclusively for all bad things across america. The entire movie is about how everything is the president's fault but lets interview him to see why.
There is a significant difference though which even Veep didn't predict - the people in Veep were still riding in the well-oiled deep-state car, while those clowns today is actively destroying that car.
Wrt. clowns - note that the most important Hegseth's staffer is his wife who was his producer back at Fox and basically does the same for him at the Pentagon.
On the other hand, the UK Spitting Image puppet series of sketches The President's Brain is Missing holds up remarkably well, due to being about Reagan.
Yes, it was sickening to watch a lot of people - even self-proclaimed libertarians – flip on torture during that period. There was a stark reversal from the 90s where the War Crimes Act was unanimously passed because back then anti-torture laws were thought of as affecting enemies like the Viet Cong, which lasted less than a decade.
I think your suspicions are wrong. Yes, there are plenty of less competent people in history, but not to this level. Trump is an imbecile who just happens to be good in one direction (bullying and manipulation). Put him in an escape room on his own and he'd die in there. While I can think that many previous UK leaders have not been genius-level, I can't think of one who was anywhere near as stupid and beligerent as Trump. Other than maybe Liz Truss, who is thick as two short planks, but fortunately was ousted quickly. That won't be happening with Trump, and the US (and the larger world) will pay for these pocket-lining morons' mistakes.
Japan's WWII history is uniquely bad but they don't learn about it.
Can threaten authors with treason for negative books like he did in an EO recently. Change school curriculums. Then Maga can start revising history..
Was the 2025 recession from tarrifs? Nah it was Biden's inflation, or Ukraine aid. Actually.. didn't China impose tarrifs on US and US just reciprocated?
> Japan's WWII history is uniquely bad but they don't learn about it.
I see this claim form time to time, but the unsavory side of WW2 is thought in classes, although not without controversy [1]:
Despite the efforts of the nationalist textbook reformers, by the late 1990s the most common Japanese schoolbooks contained references to, for instance, the Nanjing Massacre, Unit 731, and the comfort women of World War II, all historical issues which have faced challenges from ultranationalists in the past. The most recent of the controversial textbooks, the New History Textbook, published in 2000, which significantly downplays Japanese aggression, was shunned by nearly all of Japan's school districts.
On the other hand, after the occupation, GHQ had imposed a press code [2], i.e. censorship of mass media, that undoubtedly had an impact on postwar Japan, so you could say that the point still stands.
Having lived in Japan for 2 year and working in what one would hope being a very educated environment (Todai and Rikadai PhD candidates), I can personally account that the number of Japanese who actually know about that bit of their history is few. Culturally, they don't speak about this topic - and there if something is not spoken about then it does not exist.
I would not be surprised if some teachers could simply not cover that bit of the programme without any consequences; Japan is specifically good at not following its own laws, when such laws have been written mostly to appease international observers - same with women equality and discrimination of minorities laws.
The reality is already altered and murky. There has been a full-blown total information war over reality for several years now.
But Trump and MAGA, even if they win, won't win forever. There will someday be an end to this particular attempt to impose unreality. Then history (or at least the history of this) can be told honestly. (Or at least without MAGA spin. It may have a new spin, but it will at least be a different one.)
For a High-Tech President, a Hard-Fought E-Victory
For more than two months, Mr. Obama has been waging a vigorous battle with his handlers to keep his BlackBerry, which like millions of other Americans he has relied upon for years to stay connected with friends and advisers. (And, of course, to get Chicago White Sox scores.)
He won the fight, aides disclosed Thursday, but the privilege of becoming the nation’s first e-mailing president comes with a specific set of rules.
“The president has a BlackBerry through a compromise that allows him to stay in touch with senior staff and a small group of personal friends,” said Robert Gibbs, his spokesman, “in a way that use will be limited and that the security is enhanced to ensure his ability to communicate.”
[...]
The presidency, for all the power afforded by the office, has been deprived of the tools of modern communication. George W. Bush famously sent a farewell e-mail address to his friends when he took office eight years ago.
While lawyers and the Secret Service balked at Mr. Obama’s initial requests to allow him to keep his BlackBerry, they acquiesced as long as the president - and those corresponding with him - agreed to strict rules. And he had to agree to use a specially made device, which must be approved by national security officials.
Because there was a difference in conduct. Obama consulted "lawyers and the Secret Service," "agreed to strict rules" and "use[d] a specially made device...approved by national security officials." Hegseth yelled YOLO before effectively tweeting target co-ordinates for our warbirds.
Yeah, but that bit about "handlers" of the President of the United States could also be a data point here. That term is usually used in conjunction with 'asset'.
When you feel real love for your favorite celebrity convict, whose incompetence is beyond denying, you'll put your mind to work to search for any device that will enable you to excuse anything he does and who he nominates.
People will talk about "politicians being incompetent", or act like actually anyone who has ever been in the office was like this. It's a pretty close and comforting way to deal with the reality of supporting a fraud without having to admit that you were duped.
"A false equivalence or false equivalency is an informal fallacy in which an equivalence is drawn between two subjects based on flawed, faulty, or false reasoning"
What is the faulty reasoning here? Apart from "My side good, your side bad."
You can find incompetence in previous cabinet officials. This batch of cabinet officials has far more people who are far more incompetent and unqualified than any previous cabinet.
The faulty reasoning is saying that "this is just like previous administrations". It's not.
But the previous president was in the advanced stages of alzheimers and struggled to form coherent sentences. I think he alone beats anyone in the current organisation.
Maybe you're going to find out how much more immoral warlordism is. "Not having a government at all" is a weird fantasy of teenagers.
(the really odd combo is people who hold both the "government is immoral, especially the US federal government" and the "the US federal government should go to war with China" combo, which a few moments thought will show the contradiction)
Let's imagine we do go to warlordism and I do get to see how immoral it is.
At least I won't have to pretend that the coercion and theft is actually moral and good, right? At least I won't have to doublethink myself, turn myself inside out to justify the unjustifiable.
Ackonwledging the problem (immoral government) is just the first, esxential step towards making an actual difference. Why continue to pour in more effort to support an already failed system?
> I won't have to pretend that the coercion and theft is actually moral and good, right?
Of course you will. Not praising the warlord as moral and good will result in real physical consequences for disloyalty, maybe even summary death. As opposed to saying the same thing on HN when just your position is attacked.
"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."
"Some of the classified emails found on former secretary of state Hillary Clinton’s home server were even more sensitive than top secret, according to an inspector general for the intelligence community."
UK comparison: https://www.bbc.co.uk/news/uk-england-london-47996907 ; black woman MP has a train can, everyone treats it as a massive scandal. I think someone had a survey once where they found that one third of all hate mail and death threats directed at UK MPs was aimed at her.
I think a pretty good show would be something written like West Wing, where everyone takes themselves very seriously, but with rampant, blatant incompetence. Like, not funny at all. Nothing tongue in cheek, no winks to the audience. A drama of morons.
Let's pretend you work for a non-US state intelligence agency. How would you find Hesgeth's personal computer in his office on the public Internet? A genuine thought experiment.
I don't want to derail the conversation too much with this but this is the kind of thing that blows my mind with seeing obscenely wealthy/powerful people like Musk and Trump on social media.
At some level of wealth you reach a point where no one can get to you physically. You're completely physically safe and isolated and can't be hurt. That means that the only way someone can get to you is through communicating with you and making you hurt yourself.
That means that social media is your only weakness. This is how adversaries can affect your plans and goals and disrupt your mind. Yet so many of these people seem so oblivious to this and are as terminally online as your average 4channer or facebook mom.
Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
Sure, I get that there's utility in having an online presence, but these people are wealthy/powerful so they can afford to have someone do that work for them with the public non the wiser.
That wouldn't give that kind of narcissist the same level of satisfaction as they get from the army of sycophants clicking "Like" on their latest hot take.
I think that direct connection is particularly attractive to the right kind of narcissist. Might be the best drug they've ever had.
Sorry, you think it's impossible to hurt Trump? Are you forgetting the bullet that passed an inch from his brain? A crazy person with a gun can change history in a second, and it would've been a terrible violent occurrence throughout society if it had come to pass.
Yep. The CIA uses these same techniques to track foreigners of interest (e.g. Putin's entourage) so we should assume other countries are attempting to use similar techniques on American officials.
You would just send him a link in a Signal message. His phone number is widely known and he has Signal installed on his desktop computer.
Signal’s protocol secures the message in transit. But their desktop app may or may not have client-side vulnerabilities. And if he clicks a link, you’re out of Signal and into the browser. If the link downloads a file, you’re into the OS.
There is a Signal social engineering vulnerability where the attacker gets people to click a link that links the attacker's device to the target's Signal account.
Compromise the device of one of his contact and send him a juicy link via telegram that renders "Error: Not viewable on mobile" when opened a phone. Bonus points if the link has 0-day malware dropper
I would make Witkoff sit on his ass in hotel for 8 hours while my team one room over wirelessly breaks into his phone and gets into those Signal chats.
This assumes that the patsy needs to never discover that his device was compromised.
I'm guessing there are a few scenarios where they could be tortured / blackmailed into compliance, even if it meant that the DoD would know about it in a day or two, and it would still be worth it.
E.g., shortly before a real fight over Taiwan began.
I really, really hope Hegseth gets his OPSEC act together, yesterday.
I try to apply Hanlon's Razor to this administration, but it's hard not to occasionally entertain other explanations with the sheer volume of incompetence.
The same reason teenagers might use Instagram DMs to communicate about school projects - It's just the platform he's familiar with.
Or the same reason I have Whatsapp - communication in my social groups happens there, and if I don't have it I get left out.
Your explanations assume there is some deeper meaning, looking at the tradeoffs for each communication platform, and then coming to some rational conclusion. I don't think there's much evidence for that.
The people around trump just happen to be used to using signal to communicate, and if Pete doesn't get on board he gets left out.
Somewhat related: does there exist a technology where I can encrypt something in a manner that it can only be decrypted after a specific future date? If theoretically possible, what would it take for something like that to exist? ie. "We'd need an authority to broadcast some ongoing pseudorandom number generator that can be trusted" or whatnot.
If some tech geniuses wanted to improve government efficiency, one thing they could do is create secure yet easy to use collaboration software. Maybe give the app a catchy one-letter name.
I’m somewhat surprised to see that they use a KVM to switch between back and forth between a JWICS and SIPRNET. I would imagine it’s a special KVM as it’s essentially bridging the airgap between the two.
They use special secure KVM from the major vendors and they are tempest resistant meaning they are shielded from bleeding signals between devices. They also have devices that can use multiple levels on the same screen and keyboard! See Everfox TTC
Not a fan of the Trump administration but I imagine the official pentagon communications systems must be extremely clunky and annoying, and about 20 years behind civilian tech.
During the UK Covid-19 enquiry into gov decision making at that time it came to light that most of the UK cabinet were co-ordinating via Whatsapp groups. Again, I'm not a fan of Boris and Dom Cummings but this makes some sort of sense to me. I recognise the need for government teams to have quick convenient chat available to them. Things move too fast these days to wait for the next cabinet meeting or to arrange things via a series of phone calls.
My kneejerk reaction is the same as yours, but the fact that they were using disappearing messages - they're using Signal to get around their legal reporting requirements. Even if they have other motivations, what they're doing is illegal.
Also, I complain a lot about Teams, but my understanding is modern DoD basically runs on Microsoft, AWS, (also Google?) just the same as private companies. Probably not Zoom, which is unfortunate from a usability perspective but also wise I think.
The problem here is that the convenience is coming at the expense of proper identity management. SignalGate is a good example of the principle. Some Apple convenience feature helped the user by putting the phone number of the reporter into the addressbook under the identity of a government official. Signal then cheerfully used that incorrect phone number to add the reporter to the group chat.
That 20 year old tech is simply more secure... specifically because it is less convenient. By doing things the way they do them they can enforce access to desired levels of security by controlling physical access to the equipment. With something like Signal, that access is entirely the responsibility of the user. The user will inevitably mess that up, particularly when things get exciting. ... and Signal is not even really all that good at preventing the user from messing the identity thing up.
You are right, but I'd also say that high security brings a lot of friction that slows down decision making. Irrespective of Trump and his friends (whom I dont like) as a point of principle I think world leaders have to choose between secure and slow vs fast and risk of leaks. For most purposes, fast and risk of leaks is going to be more optimal.
I hear you both. Frankly, I think we could use a little friction in communication to slow it and the resulting decisions down. I don't know about everyone else, but I don't make best decisions on the fly.
And unarchived. It's very convenient to not have to do things in meetings with minutes where people might later question your decisions. Or report them to the police.
Yes you are right and these people probably are crooks. But in principle I think politicans should be able to have private conversations. These used to happen in literal back rooms but these days everyone is geographically spread out and thats not so possible. Formal decisions should be ratified in official minuted meetings but informal chat should also be possible. Because people need to actually talk to each other in an unguarded way to figure things out sometimes. At the moment the principle seems to be 'anything that a politican types to anyone else should be archived for later perusal' and I'm not sure that thats going to give us better decisions.
> [...] politicans should be able to have private conversations. [...] Because people need to actually talk to each other in an unguarded way to figure things out sometimes.
Which works fine as long as there are no bad actors who may bribe, corrupt, blackmail, etc. Unfortunately that is not the reality we live in and one way[0] of counteracting the bad actors is to enforce transparency with things like "everything must be recorded and archived".
Right but what is the cost of insisting that "everything must be recorded and archived". Are you going to strap recording devices onto everyone in congress? You have to have a mix of safeguards but also practicality, surely?
"Is this politican bad" is not a very good conversation for HN, but "what technology should politicians be using to make them effective" is a good topic for HN, and thats what I'm trying to have a conversation about
The whole world had to shift online with about 2 weeks notice, so I'll forgive them that. At the time I was kind of impressed to be honest that red tape didn't bring the govt machinery to a halt and that they were actually able to improvise a bit. But yes Zoom is not generally the platform I'd want them to use.
There were better alternatives and they had more time than that (when lockdown was possible but not enforced) to prepare.
IIRC the French installed gov controlled Jitsi server. That plus a VPN would be a whole not more secure.
If you do not have things in place I think "we need to discuss state secrets securely" would have been clearly sufficient to justify an exemption to lockdown rules.
I dont like Trump but I'm interested in the idea of what technology we want our politicians to use if we actually want them to be functional teams. This seems like a topic that might be good to talk about on HN.
I'm simply going to point out the blaringly obvious that has somehow missed the armchair commentariat for this whole narrative debacle:
1) DoD and other departments have either tacitly or explicitly approved the use of Signal for internal matters for several years now, with proper opsec.
2) You cannot govern exclusively from a SCIF, hence 1.
"With proper opsec" is doing a lot of work here, and I would presume one very fundamental piece is it is only to be used for non-sensitive conversations. Unless you are going to argue sharing attack plans ahead of the attack on a personal device is okay, which seems absurd on its face in a post-Pegasus world.
>2) You cannot govern exclusively from a SCIF, hence 1.
If you have the resources available to the SecDef, you frankly should be able to. Mobile SCIFs are something private companies can provide off the shelf for a few hundred thousand dollars. That's a drop in the bucket.
Obviously, nobody can or should spend all their time in one unless you're some kind of watch officer, but when handling TS/SCI material, there really is no reason for a principal to not have access to a SCIF within a moment's notice if they make it a priority. And there's no reason to be sharing TS/SCI with anyone that is not themselves in a SCIF. We have a declassification/reclassification process if information needs to be more widely disseminated.
Where is the "but her emails" crowd now? There are three main issues here:
1. The Defense Department bans the use of Signal for everybody else. Why is that? Why is the Secretary exempt?
2. As we've seen it's pretty easy to add unauthorized people to what should be secure communication channels where classified information is shared; and
3. There are laws around the preservation of governmental records. Expiring Signal messages seems like it's intentionally meant to circumvent these legal requirements ie it's illegal.
We're only 100 days in. We've got 1200 more days of this.
Huh? I am still here and I am still annoyed by both. If anything, people who opposed 'but her emails' crowd to sufficiently penalize Hillary, made the current situation possible to begin with.
edit: To the lazy down voters. Address the 'my side never does anything wrong' issue and I might concede.
Re: 1. If a team at work has a long-standing policy implemented by and applying only to that team and I come in as the new team lead, I can change that policy.
NB: I’m not arguing that this change in policy was done after a careful Chesterton’s Fence analysis and weighing of all relevant factors, but it would seem stranger if a new leader couldn’t change any policies than if they can.
The implication is that either he doesnt care, or he does. So I guess he does. I just didn't get the vibe that he wanted Hillary to be held accountable for her emails.
> Sounds like locking her up for bypassing the governmental emails would have been a win, now.
Under what basis should one have "locked her up"? All legal experts agree that there was no crime committed which could result in a prison sentence. This is specifically because none of the emails were classified.
She bypassed the requirement to communicate with all her contacts through secure and auditable channels (things people accuse the Trump admin of now doing), including foreign diplomats, by giving them her private email, which was effectively an email server stored under her desk, in simple SMTP, not SMTPS, which means all hostile entities could hack into it. When caught, she deleted the 19,000 emails and wasn’t sued for destruction of evidence.
That “all” of your legal experts (all 100% of them) found that perfectly legal is non sequitur: As a Secretary of State, practically her whole life can be used as ransom to make her do things contrary to state interests; and as a Secretary of State, she’s even responsible for making her subordinates set up the security rules to make it physically impossible to do what she did, if not legally impossible. She should not only have known, but she should have set up the rules for others.
Sounds like 100% of your legal experts may have been accessory to a scheme. Maybe she abided by the letter of the law but not the spirit, maybe the law has a hole, maybe everyone is lying because they’re afraid saying she cheated would benefit Trump, maybe anything else.
I’m genuinely interested in understanding if the story was wrong; But I’m not interested in understanding whether your take on the low importance of just a few emails from just a basic secretary, “nah don’t worry it’s just emails with her friends, she can have a private life”. No she can’t?
Why in the world would she be generally obligated to provide her personal/private emails to the government or public? It seems bizarre to suggest otherwise.
Because she’s at a position where she can be blackmailed and is holding a lot of the US secrets. There is no privacy when you run for high public positions.
You're demanding a standard of radical transparency for government officials that isn't supported by the law and has never been applied before or since.
It seems to be based on a presumption of guilt, which is a pretty severe departure from common principles of law and justice.
If you're sincere, I suppose you've been demanding that current members of the executive in leadership positions make all their personal communications public too?
The laws around this all generally exempt personal communications. You're Presuming people guilty is also not grounded in law.
> Sounds like locking her up for bypassing the governmental emails would have been a win, now.
This is getting stupid to bring up, but at least we've got a canonical long response to that with a proper legal analysis.
https://youtu.be/cw1tNTIEs-o
It seems like bad faith to be rabid about Clinton emails and silent about the use (and overwhelmingly sloppy use at that) of signal. Do you care about following security procedures or not?
It's also weird to see you seem to take so much pleasure in lashing out - how can you feel vindication thinking your opponents should have done something about emails but not have that same feeling now? How do you hold both views (and with such vitriol) at the same time?
The hypocrisy is why folks find it hard to take these complaints at face value since we show time and time again that they appear more "my team should win the game" than anything consistent and built on principles.
I'm struggling to not write more details here but generally I think the whataboutism and completely ignoring degree is absurd. I remember when the big complaints about Obama were wearing the wrong color suit, saluting with a coffee cup, and allowing a military strike on a us citizen actively working with Al queda. If you want to be convincing (you may not want this- if you just want to feel self righteous and vengeful then carry on) then I think a better path would be explaining why this current situation is a good thing (or at least the same level of bad as the things you hate).
> It is remarkable to what great lengths Hegseth went to use the Signal app, because as defense secretary he has his own communications center which is specialized in keeping him in contact with anyone he wants. This center is commonly called SecDef Cables and is part of Secretary of Defense Communications (SDC) unit.
... but unlike Signal, SDC respects laws requiring accurate record-keeping. And that's why this bunch of lawbreakers want to use Signal. They want to evade any and all accountability once this administration is over.
If you're not aware, these are federal laws, and the force responsible for investigating and arresting people who break them are a part of the executive branch.
And the attorney general just confirmed in a cabinet meeting that the U.S. marshals would not be arresting any of them (marshals handle court orders, e.g. if you're in contempt)
If you really want to blow your mind, think about the fact that Hunter Biden was being prosecuted by the DOJ run by Joe Biden, just a few months ago. Can you imagine anything like that happening in the Trump administration if a Trump family member was accused of a crime?
Judges are investigating and holding trials. The Executive is being obstructive and outright ignoring court orders. Rule of law and the balance of powers have collapsed. Turns out that running a decade+ long misinformation campaign to sow distrust of all legal institutions, as well as expertise and professionalism in general is sufficient to topple the world's oldest democracy. If only there had been any effective counter-messaging things may have been different, but that's impossible with our "left" hollowed out by capital.
How many politicians have you seen blatantly breaking the law like this and having no problem? It happens over and over again. A lower-level flunky would be in prison, but a political appointee is going to be just fine, forced resignation is the worst that could possibly happen to him. Our system is just that corrupt. The same thing happens with leaks - politician or cabinet member leaking is normal, rando bureaucrat leaking is enemy of the state.
Because Trump does not investigate himself, and the once independent Attorney General is now just another political arm of Trump, but with prosecutorial power and discrtion. We are in dark times.
This has never been the case; JFK appointed his little brother AG. The problem is that the Congress should be investigating and prosecuting the president but will not.
It's been a nice kind of fig leaf, but constitutionally the president is the AG's boss, so it doesn't make any sense for the AG to investigate the president. There's an entire branch of government given this power in the Constitution, they've just decided they don't want it.
Exactly. Congress doesn’t want any of their duties. War declaration? Nah, let the President do it and call it “not a war.” Budget? Well, technically we’ll appropriate funds, but we’ll only do a big CR once in a while. Tariff policy? Nah, let the President do it all with the “national security” loophole, no matter how absurd. Impeachment and removal? Well, not when it’s your party’s guy.
For all the hate Trump gets, it’s Congress who’s created and who props up this monarchy.
And you have hit the nail on the head for how Trump is operating this term.
How can he do these things?
Turns out they all could've, they just chose not to.
Maybe we should strengthen the checks and balances, and Congress shouldn't abdicate ANY of its authority to the president. Maybe the system should work how it's supposed to instead of how is easiest.
This is probably what the DOGE kids are being pitched. There is a reason the most wantonly criminal conduct is coming from those too stupid or naïve to understand we haven't transitioned to a one-party state.
He can do that - presidents have a long history of abusing pardons. Trump has shown he is happy to pardon people without much thought either for media attention (j6?) or for money (levandowski?).
On the other hand trump isn't very loyal to his people so far - remember the wasteland of trump advisors and officials in the first term getting convicted of various frauds without getting pardoned (or the lawyer on tape saying he needs a pardon for trying to overturn the election and him not getting it).
Not that it matters but I don't think Biden gave a blanket pardon to his entire staff I think he pardoned people who he thinks are dangerously and unfairly targeted by some extreme media like fauci and Bidens son hunter.
At the end of the day pretty much all of the limits of presidential power come from restraint, especially (but not exclusively) in todays world of a tame judiciary. If the president cares about or wants to be seen as caring about the rule of law it is a bad look to wantonly disregard it too often.
Yes, there are a lot of folks who want to believe everything their chosen guy does is absolutely right but realistically each bad thing chips away at their ability to ignore the evidence. I know several people who have lost faith in trump as the evidence continues to absolutely pile up that he doesn't match the values they were told to appreciate (rule of law, respect for the constitution, human rights, fairness, Christian values, intelligence). If he gives a blanket pardon to everyone that worked for him a few more people will say "wait, maybe the other side was right and this IS a huge abuse" so it's possible, especially if we continue to have elections, that we won't see this kind of thing.
That throught-terminating cliché propaganda line generated by a bunch of campaign strategists at a whiteboard is what got us into this situation.
The extreme bipartisan view is that government business done by public officials should be hidden from the public record at their whim, even with the explicit goal of avoiding FOIA. Democrats believe that this is not only justified but virtuous, because Hillary Clinton lost an election.
Thanks for the link! It looks like this affair over webmail sparked a lot of investigation and resulted in a firing, two years probation, and a $100,000 fine. That sounds like a great start for this kind of thing and they were just talking dirty, not actively sharing mission details!
Overall, yes let's please investigate and appropriately punish wrongdoing at all levels.
Not true at all. The use of Signal started during Obama's first or second term. While the app's first release was during his second term, it existed under various names and forms way back. Wikipedia has a great article on its history.
I personally started using signal some time around 2018 and I'm sure there were millions of users by the time Biden began his term.
I thought the GP means that goverment officials such as the Secretary of Defense started using Signal during Biden's administration (though with no basis for that offered, yet).
Right. They also use cell phones and send emails. The difference is, from the Snopes article:
"... it explicitly did not allow use of Signal to communicate "non-public" Department of Defense information, which would have included the conversations Trump administration officials had in their group chat."
Of course the guy needs to have an end-to-end encrypted direct line to the president. It's the president that runs the show and all decisions must go through him.
If someone gave me a whole set of locked down _windows_ computers and a bunch of achaic phone lines and told me to use them in 2025, I’d also try to circumvent such inconvenience.
Those pesky archiving requirements put in place after the wanton criminality of the Nixon administration are likely unnecessary as well, right? Surely nothing’s being said or planned in the auto-deleting threads that would be criminal, right?
I wish more people, especially media writers, would start with the presumption that "circumventing the state-approved security machine" is a _feature_ of this administration.
Not to pick on this in particular – nearly all the reporting on this starts and ends with "Signal is insecure" as if that was all it took to be wrong. And in other eras, that was enough.
The man likes Signal. For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
There's so many questions I genuinely don't have an answer for...
Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
> What is the probability that China is reading these messages in real-time
Real-time might be nice but there's value in reading material at this level with almost any delay.
In 1949 a US counter-intelligence program(me), the Venona project[1] decrypted Soviet cables from 1945 which made it almost certain the First Secretary to the British Embassy in Washington DC [2] was a Soviet asset. That wouldn't have happened if the Soviets hadn't misused their channels of communication.
Here, his signal comms are likely top secret and we would have no way of knowing if his office followed the legally allowed step of forwarding after the fact for many years.
I think one of the issues is that at least some of the Signal war-plans chat group participants had their messages set to auto-delete. If that's the reason that they're using Signal, it is indeed a problem, even if Signal is secure.
> There's so many questions I genuinely don't have an answer for...
> Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
Is your point that, in the space of your own lack of knowledge, that reasonable rational may exist? Could you share what gives you trust in this administration to be so generous?
My point is that “make liberals sad” is also a stated policy goal of this administration.
I think this article is about one of two things…either there is a possibility that SecDef using Signal represents an ongoing, material national security crisis that should be a concern for all Americans…or it’s really the author grieving for a time when they felt safer because the strict protocols of confidentiality signaled (pun intended) a sense of seriousness about government secrets.
If this is a material security threat, I need a lot of writers to explain why because most people don’t know. If it’s a sad liberal, the result will be counter-productive and large numbers of people-in-power will read this article as a win for their team.
Clown take. The use of Signal or any app on a non-secure device by SecDef for what we know he messaged about in his office is absolutely a primary national security threat. Firing offense for any senior Pentagon official dealing with highly classified traffic. Nothing to do with politics.
Agreed. I thought Lloyd Austin should have been fired for going into surgery without advising his deputy or any of his staff of the risks, and his deputy should have been fired for taking over for him.....without leaving her vacation in Puerto Rico.
I think SecDef Hegseth is actually an even bigger disaster than SecDef Austin. That said....I think the Deep State/ military industrial complex/ Israel lobby is trying to get Hegseth fired because he's one of the Big 3 (Vance/Hegseth/Gabbard) opposed to going kinetic with Iran. But he's making it really easy for his adversaries, because he legitimately sucks at some foundational skills for management at his level.
The fact that everyone in the country knows specific details of what and how he communicates, is a national security crisis. If signal was secure and/or he was following reasonable precautions, no one would know anything about this issue.
>If this is a material security threat, I need a lot of writers to explain why because most people don’t know.
Because personal smartphones aren't considered secure for protecting classified information. Signal in and of itself might be fine when used properly, but it doesn't matter when the underlying platform is consumer-grade security. The risk of side-channel attacks is astronomical.
>My point is that “make liberals sad” is also a stated policy goal of this administration.
>If it’s a sad liberal, ...
I'm not sure any of that furthers whatever argument you're trying to make. Signal being used in that manner didn't only violate a myriad of established protocols, but it was straight up illegal on top of it. In any normal political climate we would've seen resignations from day one, regardless of party.
- one side ignored Clinton using a private server as sec of state
- this one ignores using Signal
I haven’t seen arguments about what the standard is supposed to be or why this in particular is egregious. That would be more convincing than hyperventilating.
Edit:
If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
I don’t follow the allegation its mere presence is problematic, when discussing general communications with other parts of the administration. Especially when accessed via separate/dedicated machine (distinct from secured systems).
If you want to talk about the specifics of, eg, the Yemen war plans then do that — but this article does not.
> Federal agencies did, however, retrospectively determine that 100 emails contained information that should have been deemed classified at the time they were sent, including 65 emails deemed "Secret" and 22 deemed "Top Secret".
There was whole massive campaign against her comparatively much milder infraction. It is crickets now. It was huge.
So, maybe 10 of you care, but the assymetry is beyond apparent.
For that matter, I remember when Obamas tan suit was horrible unpresidential infraction amd lack of respect. Same people voted for Trump not a peep about respectability.
How many people were complaining about “her emails” 28 days after the first one was sent? You’re looking at two very different points on the timeline of each event and concluding that everyone thinks they’re different because of the difference in magnitude of discourse on the topics.
Do you think the difference will remain at this level through the next election cycle?
I think plenty of people see massive amounts of equivalence and are more caught up in other, more urgent piles in Washington’s reinvention of the Augean Stables.
Donald Trump literally said she should be in prison her for the email server thing. Literally during campaign. It was cheered on.
The emails scandal was on for months and got invoked during election by conservative pundits, politicians. Again and again and again and again. They made it a whole big thing, pretending to care about security.
So yeah, it matters. The consistent track record of just extremely one sided care for security, respectability, lies and what not actually matter a lot. Now we know that conservatives complaining about X does not mean they care about X. They dont, they are ok when one of them does worst. It is just hypocrisy.
That's almost exactly my point. Four weeks into scandal B, it's not getting as much coverage and discussion as scandal A did during a campaign.
None of that is surprising, and I expect the current $SHITSTORM_DU_JOUR to get a lot more amplification in 2028 than in May of 2025, which is the same pattern as happened in scandal A's emails.
She was Secretary of State from 2009 to 2013. We heard a ton about the scandal in the 2016 election cycle [when it was convenient and useful politically], not in 2009-2013.
I'm friends with several retired military officers. They tend towards red, but they're absolutely incensed over the Hegseth topic, especially the ones who flew pointy jets.
Sharing details as he has done would put my brother who works for the Navy in the brig. As someone in his role he should know better but he’s only in his role as he will do whatever Trump asks him to. He was a O4, there’s a zero percent chance of him being knowledgeable enough to be competent in his role.
He knew better when saying Clinton's behavior amounted to treason.
We don't need to argue about if he knew better; he did, from his own mouth. We need to argue about if it is ok and if it is ok for the people in power to do nothing about it because it's "their team".
At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
> At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
This might be good for a generic politician running for an election to say, but it's not true. We're not on the same team; we're different groups of people with different values who hate each other. Our politicians are the people we've voted to represent us. It's not like Trump, for example, hoodwinked Republicans; they like everything he's doing, and have for ten years, and a lot of it is because people like me hate him. We're not on the same team.
I know some pretty competent O-4s...but also a TON of mouth-breathing field grade officers too. Hegseth sucks on his own merits (or lack thereof) as a person.
> If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
There are two issues. First, official communications about the workings of government ought to occur on government platforms, so that there's a permanent record for the communication. (As others have mentioned, this is required by the Federal Records Act.)
Second, the Pentagon has limited phone service and limited public internet access by design. The other computers in the office, while for unclassified material, are not (as I understand it) connected to the public internet like Hegseth's personal laptop is.
That said, I have no issue if Hegseth wants to use Signal to make dinner plans with other government officials.
Unfortunately the list of politicians who either don't care about records of their communications being properly kept, or who went out of their way to keep their comms "off the books" is long.
We should want to hold all of them to account, not just this one.
[FBI director James Comey said] "Clinton had been 'extremely careless' but recommended that no charges be filed because Clinton did not act with criminal intent, the historical standard for pursuing prosecution"
Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
> Yes, mens rea is a deeply-precedented standard that's a good default
(From the other side the pond) it does seem that legal standards such that one are applied very selectively in the USA, apparently depending heavily on the political leanings of those involved in any (potential) case.
On the other hand, at least you do actually run elections to pick your POTUS, this side of the Atlantic we get the President of the European Commission based on a back-room deal and a Soviet-style "vote" in the Parliament with no choice. To top it off, when she first got the job in 2019, VdL wasn't even a candidate for it during the immediately preceeding European elections.
The European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
> European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
Sure. They still wound up in court. Hegseth hasn't had to go to court to defend himself because he hasn't even been investigated. You really have to go back to the Austro-Hungarian Empire to find these levels of exploitable ineptitude at the highest ranks of a major military structure.
That case was brought by the New York Times, not any oversight body or investigative function of the EU, which makes it even more cringe-worthy.
"The European Commission faced an embarrassing grilling for almost five hours on Friday as top EU judges cast doubt on the executive’s commitment to transparency on the Covid-19 vaccine negotiations. The EU institution defended itself in a packed EU court in Luxembourg in the so-called Pfizergate case, brought by the New York Times and its former Brussels bureau chief Matina Stevis-Gridneff."
The NYT is presumably welcome to try to take Hegseth to court?
> The NYT is presumably welcome to try to take Hegseth to court?
The Times sued to get Von der Leyen to share information. Hegseth already does that because he's an idiot. To my knowledge, SecDef isn't subject to FOIA in a meaningful way.
The issue is much deeper and more concerning. They’ve been using Signal like this across multiple administrations because the “official” tools are broken to the point of being almost useless. Signal has been one of the major workarounds.
It isn’t enough to say “don’t use Signal”, at some point they need to address the reality that there are no functional alternatives.
The article dissects what's on Hesgeth's desk behind him. First, there's a personal computer there connected to the open web. The article says, "He wanted this computer to use the messaging app Signal, which is the preferred method of communication among Trump's government officials."
Right next to that computer is a "Cisco IP Phone 8851 with a 14-key expansion module." That phone "connects the President, the National Security Council, Cabinet members, the Joint Chiefs of Staff, intelligence agency watch centers, and others." IOW everybody ostensibly on that Signal chat except the editor of The Atlantic.
So now I'm questioning what "functional" means in this context. Does it mean "A thing I can type into while I'm at my desk and can continue to use while I'm taking a dump as long as I poop in public wifi", or does it mean "a thing that brings all top staff together to truly "have op-sec"?
Reading further it looks like he also had access to "SecDef Cables", which provides " interoperable, certified and accredited, multi-security level voice, video, and data services."
So there are functional alternatives, especially considering the functions I personally thought our government was looking for. Maybe they prioritized a safe space for Waltz to use his favorite emojis instead?
> Has Congress made it illegal to use an off-brand messaging app for secure communications?
Yes. The law requires that classified information be handled under certain standards.
> _Why_ is it insecure?
Classified data is being transmitted on an unsecured device. If Hegseth's personal phone has Uber, Tinder, ... whatever apps installed, that software is running on a device that's contains national secrets.
Systems which handle classified data are meant to be airgapped from the normal internet/normal software.
The issue is not that signal is insecure, but rather that sensitive government information demands additional precaution (e.g. airgapping).
There's a separate issue that there are legal requirements for maintaining records of government communication. Using a personal device (especially with disappearing messages) is illegal since it doesn't maintain this documentation.
Additionally, classified information is tracked to see who read it and when. In the event of a security leak, this can help isolate where the leak happened. If the information gets posted on Signal, then there's nothing more that can be tracked.
> For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
That's not the way rule of law works. The Secretary of Defense doesn't get to _decide_ we're doing things differently now. His actions, as well as the actions of his staff, are bound by the laws that congress has passed.
> We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
The onus should not be on the general public to convince the Secretary of Defense to adhere to bog standard requirements for handling sensitive information. If he has an idea, "I think using Signal on my personal phone to discuss imminent military actions is better than using a secure line," he could push that idea forward. Have the Pentagon's security staff evaluate the idea. Instead, he simply did it.
Anyone in the military who did this, and didn't have the president personally protecting him would be cooling his heels in an 8x8 cell in Fort Leavenworth for a very long time.
The issue is that it has all been done with great incompetence, and with apparent glorification of ignorance as a sign of bravado. I, for one, want serious people in charge of my defense, not sycophants more concerned with their stage makeup, hair, fitted suit, and with 'owning the libs' than defending our nation.
The sheer hypocrisy
https://www.theguardian.com/us-news/2016/sep/02/hillary-clin...
https://www.theguardian.com/us-news/2016/jul/05/fbi-no-charg...
Also:
https://www.fbi.gov/news/press-releases/statement-by-fbi-dir...
"To be clear, this is not to suggest that in similar circumstances, a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now."
Classic whataboutism.
...no it isn't? Whataboutism is when you redirect attention from issue #1 to unrelated issue #2 in an attempt to change the conversation topic: "forget that, look at this!"
OP's comment was pointing out the similarities between issue #1 and issue #2. There's no dismissal.
There's a fine line between whataboutism and precedent.
I look forward to the FBI's thorough investigation of Hegseth then.
I prefer the term trumpist douchery.
Game theory, my friend.
If you can be like that, I can too.
The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Public key encryption, like Signal uses, offers good security for most purposes. e.g. It's fantastic for credit card transactions. The problem with using it for transmitting state secrets is that you can't rely on it for long-term secrecy. Even if you avoid MITM or other attacks, a message sent via Signal today could be archived in ciphertext and attacked ten years from now with the hardware/algorithms of ten years in the future. Maybe Signal's encryption will remain strong in ten years. Maybe it will be trivial to crack. If the secrets contained in that message are still sensitive ten years from now, you have a problem.
Anything sent with Signal needs to be treated as published with an unknown delay. If you're sharing intelligence with the U.S., you probably shouldn't find that acceptable.
Signal’s encryption algorithm is fine. The problem is the environment in which it runs: a consumer device connected to the general internet (and it’s hard to believe that someone who does this installs patches promptly). He’s one zero day or unwise click away from an adversary getting access to those messages and potentially being able to send them. Signal’s disappearing message feature at least helps with the former risk but runs afoul of government records laws.
The reason why the policies restrict access to government systems isn’t because anyone thinks that those systems are magically immune to security bugs, but that there are entire teams of actually-qualified professionals monitoring them and proactively securing them. His phone is at risk to, say, a dodgy SMS/MMS message sent by anyone in the world who can get his number, potentially not needing more than a commercial spyware license, but his classified computer on a secure network can’t even receive traffic from them, has locked down configuration, and is monitored so a compromise would be detected a lot faster.
That larger context is what really matters. What they’re doing is like the owner of a bank giving his drunken golf buddy the job of running the business, and the first thing he does is start storing the ledger in his car because it’s more convenient. Even if he’s totally innocent and trying to do a good job, it’s just so much extra risk he’s not prepared to handle for no benefit to anyone else.
An obvious issue that I noticed. He sent the exact same message to two different group chats.
I assume he copy pasted the message on his unsecured device.
How many apps had access to that text in his clipboard?
To me this isn't a technical problem with Signal, it's an opsec problem, and that's quite a lot harder to explain to people.
>> The problem is the environment in which it runs
Too deep. The problem is the physical environment, the room in which the machine displays the information. Computer and technological security means nothing if the information is displayed on a screen is in a room where anyone with a camera can snap a pic at any time.
That’s valid in general, but in the specific case being discussed is an official military facility with strict access control and I would assume it’s regularly checked for bugs.
Even if Signal's encryption implementation is secure, the device on which it is running probably doesn't satisfy TEMPEST requirements. Most consumer crypto is vulnerable in some way to a side-channel attack.
None of that matters if Signal is running on what is effectively a personal device connected to the internet. That device is now the weak link and is what intelligence agencies in many countries are now probably trying to get into.
Pegasus all the way down as an example.
Exactly. And Pegasus is what we know about. I'm sure there's plenty we don't know about that's used for more high profile targets, like former Fox News hosts.
It has almost certainly already been breached.
Signal's crypto is quite good. The problem with it is that it has zero authorization functionality, otherwise the government could use something like Signal internally. The lack of military-grade IM solutions is a problem.
What other type of encryption would you use for state secrets? You seem to be implying that governments and three-letter agencies use some vastly superior cryptographic scheme, whereas AFAIK Signal is as close to the state of the art as it gets.
Also, to be clear, Signal doesn't use public-key cryptography in the naive way (i.e. to encrypt/decrypt messages) as was/is possible with RSA. It uses asymmetric key pairs to first do a Diffie-Hellman key exchange, i.e. generate ephemeral symmetric keys, which are then used for encryption/decryption. This then also guarantees forward secrecy, see https://signal.org/blog/asynchronous-security/ . (Add to that they incorporate an additional post-quantum cryptographic scheme these days, and I'm probably omitting a lot of other details.)
> Signal is as close to the state of the art as it gets.
For their use case, which requires communication between two (or more) arbitrary users who never communicated before among millions of users, running on cheap commodity hardware over wireless connectivity to the internet.
Leaving encryption aside, looking only at the network level, the DoD is capable of using a dedicated fiber line. Or rather a parallel fiber infrastructure.
Poking around it seems like pre shared keys are used for the secure stuff, so no public keys, no rsa. It isn't that signal isn't state of the art, it just makes compromises for usability.
Edit: I didn't state something perhaps I should have. Symmetric key is considered more secure because public key is more complicated so more room for side channel mistakes, and the computation needes to break public keys doesn't scale as fast with key size. I am not an expert but that is what I've read.
> What other type of encryption would you use for state secrets?
Maybe it’s the servers that is the problem.
How are the servers a problem in an end-to-end encrypted scheme?
Store now decrypt later still defeats diffie hellman if you capture the handshake. And quantum computers break diffie hellman as easily as RSA.
Quantum computers don't exist. If you want to talk about a hypothetical machine which might exist in the future you should state that plainly.
Forcing the reader to parse thru the literary devices in order to get to the argument weakens the argument.
Quantum computers absolutely exist and are commercially available. They're just not very useful at the moment.
It get exponentially difficult to add more qubits so it's not a given that we will be able to build one large enough to be a real threat to modern cryptography.
Not them but you are replying on a thread talking about how it isn't safe in the longer future. That context was already built.
came here to say similar. GGP is another great example of hn people jumping in to make comments without having even a basic understanding of what they're talking about. Frustrating as it spreads misinfo about security which is the last thing we need.
Isn't that true for basically everything though? I'm not familiar with what other encrypted messaging systems security agencies use, but either (1) they store ciphertexts that can in theory be attacked later or (2) they delete their data after some time, but signal has that option was well.
Obviously using signal here is a terrible opsec failure, I'm just not sure how what you are saying changes anything
I worked at a videoconferencing hardware/software company. We provided systems to USA government offices like the NSA and State Department and provided an input for which they gave us hardware specs but told us nothing else, the customer did the final testing on it to make sure it worked as specified. We assumed it was for some sort of encryption method of which they revealed to us as little as possible, the hardware engineers who saw it tested only saw a large, portable black box. Otherwise our system used the standard encoding/decoding methods of the day in the 1990s.
The most secure method of communication is a one-time pad, a pre-shared private key.
"A one-time pad (OTP) is considered theoretically the most secure method of communication — when it’s implemented correctly. That means: 1. The key (pad) is truly random. 2. The key is at least as long as the message. 3. The key is used only once. 4. The key is securely shared in advance and kept completely secret.
When all these conditions are met, a one-time pad provides perfect secrecy — an eavesdropper cannot learn anything about the message, even with infinite computing power."
And you need to do that on paper, not on consumer device.
There are significantly fewer concerns about symmetric encryption, and while it doesn't scale to the size or budget of a service like Signal, it's exactly the type of thing the military is good at:
Distribute a bunch of physical artifacts (smartcards) across the globe; guard a central facility (a symmetric key exchange center) extremely well etc.
The military can also afford to run its (encrypted or plaintext) communications over infrastructure it fully controls. The same isn't true for a service provided out of public clouds, on the public Internet.
> Anything sent with Signal needs to be treated as published with an unknown delay.
Oddly they have thought of that already, to the point all encryption systems in use in the gov are thought of in these terms.
All that matters are the different assumed times to publication (weeks to years), and then treating the strength of measures involved differently based on what is reasonable for the given use.
If you absolutely need something to never be published then encryption isn't the solution, and nor are computers generally.
It's the entire mandate of the NSA's Utah Data Center. Archive all the world's encrypted data until such a time as it can be decrypted when either the algorithms have been cracked or machines are powerful enough to brute-force.
https://en.wikipedia.org/wiki/Utah_Data_Center
I'd give different advice.
You shouldn't share state secrets with the US. They will be on or transferred between misconfigured cloud accounts. Some agency will eventually get authorization for analysis of them with an intention of financial espionage. The probable or confirmed loss of them will serve as a plausible deniability for the US when it misuses them.
Five eyes have been 'careful' about what they share since they got burned during the first trump presidency.
They've been careful since before Perl Harbour.
The encryption is completely irrelevant if the information is sent directly to 3rd parties.
> Even if you avoid MITM or other attacks, a message sent via Signal today [...]
That's not the threat model. The threat model is that Signal is a tiny LLC making an app on behalf of a foundation and open source software project. It's a small group of human beings.
Small groups of human beings can be coerced or exploited by state-level actors in lots of ways that can't feasibly be prevented. I mean, if someone walks up to you and offers $2M (or blackmails you with whatever they found in your OneDrive, etc...[1]) to look the other way while you hand them your laptop, are you really going to say no to that keylogger? Would everyone?
At scale, there are auditing techniques to address this. The admins at e.g. github are (hopefully) not as vulnerable. But Signal is too small.
[1] Edit: Or, because let's be honest that's the scale we're playing at: straight up threatens to Novichok you or your family.
> The other members of the five eyes had better be careful about what they share with the U.S. while this is going on.
Right, but this is nothing new: Hegseth is only a recent example of Trump's camp mishandling sensitive docs; I'll bet there's been an inner secret Four Eyes group since the the Mar-a-Lago bathroom official-document-archive story dropped years ago.
What surprises me is that I expected Tulsi Gabbard to be the centre of mishandling allegations, not SecDef.
Tulsi is a competent mole, she knows better than to be this obvious.
It would be gauche to attack Tulsi Gabbard, because you would have to start with her connections Russia's Assadist interests and to RT & the Russian web brigades, and we have established (we voted on it) that any connection to Russia is Old News and Not A Big Deal and Hillary's Dirty Tricks. But Hegseth? Hegseth leaked something to The Atlantic. A far greater threat than Russia.
Maybe Tulsi is just staying out of the spotlight while Hegseth was hired to be in the spotlight.
Even before thus, Ukraine learned painfully that it shouldn't share every plan and every detail with the US. It kind of looks like a sad, self-fulfilling proficy. Ukraine makes a plan, some details get leaked state side, plan goes disastrously. Ukraine plans another operation, doesn't say anything, the plan goes off ok. The US feels betrayed and Ukraine looks like an ungrateful ally abusing trust, the relationship is strained. The election happens and Trump points at how they're a bad partner yadda yadda. Ukraine is blamed for the outcome of what is originally an American problem, the US leaking like a sieve.
This is silly, many countries use consumer messaging for internal communications. The UK government famously uses whatsapp for example.
Signal has been used widely in US intelligence for many, many years. Nothing about this is new, though perhaps people that never paid attention are just now becoming aware of it. As for the rest of Five Eyes, they use WhatsApp the same way. I’m not sure that WhatsApp would be considered an improvement.
It is clear there is a gap between how people imagine this works, or should work in theory, and how it actually works.
> Signal has been used widely in US intelligence for many, many years.
For lunch orders and office softball schedules. Not top secret information.
This is a factually incorrect and very naive take. The same topic has been in the news in European countries too about the widespread use of WhatsApp when discussing secret information. It isn’t just the US government, everyone is doing it.
They're paying attention to Signal now because Hegseth doesn't know his ass from his elbow when it comes to tech and secrecy, instead acting like someone who has watched too many action films and thinks those are just like real life. The problem is not Signal. The problem is incompetence. Plain and simple. Because he blindly added persons to the group that probably didn't belong there, we now have the infamous "we have OPSEC" line, but instead of questioning why this idiot still has a job anywhere near the intelligence agencies, we're wasting our breath scrutinizing what is easily one of the best opens for secure comes if the user understands how it works.
> why this idiot still has a job anywhere near the intelligence agencies
Because competence is a disqualifying attribute in the kakistocracy known as the Republican Party.
I feel bad for the Signal devs. If they weren't personally targets for state level actors before, they are now.
Say what you want about the usability of DoD home grown solutions, but it was a military system backed up by military budgets and guns - civilians are less likely to be collateral damage in an attack against these systems.
Now, all the civilians using Signal are potential splash damage casualties in a military conflict.
I also suspect Signal does not have the budget, staffing, or desire to serve as a front line soldier in a cyber war; but this exposes them to military-grade risks, whether they like it or not.
Valid concerns about op-sec and personal responsibility aside, I think this is another example of why "security at the expense of usability comes at the expense of security". Official DoD communications equipment sucks, so people use the less secure, more usable encrypted communications platform when they feel they can get away with it.
Maybe the DoD should work on developing some internal Android and Signal forks that focus on adding additional critical security controls without impacting usability. There's an obvious desire path here.
They are using unofficial comms to stay off the record and unaccountable, it has nothing to do with ease of use.
That's possible I suppose, but do you have any evidence of that or is it just your personal biases causing you to assume the worst motivation you can imagine must be the correct one?
I know personally that given the choice I'd probably rather use Signal than whatever messaging system the DoD contractors managed to come up with. And private conversations between senior military officials over encrypted DoD communication channels probably aren't FOIAable anyway.
Perhaps, but the simplest answer is often the correct one. People are exactly who they appear to be.
That is not the worst motivation I can imagine.
The real answer is that none of the people Hegseth wants to show off to have access to those networks.
IIRC, DoD uses Wickr RAM for TS messaging and Teams for non-sensitive comms.
Both are fairly "meh" WRT to usability, but neither are so awful people should be breaking the law over it.
> That's possible I suppose, but do you have any evidence of that
Yes, in the chat where a reporter was accidentally present, many of the messages were set to be disappearing. I don't know why anyone would do that if not to avoid recordkeeping laws.
> The images of the text chain show that the messages were set to disappear in one week.
https://apnews.com/article/war-plans-hegseth-signal-chat-inv...
Further, Project 2025 suggests bypassing federal record keeping legislation by simply holding in-person meetings without record.
https://www.youtube.com/watch?v=xxe55mU4DA8
Oddly, the Project 2025 training videos that presumably the members of the executive cabinet have seen say _not_ to delete messages or set messages to auto-deleting _because_ that would be in violation of federal record keeping legislation.
The dude has a staff of 30 people who's whole job is to connect him to literally anyone he wants to communicate with -- you're telling me that the usability of concierge service with more than two dozen staffers is inferior to using signal in a building with shitty cell service?
The contrast betweeen
a) beaurocrats' real comms setups (3 telephones, four monitors all sitting on the desk – versus mounted on arms/wall) full of clutter and sitting on an anachronism of a wood desk
and b) what you'd see in any "spy" movie with dark-mode graphics displaying fancy l33t charts displayed on quad-monitor setups mounted on arms, probably in a low-light setting and the beaurocrat doesn't look at the "small" monitors himself, his cronies do that, the only monitor he looks at is the single 136" on the wall used for teleconferencing with villains
is hilarious
and c) looking at spy comms on their civilian phone while in Russia, probably taking a dump.
If you're going to put a guy in charge who is completely unqualified and has a history of alcohol abuse you should at least make sure he's competent. It's actually very grating to see someone operating at this highest level of authority and treating it like its beneath them. It feels like we're watching history get written by the most entitled and inept among us.
What kind of tickles me is that any new poltical thriller tv series or movie that posits that matters of state in the US are conducted by serious and knowledgable people is now virtually unwatchable for me. It's virtually impossible to suspend the disbelief required to enjoy something that is so far removed from the reality of today's politicians.
(The recent cringe inducing Deniro series comes to mind)
Yeah it has ruined the old zombie movies where the government ends up the bad guy but a competent bad guy that makes unilateral decisions like quarantining a city or bombing a civilian center to contain infection. I am pretty sure they are gonna all be either 1) running around panicking with the rest of us 2) infighting and useless 3) denying the truth before their eyes if such a catastrophic crisis ever were to happen.
You should watch Civil War (2024) some time. The disbelief is shrinking on that one.
As I recall the battle lines were a bit awkwardly drawn for that one. The realism would increase if Cali and Texas were governed by the same party for some time in real life (as I recall they were allies in that movie).
I would like to see someone take up the idea of Canamerimex Union in a movie for kicks -- that is, the idea of Canada, California and Mexico forming a union on the west coast (and maybe continuing down the east coast, with Canada bridging both coasts)
> As I recall the battle lines were a bit awkwardly drawn for that one. The realism would increase if Cali and Texas were governed by the same party for some time in real life (as I recall they were allies in that movie).
I actually liked that little detail and don't think it's too farfetched. In real life those two states are currently on opposite sides of the political spectrum, but (iirc) we don't actually know why the civil war started in the movie and it seemed careful to avoid any kind of left vs right ideology. California and Texas both have a rich history of calls for secession from the union, and both have heavyweight economies that could allow them to stand as their own countries. I think if a civil war did break out where both states disagreed with the Federal government, they'd be more likely than you think to form an alliance.
The war in the movie starts because authoritarian elected Potus Nick Offerman creates an economic division between the states which causes the states to group up geographically and ally on their divisions. California and Texas today wouldn’t pair but given enough pressure they might to ensure they remain an economic power house.
I could imagine them seceding independently, but allying once seceded, especially if the CA secession government shifts more conservative.
They currently vote different, but there are a few things they have in common.
They're both ridiculously disenfranchised in the Senate.
They've both got significant antivax elements.
They've both got a very large Hispanic population and a portion of the Mexico border.
They're both large states with large economies and large governments; Whereas the Connecticut governor leading the Connecticut national guard is numerically incompetent at protesting the actions of the federal government, or has to overcome a bunch of coordination problems with other governors, they aren't and don't. Whereas Trump was free to seize the COVID pandemic supplies that Maryland bought and paid for, and redistribute them as political favors to red states, it would have been more difficult to do to a state with six times the population and a power center far from Washington. Any effort to oppressively regulate interstate trade is diminished somewhere you're dealing with large amounts of intrastate trade; Conversely, any impediments on trade with and travel to Mexico are going to be substantial issues in both Texas and California.
I found that movie to be disgusting as it takes real footage of war horrors such as 20 days in Mariupol, suicide bombers, etc. and sanitizes that for American audiences. Using this visual style of movies like 20 days in Mariupol indicates the filmmakers watched those movies and thought that could make them buck. Then it gives you some bullshit feel good call of duty action at the end to go kill the president which is tonally different both in visual style and in the context of the narrative. And it replaces the horrors of war such as bombing maternity hospitals and watching pregnant women be dragged from the wreckage with stereotypical racist Americans. And it justifies all this because it tells the tale of some war time reporters and asks the question what if they are just adrenaline junkies which is why they do their jobs? Thereby undercutting the real value and heroism of those who report on these conflicts who are captured, tortured, and murdered (e.g., Viktoriia Roshchyna). It does nothing to connect the audience with anything that is actually happening in the world and even serves to insulate Americans from the horrors of Ukraine and elsewhere while attacking journalists. I thought that movie was disgusting.
Do you have a different example other than 20 Days in Mariupol? Because the filmmakers definitely didn't watch that and think it could "make them buck". Principal photography for Civil War took place the year before 20 Days in Mariupol premiered.
...huh? Civil War is about a group of reporters in the final days of a future civil war in America where a rather Trumpian president is about to be overthrown by rebels. It's not "replacing" anything in Ukraine because it's an entirely different story than Ukraine.
I am talking about the visual language of the movie and how it takes the style of documentary films like 20 days in Mariupol (a movie about the beginning of the war in Ukraine). not the narrative.
I am confused. What is your complaint here? That US author's stole the visual approach?
I don't think the approach was stolen. It is fine for artists to take styles and ideas from other works and put them in their own. My point is that I found the film to be generally an affront to the suffering of people in actual, ongoing wars. It trivialized those experiences using them as a costume so american audiences could giggle in delight at the cinema without having to worry about the trappings of an actual war. And it did so all to tell a narrative that was somewhat against war-time journalism, painting their efforts as self absorbed and self serving. Like look at the way they film the death of the Kirsten Dunst, in this hero pose with camera in hand searching for the perfect picture. Contrast that to the actual life and death of someone like Viktoriia Rushchyna who was tortured and had organs removed or Shireen Abu Akleh who was allegedly shot in the head by a sniper while wearing a press vest. I simply found the film disgusting and if people disagree with me that is fine.
Of course any film about war (or perhaps any topic) could be controversial to someone. The WW2 epics starring John Wayne or Sergei Eisenstein's Alexandr Nevsky are both examples where the directors twisted every detail and used every opportunity to present a political message that the viewer may or may not agree with. My view on this is that the director of Civil War, Alex Garland, makes statements with the film that I disagree with. He seems to not see the humanity in people, at least, in my opinion. The movie never doubles down on anything, there is no deeper examination of the characters in the film, they just are until they aren't anymore. This is similar to his 2018 film Annihilation, which is essentially a retelling of J.G. Ballard's The Crystal World, and all of those characters in some way lack a humanity (although I think this works much better in this film as you discover that each character goes into the zone to find something about themselves that is missing and what defines them as human to themselves). And similar to The Beach, the novel he wrote that was turned into the movie The Beach, starring Leonardo Dicaprio about vapid westerners partying in thailand, or 28 days later, the zombie movie he wrote directed by Danny Boyle. Garland seems to see life as cheap and meaningless across the books and movies he has created. He cares more about the visual trappings of the setting he creates than the humans who live there. In the case of Civil War, I find it offensive as it uses the visual style of documentary films about ongoing wars as a costume and set dressing for his movie. And this movie comes from a culture (American) that started a war in Iraq and has done basically no introspection as to how those decisions completely changed their society into what it is today. This also influences the Civil War film. The president is blamed exclusively for all bad things across america. The entire movie is about how everything is the president's fault but lets interview him to see why.
In that case, you may enjoy Veep.
Yes, I am familiar. When the dust has settled, it should probably go down as one of the best written shows this side of the century.
And "Don't look Up!"
Total endorsement for Veep!
There is a significant difference though which even Veep didn't predict - the people in Veep were still riding in the well-oiled deep-state car, while those clowns today is actively destroying that car.
Wrt. clowns - note that the most important Hegseth's staffer is his wife who was his producer back at Fox and basically does the same for him at the Pentagon.
On the other hand, the UK Spitting Image puppet series of sketches The President's Brain is Missing holds up remarkably well, due to being about Reagan.
True, anything that doesn't approximate Idiocracy is now not realistic enough.
I'm currently watching 24 again and it now feels even more like fiction than it ever did.
24 was a wonderful piece of American propaganda whose only goal was to make it seem like torture was okay.
The jack bauer power hour is a strong memory of my childhood.
Yes, it was sickening to watch a lot of people - even self-proclaimed libertarians – flip on torture during that period. There was a stark reversal from the 90s where the War Crimes Act was unanimously passed because back then anti-torture laws were thought of as affecting enemies like the Viet Cong, which lasted less than a decade.
https://en.wikipedia.org/wiki/War_Crimes_Act_of_1996
The entire administration is selected for loyalty. In this environment competence is a threat.
> It feels like we're watching history get written by the most entitled and inept among us.
I suspect this is somewhat common in history (this is not meant to excuse it), but we can’t tell because those people still wrote the narrative.
I think your suspicions are wrong. Yes, there are plenty of less competent people in history, but not to this level. Trump is an imbecile who just happens to be good in one direction (bullying and manipulation). Put him in an escape room on his own and he'd die in there. While I can think that many previous UK leaders have not been genius-level, I can't think of one who was anywhere near as stupid and beligerent as Trump. Other than maybe Liz Truss, who is thick as two short planks, but fortunately was ousted quickly. That won't be happening with Trump, and the US (and the larger world) will pay for these pocket-lining morons' mistakes.
So Trump will be looked back on as a good president? Highly unlikely, I'd say. Trump is quite uniquely awful in the history of the US.
Japan's WWII history is uniquely bad but they don't learn about it.
Can threaten authors with treason for negative books like he did in an EO recently. Change school curriculums. Then Maga can start revising history..
Was the 2025 recession from tarrifs? Nah it was Biden's inflation, or Ukraine aid. Actually.. didn't China impose tarrifs on US and US just reciprocated?
The reality will be altered and murky
> Japan's WWII history is uniquely bad but they don't learn about it.
I see this claim form time to time, but the unsavory side of WW2 is thought in classes, although not without controversy [1]:
Despite the efforts of the nationalist textbook reformers, by the late 1990s the most common Japanese schoolbooks contained references to, for instance, the Nanjing Massacre, Unit 731, and the comfort women of World War II, all historical issues which have faced challenges from ultranationalists in the past. The most recent of the controversial textbooks, the New History Textbook, published in 2000, which significantly downplays Japanese aggression, was shunned by nearly all of Japan's school districts.
On the other hand, after the occupation, GHQ had imposed a press code [2], i.e. censorship of mass media, that undoubtedly had an impact on postwar Japan, so you could say that the point still stands.
[1] https://en.wikipedia.org/wiki/Japanese_history_textbook_cont...
[2] https://www.hiroshimapeacemedia.jp/?p=139387
Having lived in Japan for 2 year and working in what one would hope being a very educated environment (Todai and Rikadai PhD candidates), I can personally account that the number of Japanese who actually know about that bit of their history is few. Culturally, they don't speak about this topic - and there if something is not spoken about then it does not exist. I would not be surprised if some teachers could simply not cover that bit of the programme without any consequences; Japan is specifically good at not following its own laws, when such laws have been written mostly to appease international observers - same with women equality and discrimination of minorities laws.
> The reality will be altered and murky
The reality is already altered and murky. There has been a full-blown total information war over reality for several years now.
But Trump and MAGA, even if they win, won't win forever. There will someday be an end to this particular attempt to impose unreality. Then history (or at least the history of this) can be told honestly. (Or at least without MAGA spin. It may have a new spin, but it will at least be a different one.)
The problem is that everyone knows tariffs don’t work. History will not be kind to trump nor his supporters.
Competence is part of qualification, so what you're asking for is not possible even in theory
True. But what did you think was happening before, with previous governments?
https://www.nytimes.com/2009/01/23/us/politics/23berry.html
For a High-Tech President, a Hard-Fought E-Victory
For more than two months, Mr. Obama has been waging a vigorous battle with his handlers to keep his BlackBerry, which like millions of other Americans he has relied upon for years to stay connected with friends and advisers. (And, of course, to get Chicago White Sox scores.)
He won the fight, aides disclosed Thursday, but the privilege of becoming the nation’s first e-mailing president comes with a specific set of rules.
“The president has a BlackBerry through a compromise that allows him to stay in touch with senior staff and a small group of personal friends,” said Robert Gibbs, his spokesman, “in a way that use will be limited and that the security is enhanced to ensure his ability to communicate.”
[...]
The presidency, for all the power afforded by the office, has been deprived of the tools of modern communication. George W. Bush famously sent a farewell e-mail address to his friends when he took office eight years ago.
While lawyers and the Secret Service balked at Mr. Obama’s initial requests to allow him to keep his BlackBerry, they acquiesced as long as the president - and those corresponding with him - agreed to strict rules. And he had to agree to use a specially made device, which must be approved by national security officials.
There was also all that nonsense about Hillary's laptop and emails.
https://www.theguardian.com/us-news/2016/sep/02/hillary-clin...
It's fascinating to see the difference in coverage.
> the difference in coverage
Because there was a difference in conduct. Obama consulted "lawyers and the Secret Service," "agreed to strict rules" and "use[d] a specially made device...approved by national security officials." Hegseth yelled YOLO before effectively tweeting target co-ordinates for our warbirds.
> "lawyers and the Secret Service,"
Yeah, but that bit about "handlers" of the President of the United States could also be a data point here. That term is usually used in conjunction with 'asset'.
It's fascinating to see the victim mentality on behalf of those who really don't need it
This is an example of the False Equivalency logical fallacy.
When you feel real love for your favorite celebrity convict, whose incompetence is beyond denying, you'll put your mind to work to search for any device that will enable you to excuse anything he does and who he nominates.
People will talk about "politicians being incompetent", or act like actually anyone who has ever been in the office was like this. It's a pretty close and comforting way to deal with the reality of supporting a fraud without having to admit that you were duped.
"A false equivalence or false equivalency is an informal fallacy in which an equivalence is drawn between two subjects based on flawed, faulty, or false reasoning"
What is the faulty reasoning here? Apart from "My side good, your side bad."
The faulty reasoning is the conduct is different.
Obama's and Hillary's blackberries were government procured devices altered by the NSA for security purposes.
The current US defense secretary isn't doing that.
You can find incompetence in previous cabinet officials. This batch of cabinet officials has far more people who are far more incompetent and unqualified than any previous cabinet.
The faulty reasoning is saying that "this is just like previous administrations". It's not.
But the previous president was in the advanced stages of alzheimers and struggled to form coherent sentences. I think he alone beats anyone in the current organisation.
[flagged]
> government is immoral
Maybe you're going to find out how much more immoral warlordism is. "Not having a government at all" is a weird fantasy of teenagers.
(the really odd combo is people who hold both the "government is immoral, especially the US federal government" and the "the US federal government should go to war with China" combo, which a few moments thought will show the contradiction)
Let's imagine we do go to warlordism and I do get to see how immoral it is.
At least I won't have to pretend that the coercion and theft is actually moral and good, right? At least I won't have to doublethink myself, turn myself inside out to justify the unjustifiable.
Ackonwledging the problem (immoral government) is just the first, esxential step towards making an actual difference. Why continue to pour in more effort to support an already failed system?
> I won't have to pretend that the coercion and theft is actually moral and good, right?
Of course you will. Not praising the warlord as moral and good will result in real physical consequences for disloyalty, maybe even summary death. As opposed to saying the same thing on HN when just your position is attacked.
[flagged]
"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."
https://news.ycombinator.com/newsguidelines.html
>I don't have a preference between blue or red.
In other words, you prefer red, but prefer not to admit it.
> In other words, you prefer red, but prefer not to admit it
Lazy nihilism doesn't belong exclusively to one party.
No, but in this context, it's hard to disagree with the comment
> In other words, you prefer red, but prefer not to admit it.
No.
I invite you to look into my historical comments: https://news.ycombinator.com/threads?id=verisimi
Stuff like this I would imagine: https://www.theguardian.com/us-news/2016/jan/20/hillary-clin...
"Some of the classified emails found on former secretary of state Hillary Clinton’s home server were even more sensitive than top secret, according to an inspector general for the intelligence community."
Generally there would be a few garbage appointments, not an avalanche, and more important people have been shitcanned for lesser scandals.
they at least had to pretend. and to pretend they had to let competent staffers do the work so they could take credit.
even bush fooled everyone he was literate (save from the two times he held books upsidedown) while in office.
And this is coming from the supposedly "anti-DEI" administration. What a fucking joke.
Imagine Hegseth was a black woman…
UK comparison: https://www.bbc.co.uk/news/uk-england-london-47996907 ; black woman MP has a train can, everyone treats it as a massive scandal. I think someone had a survey once where they found that one third of all hate mail and death threats directed at UK MPs was aimed at her.
For anyone else confused by the phrasing:
"Shadow Home Secretary Diane Abbott has apologised after a photo emerged of her sipping a can of M&S mojito on a London Overground train."
Meanwhile in Australia, the opposition leader visited a pub during his campaign and the crowd yelled at him to drink a beer out of his shoe.
There are no excuse for death threats but she is widely acknowledged as borderline competent at best.
(It’s easy if you try…)
I think a pretty good show would be something written like West Wing, where everyone takes themselves very seriously, but with rampant, blatant incompetence. Like, not funny at all. Nothing tongue in cheek, no winks to the audience. A drama of morons.
Get me inside the minds of these freaks.
That's basically "Veep". You might also enjoy "In The Loop", "The Thick Of It", or most of Armando Iannucci's oeuvre.
Veep. You're describing Veep. I guess that's more "assholes" than "morons" but there's plenty of both.
Veep is a documentary.
The office. In White house.
Let's pretend you work for a non-US state intelligence agency. How would you find Hesgeth's personal computer in his office on the public Internet? A genuine thought experiment.
Write an article that he's likely to be interested in reading, spread the link, then mine the browser data just like every other website.
Literally just @ him on X. These are the moments of strategic ineptitude you hoard zero days for decades to score.
I don't want to derail the conversation too much with this but this is the kind of thing that blows my mind with seeing obscenely wealthy/powerful people like Musk and Trump on social media.
At some level of wealth you reach a point where no one can get to you physically. You're completely physically safe and isolated and can't be hurt. That means that the only way someone can get to you is through communicating with you and making you hurt yourself.
That means that social media is your only weakness. This is how adversaries can affect your plans and goals and disrupt your mind. Yet so many of these people seem so oblivious to this and are as terminally online as your average 4channer or facebook mom.
Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
> Does this speak to some sort of weakness in these kinds of people or the addictiveness of social media?
They're online because their followers are online. Social media may be the actual lead pipes to our empire [1].
So yes, they are absolutely weaker than leaders with digital hygiene. But the reason they're there is because the American public is similarly weaker.
[1] https://penelope.uchicago.edu/~grout/encyclopaedia_romana/wi...
> Social media may be the actual lead pipes to our empire [1].
In America, the lead pipes of their empire are the literal lead pipes still in use all over the country.
Sure, I get that there's utility in having an online presence, but these people are wealthy/powerful so they can afford to have someone do that work for them with the public non the wiser.
That wouldn't give that kind of narcissist the same level of satisfaction as they get from the army of sycophants clicking "Like" on their latest hot take.
I think that direct connection is particularly attractive to the right kind of narcissist. Might be the best drug they've ever had.
Sorry, you think it's impossible to hurt Trump? Are you forgetting the bullet that passed an inch from his brain? A crazy person with a gun can change history in a second, and it would've been a terrible violent occurrence throughout society if it had come to pass.
Agreed. As much damage as Trump is causing, I'm guessing that his assassination would increase the chances of an even worse scenario: civil war.
It would be a perfect psyop opportunity (I'm guessing) to trigger Trump's most enthusiastic fans.
Yep. The CIA uses these same techniques to track foreigners of interest (e.g. Putin's entourage) so we should assume other countries are attempting to use similar techniques on American officials.
You would just send him a link in a Signal message. His phone number is widely known and he has Signal installed on his desktop computer.
Signal’s protocol secures the message in transit. But their desktop app may or may not have client-side vulnerabilities. And if he clicks a link, you’re out of Signal and into the browser. If the link downloads a file, you’re into the OS.
There is a Signal social engineering vulnerability where the attacker gets people to click a link that links the attacker's device to the target's Signal account.
You could locate the traffic to The White House using this triangulation trick: https://news.ycombinator.com/item?id=42780816
Title:”0-click deanonymization attack targeting Signal, Discord, other platforms”
Maybe not 0-click anymore, but still applies if the user browsing the internet.
Drop a usb stick outside of his house. 100% he'll pick it up and plug it in. 1000% if you brand it with his favorite whiskey.
Compromise the device of one of his contact and send him a juicy link via telegram that renders "Error: Not viewable on mobile" when opened a phone. Bonus points if the link has 0-day malware dropper
> Compromise the device of one of his contact ...
Yes, I should have thought of that old and obvious one. It opens up a universe of possibilities.
I would make Witkoff sit on his ass in hotel for 8 hours while my team one room over wirelessly breaks into his phone and gets into those Signal chats.
https://news.sky.com/story/trumps-fixer-was-made-to-wait-eig...
His personal PC? Send Big Ballz his way to do some upgrades
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...
maybe a free Starlink dish
https://www.nytimes.com/2025/03/17/us/politics/elon-musk-sta...
This assumes that the patsy needs to never discover that his device was compromised.
I'm guessing there are a few scenarios where they could be tortured / blackmailed into compliance, even if it meant that the DoD would know about it in a day or two, and it would still be worth it.
E.g., shortly before a real fight over Taiwan began.
I really, really hope Hegseth gets his OPSEC act together, yesterday.
Once they're in, often professionals will create many forms of hidden access and then remove evidence of the initial breach.
I can only imagine two possible explanations:
1) He is avoiding some sort of corrupt signals intelligence folks from knowing what he's working on.
2) He is avoiding the government catching him in some corruption by avoiding the official records act.
Anything else?
3) He's an idiot who hasn't given it a shred of thought, and was hired for loyalty, not brains.
I try to apply Hanlon's Razor to this administration, but it's hard not to occasionally entertain other explanations with the sheer volume of incompetence.
I think that as someone's power and authority grows, the risks of applying Hanlon's Razor get too high. It's best applied to peers.
His power and authority prior to getting put in charge of the largest military in the world was being a talking head making bad calls on television.
The same reason teenagers might use Instagram DMs to communicate about school projects - It's just the platform he's familiar with.
Or the same reason I have Whatsapp - communication in my social groups happens there, and if I don't have it I get left out.
Your explanations assume there is some deeper meaning, looking at the tradeoffs for each communication platform, and then coming to some rational conclusion. I don't think there's much evidence for that.
The people around trump just happen to be used to using signal to communicate, and if Pete doesn't get on board he gets left out.
Incompetence only applies if you're not running the literal federal government.
We have to assume malicious intent. These people could start a nuclear war. They get zero flexibility or grace.
Like with a cloth right?
Somewhat related: does there exist a technology where I can encrypt something in a manner that it can only be decrypted after a specific future date? If theoretically possible, what would it take for something like that to exist? ie. "We'd need an authority to broadcast some ongoing pseudorandom number generator that can be trusted" or whatnot.
What you're describing is a time-lock puzzle (https://en.wikipedia.org/wiki/Time-lock_puzzle) and there are ways to do it but none of them are perfect
https://crypto.stackexchange.com/q/606/time-capsule-cryptogr...
a smart contract on solana.
Surely you would have to store something off-chain in order for it to be inaccessible until a given point in time.
Unless you can predict the future, I'm not sure how you would generate a key that would be unknowable now but generally available in the future.
You might be on to something there.
I was thinking of encrypting a secret in the structure of a Rust program so it can only be decrypted by compiling and running it.
? Where's the time component there
Compiling a rust program!
Can’t you just fork the chain?
If some tech geniuses wanted to improve government efficiency, one thing they could do is create secure yet easy to use collaboration software. Maybe give the app a catchy one-letter name.
I get that he’s senior but surely someone else signed off this farce?
He's SecDef. AFAIK he calls all the shots within DoD's operations, as long as Trump allows it.
I guess the Treasury Department could stop transferring funds into DoD accounts, but that seems unlikely.
Perhaps he could be prosecuted for violating various laws, but that would require action by the DoJ, which also seems unlikely.
Congress could also hold Trump responsible for Hegseth's actions, but that also strikes me as unlikely.
The past 9 years have been a really good education in why the Separation of Powers is important, and what's at risk when it doesn't function properly.
I’m somewhat surprised to see that they use a KVM to switch between back and forth between a JWICS and SIPRNET. I would imagine it’s a special KVM as it’s essentially bridging the airgap between the two.
I’m guessing that’s the product in question: https://www.vertiv.com/490454/globalassets/products/monitori...
They use special secure KVM from the major vendors and they are tempest resistant meaning they are shielded from bleeding signals between devices. They also have devices that can use multiple levels on the same screen and keyboard! See Everfox TTC
Site’s being hugged hard - mirror: https://archive.is/kMZ2A
Not a fan of the Trump administration but I imagine the official pentagon communications systems must be extremely clunky and annoying, and about 20 years behind civilian tech.
During the UK Covid-19 enquiry into gov decision making at that time it came to light that most of the UK cabinet were co-ordinating via Whatsapp groups. Again, I'm not a fan of Boris and Dom Cummings but this makes some sort of sense to me. I recognise the need for government teams to have quick convenient chat available to them. Things move too fast these days to wait for the next cabinet meeting or to arrange things via a series of phone calls.
Similarly we can look back to Obama having to fight to keep his Blackberry in 2009 https://www.nbcnews.com/id/wbna28780205
My kneejerk reaction is the same as yours, but the fact that they were using disappearing messages - they're using Signal to get around their legal reporting requirements. Even if they have other motivations, what they're doing is illegal.
Also, I complain a lot about Teams, but my understanding is modern DoD basically runs on Microsoft, AWS, (also Google?) just the same as private companies. Probably not Zoom, which is unfortunate from a usability perspective but also wise I think.
The problem here is that the convenience is coming at the expense of proper identity management. SignalGate is a good example of the principle. Some Apple convenience feature helped the user by putting the phone number of the reporter into the addressbook under the identity of a government official. Signal then cheerfully used that incorrect phone number to add the reporter to the group chat.
That 20 year old tech is simply more secure... specifically because it is less convenient. By doing things the way they do them they can enforce access to desired levels of security by controlling physical access to the equipment. With something like Signal, that access is entirely the responsibility of the user. The user will inevitably mess that up, particularly when things get exciting. ... and Signal is not even really all that good at preventing the user from messing the identity thing up.
* https://articles.59.ca/doku.php?id=em:sg (my article)
You are right, but I'd also say that high security brings a lot of friction that slows down decision making. Irrespective of Trump and his friends (whom I dont like) as a point of principle I think world leaders have to choose between secure and slow vs fast and risk of leaks. For most purposes, fast and risk of leaks is going to be more optimal.
I hear you both. Frankly, I think we could use a little friction in communication to slow it and the resulting decisions down. I don't know about everyone else, but I don't make best decisions on the fly.
> quick convenient chat available to them.
And unarchived. It's very convenient to not have to do things in meetings with minutes where people might later question your decisions. Or report them to the police.
To be fair, quite a lot of in-person meetings among U.S. federal government leaders are private and do not produce minutes.
Yes you are right and these people probably are crooks. But in principle I think politicans should be able to have private conversations. These used to happen in literal back rooms but these days everyone is geographically spread out and thats not so possible. Formal decisions should be ratified in official minuted meetings but informal chat should also be possible. Because people need to actually talk to each other in an unguarded way to figure things out sometimes. At the moment the principle seems to be 'anything that a politican types to anyone else should be archived for later perusal' and I'm not sure that thats going to give us better decisions.
> [...] politicans should be able to have private conversations. [...] Because people need to actually talk to each other in an unguarded way to figure things out sometimes.
Which works fine as long as there are no bad actors who may bribe, corrupt, blackmail, etc. Unfortunately that is not the reality we live in and one way[0] of counteracting the bad actors is to enforce transparency with things like "everything must be recorded and archived".
[0] Sadly not 100% effective.
Right but what is the cost of insisting that "everything must be recorded and archived". Are you going to strap recording devices onto everyone in congress? You have to have a mix of safeguards but also practicality, surely?
That’s a different point. Currently it has to be saved. It doesn’t matter how you feel about it. It’s the law.
"Is this politican bad" is not a very good conversation for HN, but "what technology should politicians be using to make them effective" is a good topic for HN, and thats what I'm trying to have a conversation about
The British government was officially using Zoom for cabinet meetings during lockdown which was a whole lot worse.
The whole world had to shift online with about 2 weeks notice, so I'll forgive them that. At the time I was kind of impressed to be honest that red tape didn't bring the govt machinery to a halt and that they were actually able to improvise a bit. But yes Zoom is not generally the platform I'd want them to use.
There were better alternatives and they had more time than that (when lockdown was possible but not enforced) to prepare.
IIRC the French installed gov controlled Jitsi server. That plus a VPN would be a whole not more secure.
If you do not have things in place I think "we need to discuss state secrets securely" would have been clearly sufficient to justify an exemption to lockdown rules.
> but I imagine
Do you know at all or are you just relying completely on your imagination to justify the Trump admin's actions?
I dont like Trump but I'm interested in the idea of what technology we want our politicians to use if we actually want them to be functional teams. This seems like a topic that might be good to talk about on HN.
I'm simply going to point out the blaringly obvious that has somehow missed the armchair commentariat for this whole narrative debacle:
1) DoD and other departments have either tacitly or explicitly approved the use of Signal for internal matters for several years now, with proper opsec.
2) You cannot govern exclusively from a SCIF, hence 1.
"With proper opsec" is doing a lot of work here, and I would presume one very fundamental piece is it is only to be used for non-sensitive conversations. Unless you are going to argue sharing attack plans ahead of the attack on a personal device is okay, which seems absurd on its face in a post-Pegasus world.
Does "proper opsec" include adding random journalists to your chat, and sharing classified intel with your friends?
>2) You cannot govern exclusively from a SCIF, hence 1.
If you have the resources available to the SecDef, you frankly should be able to. Mobile SCIFs are something private companies can provide off the shelf for a few hundred thousand dollars. That's a drop in the bucket.
Obviously, nobody can or should spend all their time in one unless you're some kind of watch officer, but when handling TS/SCI material, there really is no reason for a principal to not have access to a SCIF within a moment's notice if they make it a priority. And there's no reason to be sharing TS/SCI with anyone that is not themselves in a SCIF. We have a declassification/reclassification process if information needs to be more widely disseminated.
Exactly. Signal and Wickr are widely used, and default installed in some orgs.
Where is the "but her emails" crowd now? There are three main issues here:
1. The Defense Department bans the use of Signal for everybody else. Why is that? Why is the Secretary exempt?
2. As we've seen it's pretty easy to add unauthorized people to what should be secure communication channels where classified information is shared; and
3. There are laws around the preservation of governmental records. Expiring Signal messages seems like it's intentionally meant to circumvent these legal requirements ie it's illegal.
We're only 100 days in. We've got 1200 more days of this.
Huh? I am still here and I am still annoyed by both. If anything, people who opposed 'but her emails' crowd to sufficiently penalize Hillary, made the current situation possible to begin with.
edit: To the lazy down voters. Address the 'my side never does anything wrong' issue and I might concede.
Re: 1. If a team at work has a long-standing policy implemented by and applying only to that team and I come in as the new team lead, I can change that policy.
NB: I’m not arguing that this change in policy was done after a careful Chesterton’s Fence analysis and weighing of all relevant factors, but it would seem stranger if a new leader couldn’t change any policies than if they can.
But did they change the policy, or did they do whatever because they felt like it regardless of what the policy said?
> Where is the "but her emails" crowd now?
Same place everyone else is now. Nobody cares about the flagrant violations by the executive. This is the foxes walking around freely now.
Nobody? Including yourself?
That’s a common idiom which isn’t literal. (Obviously?)
The implication is that either he doesnt care, or he does. So I guess he does. I just didn't get the vibe that he wanted Hillary to be held accountable for her emails.
Because this is my United States of Whatever!
[flagged]
> Sounds like locking her up for bypassing the governmental emails would have been a win, now.
Under what basis should one have "locked her up"? All legal experts agree that there was no crime committed which could result in a prison sentence. This is specifically because none of the emails were classified.
Please correct me if I’m wrong:
She bypassed the requirement to communicate with all her contacts through secure and auditable channels (things people accuse the Trump admin of now doing), including foreign diplomats, by giving them her private email, which was effectively an email server stored under her desk, in simple SMTP, not SMTPS, which means all hostile entities could hack into it. When caught, she deleted the 19,000 emails and wasn’t sued for destruction of evidence.
That “all” of your legal experts (all 100% of them) found that perfectly legal is non sequitur: As a Secretary of State, practically her whole life can be used as ransom to make her do things contrary to state interests; and as a Secretary of State, she’s even responsible for making her subordinates set up the security rules to make it physically impossible to do what she did, if not legally impossible. She should not only have known, but she should have set up the rules for others.
Sounds like 100% of your legal experts may have been accessory to a scheme. Maybe she abided by the letter of the law but not the spirit, maybe the law has a hole, maybe everyone is lying because they’re afraid saying she cheated would benefit Trump, maybe anything else.
I’m genuinely interested in understanding if the story was wrong; But I’m not interested in understanding whether your take on the low importance of just a few emails from just a basic secretary, “nah don’t worry it’s just emails with her friends, she can have a private life”. No she can’t?
> No she can’t?
Why in the world would she be generally obligated to provide her personal/private emails to the government or public? It seems bizarre to suggest otherwise.
Because she’s at a position where she can be blackmailed and is holding a lot of the US secrets. There is no privacy when you run for high public positions.
“Sir you received a suitcase full of banknotes!
— That’s my private life!”
—said no honest person ever.
You're demanding a standard of radical transparency for government officials that isn't supported by the law and has never been applied before or since.
It seems to be based on a presumption of guilt, which is a pretty severe departure from common principles of law and justice.
If you're sincere, I suppose you've been demanding that current members of the executive in leadership positions make all their personal communications public too?
The laws around this all generally exempt personal communications. You're Presuming people guilty is also not grounded in law.
> Sounds like locking her up for bypassing the governmental emails would have been a win, now.
This is getting stupid to bring up, but at least we've got a canonical long response to that with a proper legal analysis. https://youtu.be/cw1tNTIEs-o
It seems like bad faith to be rabid about Clinton emails and silent about the use (and overwhelmingly sloppy use at that) of signal. Do you care about following security procedures or not?
It's also weird to see you seem to take so much pleasure in lashing out - how can you feel vindication thinking your opponents should have done something about emails but not have that same feeling now? How do you hold both views (and with such vitriol) at the same time?
The hypocrisy is why folks find it hard to take these complaints at face value since we show time and time again that they appear more "my team should win the game" than anything consistent and built on principles.
I'm struggling to not write more details here but generally I think the whataboutism and completely ignoring degree is absurd. I remember when the big complaints about Obama were wearing the wrong color suit, saluting with a coffee cup, and allowing a military strike on a us citizen actively working with Al queda. If you want to be convincing (you may not want this- if you just want to feel self righteous and vengeful then carry on) then I think a better path would be explaining why this current situation is a good thing (or at least the same level of bad as the things you hate).
They vote this to get it worse?
Strange logic.
> It is remarkable to what great lengths Hegseth went to use the Signal app, because as defense secretary he has his own communications center which is specialized in keeping him in contact with anyone he wants. This center is commonly called SecDef Cables and is part of Secretary of Defense Communications (SDC) unit.
... but unlike Signal, SDC respects laws requiring accurate record-keeping. And that's why this bunch of lawbreakers want to use Signal. They want to evade any and all accountability once this administration is over.
Why are your police not investigating this? The guy is actively breaking the law
If you're not aware, these are federal laws, and the force responsible for investigating and arresting people who break them are a part of the executive branch.
And the attorney general just confirmed in a cabinet meeting that the U.S. marshals would not be arresting any of them (marshals handle court orders, e.g. if you're in contempt)
If you really want to blow your mind, think about the fact that Hunter Biden was being prosecuted by the DOJ run by Joe Biden, just a few months ago. Can you imagine anything like that happening in the Trump administration if a Trump family member was accused of a crime?
And the top executive is arguing that they are only accountable to him
Judges are investigating and holding trials. The Executive is being obstructive and outright ignoring court orders. Rule of law and the balance of powers have collapsed. Turns out that running a decade+ long misinformation campaign to sow distrust of all legal institutions, as well as expertise and professionalism in general is sufficient to topple the world's oldest democracy. If only there had been any effective counter-messaging things may have been different, but that's impossible with our "left" hollowed out by capital.
How many politicians have you seen blatantly breaking the law like this and having no problem? It happens over and over again. A lower-level flunky would be in prison, but a political appointee is going to be just fine, forced resignation is the worst that could possibly happen to him. Our system is just that corrupt. The same thing happens with leaks - politician or cabinet member leaking is normal, rando bureaucrat leaking is enemy of the state.
Because Trump does not investigate himself, and the once independent Attorney General is now just another political arm of Trump, but with prosecutorial power and discrtion. We are in dark times.
> the once independent Attorney General
This has never been the case; JFK appointed his little brother AG. The problem is that the Congress should be investigating and prosecuting the president but will not.
> This has never been the case;
Independence of the Justice Department has been the norm since and because of Watergate.
It's been a nice kind of fig leaf, but constitutionally the president is the AG's boss, so it doesn't make any sense for the AG to investigate the president. There's an entire branch of government given this power in the Constitution, they've just decided they don't want it.
Exactly. Congress doesn’t want any of their duties. War declaration? Nah, let the President do it and call it “not a war.” Budget? Well, technically we’ll appropriate funds, but we’ll only do a big CR once in a while. Tariff policy? Nah, let the President do it all with the “national security” loophole, no matter how absurd. Impeachment and removal? Well, not when it’s your party’s guy.
For all the hate Trump gets, it’s Congress who’s created and who props up this monarchy.
Except that this Congress was hand-picked by him, since he purged anyone who would push back.
Could you point to say 3 concrete examples where he purged a legislative candidate or removed an elected legislator?
I believe "purged" here means primaried or threatened to primary. I'm sure you know of certain famous examples. Here are some recent headlines:
https://www.scrippsnews.com/politics/president-trumps-first-...
https://www.cnn.com/2025/04/06/politics/cornyn-texas-senate-...
This list will contain more examples:
https://en.wikipedia.org/wiki/List_of_Republicans_who_oppose...
always have been, its just current admin is less subtle about it
And you have hit the nail on the head for how Trump is operating this term.
How can he do these things?
Turns out they all could've, they just chose not to.
Maybe we should strengthen the checks and balances, and Congress shouldn't abdicate ANY of its authority to the president. Maybe the system should work how it's supposed to instead of how is easiest.
So you say, but I've seen plenty of independence...see Trump's first term for some examples.
Of course, there will be no consequences for his complete lack of... everything
Oh there will be, just not for him. We’ll never know how many state secrets have been leaked through these shenanigans.
> there will be, just not for him
Everyone in this administration has to know they’re spending the decade after Trump in front of the Congress and various investigators.
I'm sure they're absolutely terrified. I mean look at what happened to James Clapper, straight to the gulag of a cushy CNN gig.
Let’s hope so. But of course this is also a heavy incentive for all of them to make sure their regime never leaves power.
Nah, because the Dems can’t win elections, and Republicans will never hold any Trump ally accountable.
This is probably what the DOGE kids are being pitched. There is a reason the most wantonly criminal conduct is coming from those too stupid or naïve to understand we haven't transitioned to a one-party state.
Can't Trump just pull a Biden, and toss a blanket decade-long pardon to his entire staff? Would anyone bother to investigate them after that?
He can do that - presidents have a long history of abusing pardons. Trump has shown he is happy to pardon people without much thought either for media attention (j6?) or for money (levandowski?).
On the other hand trump isn't very loyal to his people so far - remember the wasteland of trump advisors and officials in the first term getting convicted of various frauds without getting pardoned (or the lawyer on tape saying he needs a pardon for trying to overturn the election and him not getting it).
Not that it matters but I don't think Biden gave a blanket pardon to his entire staff I think he pardoned people who he thinks are dangerously and unfairly targeted by some extreme media like fauci and Bidens son hunter.
At the end of the day pretty much all of the limits of presidential power come from restraint, especially (but not exclusively) in todays world of a tame judiciary. If the president cares about or wants to be seen as caring about the rule of law it is a bad look to wantonly disregard it too often.
Yes, there are a lot of folks who want to believe everything their chosen guy does is absolutely right but realistically each bad thing chips away at their ability to ignore the evidence. I know several people who have lost faith in trump as the evidence continues to absolutely pile up that he doesn't match the values they were told to appreciate (rule of law, respect for the constitution, human rights, fairness, Christian values, intelligence). If he gives a blanket pardon to everyone that worked for him a few more people will say "wait, maybe the other side was right and this IS a huge abuse" so it's possible, especially if we continue to have elections, that we won't see this kind of thing.
There will be none if you do nothing.
But what about her emails. /s
That throught-terminating cliché propaganda line generated by a bunch of campaign strategists at a whiteboard is what got us into this situation.
The extreme bipartisan view is that government business done by public officials should be hidden from the public record at their whim, even with the explicit goal of avoiding FOIA. Democrats believe that this is not only justified but virtuous, because Hillary Clinton lost an election.
[dead]
[flagged]
My understanding is that the use of signal started during biden's term. Is this not true?
Are you being intentionally nonspecific? The use of Signal for some purpose doesn't somehow mean it is appropriate for any purpose.
During Obama they used a shared Gmail account by passing messages using the drafts feature.
Who is "they"?
The director of the CIA sending sexts (and as it later turned out, classified materials) to his mistress.
https://en.wikipedia.org/wiki/Petraeus_scandal
He was fired the day after it reached Obama's desk, and eventually got a slap on the wrist and two years' probation.
Thanks for the link! It looks like this affair over webmail sparked a lot of investigation and resulted in a firing, two years probation, and a $100,000 fine. That sounds like a great start for this kind of thing and they were just talking dirty, not actively sharing mission details!
Overall, yes let's please investigate and appropriately punish wrongdoing at all levels.
Nope
Do you have any evidence?
https://www.snopes.com/news/2025/03/27/biden-authorized-sign...
Very different. See my response here:
https://news.ycombinator.com/item?id=43859373
Not true at all. The use of Signal started during Obama's first or second term. While the app's first release was during his second term, it existed under various names and forms way back. Wikipedia has a great article on its history.
I personally started using signal some time around 2018 and I'm sure there were millions of users by the time Biden began his term.
You must be intentionally acting dense.
I thought the GP means that goverment officials such as the Secretary of Defense started using Signal during Biden's administration (though with no basis for that offered, yet).
This is what Im talking about.
https://www.snopes.com/news/2025/03/27/biden-authorized-sign...
Right. They also use cell phones and send emails. The difference is, from the Snopes article:
"... it explicitly did not allow use of Signal to communicate "non-public" Department of Defense information, which would have included the conversations Trump administration officials had in their group chat."
Of course the guy needs to have an end-to-end encrypted direct line to the president. It's the president that runs the show and all decisions must go through him.
He should probably be investigated. He's giving off major "Russian Asset" vibes.
Maybe just let the man use Signal?
If someone gave me a whole set of locked down _windows_ computers and a bunch of achaic phone lines and told me to use them in 2025, I’d also try to circumvent such inconvenience.
I think they should just use X and post publicly, I don't see what the fuss is all about :)
Are you in charge of federal secrets?
Those pesky archiving requirements put in place after the wanton criminality of the Nixon administration are likely unnecessary as well, right? Surely nothing’s being said or planned in the auto-deleting threads that would be criminal, right?
I wish more people, especially media writers, would start with the presumption that "circumventing the state-approved security machine" is a _feature_ of this administration.
Not to pick on this in particular – nearly all the reporting on this starts and ends with "Signal is insecure" as if that was all it took to be wrong. And in other eras, that was enough.
The man likes Signal. For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
There's so many questions I genuinely don't have an answer for...
Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
> What is the probability that China is reading these messages in real-time
Real-time might be nice but there's value in reading material at this level with almost any delay.
In 1949 a US counter-intelligence program(me), the Venona project[1] decrypted Soviet cables from 1945 which made it almost certain the First Secretary to the British Embassy in Washington DC [2] was a Soviet asset. That wouldn't have happened if the Soviets hadn't misused their channels of communication.
[1] https://www.osti.gov/opennet/manhattan-project-history/Event... [2] https://en.wikipedia.org/wiki/Kim_Philby
It doesn't only matter if its secure or not.
https://en.wikipedia.org/wiki/Presidential_Records_Act
He is not the president or vice president. This law would be more relevant https://en.m.wikipedia.org/wiki/Federal_Records_Act
Here, his signal comms are likely top secret and we would have no way of knowing if his office followed the legally allowed step of forwarding after the fact for many years.
There's similar record keeping for lots of officials. Government loves keeping records
And now we won't know, ever. Which is exactly the point of avoiding the system.
I don't understand it either. It's not as if you can accidentally message war plans to unauthorized parties on Signal.
“We are currently clean on OPSEC.” -Pete Hegseth
I think one of the issues is that at least some of the Signal war-plans chat group participants had their messages set to auto-delete. If that's the reason that they're using Signal, it is indeed a problem, even if Signal is secure.
nitpick: disappearing messages are either enabled for everyone in the group or for no one.
> There's so many questions I genuinely don't have an answer for...
> Has Congress made it illegal to use an off-brand messaging app for secure communications? _Why_ is it insecure? What is the probability that China is reading these messages in real-time? 100%? 25%? 0.2%?
Is your point that, in the space of your own lack of knowledge, that reasonable rational may exist? Could you share what gives you trust in this administration to be so generous?
Great question, thanks for asking.
My point is that “make liberals sad” is also a stated policy goal of this administration.
I think this article is about one of two things…either there is a possibility that SecDef using Signal represents an ongoing, material national security crisis that should be a concern for all Americans…or it’s really the author grieving for a time when they felt safer because the strict protocols of confidentiality signaled (pun intended) a sense of seriousness about government secrets.
If this is a material security threat, I need a lot of writers to explain why because most people don’t know. If it’s a sad liberal, the result will be counter-productive and large numbers of people-in-power will read this article as a win for their team.
Clown take. The use of Signal or any app on a non-secure device by SecDef for what we know he messaged about in his office is absolutely a primary national security threat. Firing offense for any senior Pentagon official dealing with highly classified traffic. Nothing to do with politics.
Agreed. I thought Lloyd Austin should have been fired for going into surgery without advising his deputy or any of his staff of the risks, and his deputy should have been fired for taking over for him.....without leaving her vacation in Puerto Rico.
https://abcnews.go.com/Politics/timeline-key-figures-found-l...
I think SecDef Hegseth is actually an even bigger disaster than SecDef Austin. That said....I think the Deep State/ military industrial complex/ Israel lobby is trying to get Hegseth fired because he's one of the Big 3 (Vance/Hegseth/Gabbard) opposed to going kinetic with Iran. But he's making it really easy for his adversaries, because he legitimately sucks at some foundational skills for management at his level.
The fact that everyone in the country knows specific details of what and how he communicates, is a national security crisis. If signal was secure and/or he was following reasonable precautions, no one would know anything about this issue.
>If this is a material security threat, I need a lot of writers to explain why because most people don’t know.
Because personal smartphones aren't considered secure for protecting classified information. Signal in and of itself might be fine when used properly, but it doesn't matter when the underlying platform is consumer-grade security. The risk of side-channel attacks is astronomical.
>My point is that “make liberals sad” is also a stated policy goal of this administration.
>If it’s a sad liberal, ...
I'm not sure any of that furthers whatever argument you're trying to make. Signal being used in that manner didn't only violate a myriad of established protocols, but it was straight up illegal on top of it. In any normal political climate we would've seen resignations from day one, regardless of party.
I see this as partisan:
- one side ignored Clinton using a private server as sec of state
- this one ignores using Signal
I haven’t seen arguments about what the standard is supposed to be or why this in particular is egregious. That would be more convincing than hyperventilating.
Edit:
If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
I don’t follow the allegation its mere presence is problematic, when discussing general communications with other parts of the administration. Especially when accessed via separate/dedicated machine (distinct from secured systems).
If you want to talk about the specifics of, eg, the Yemen war plans then do that — but this article does not.
How was an FBI and DOJ and investigation by the Obama administration "one side ignoring it"?
This. So much this. The fantasy land behind these "Clinton's emails" takes is bizarre enough to seem intentional.
How did Democrats respond to that information?
> Federal agencies did, however, retrospectively determine that 100 emails contained information that should have been deemed classified at the time they were sent, including 65 emails deemed "Secret" and 22 deemed "Top Secret".
https://en.wikipedia.org/wiki/Hillary_Clinton_email_controve...
That sounds a lot worse than what Hegseth is accused of, but didn’t derail her nomination nor draw widespread condemnation from Democrats.
That’s what I mean by “ignoring it”: the conclusion was bad but largely ignored by the party.
> what specifically is the problem the administration uses Signal together with unsecured comms?
The DoD kit makes it a little bit harder to add randos to chats where one needlessly posts tactical air strike details.
Like emails?
What if you believe both Clinton and Hegseth are in the wrong?
I hold this position and I don't think it's uncommon. Plenty of people think if something is wrong then it doesn't matter who does it.
There's definitely perception bias. Usually conversations are short when we're in agreement. Doesn't create engagement. Doesn't make for good news
There was whole massive campaign against her comparatively much milder infraction. It is crickets now. It was huge.
So, maybe 10 of you care, but the assymetry is beyond apparent.
For that matter, I remember when Obamas tan suit was horrible unpresidential infraction amd lack of respect. Same people voted for Trump not a peep about respectability.
How many people were complaining about “her emails” 28 days after the first one was sent? You’re looking at two very different points on the timeline of each event and concluding that everyone thinks they’re different because of the difference in magnitude of discourse on the topics.
Do you think the difference will remain at this level through the next election cycle?
I think plenty of people see massive amounts of equivalence and are more caught up in other, more urgent piles in Washington’s reinvention of the Augean Stables.
Donald Trump literally said she should be in prison her for the email server thing. Literally during campaign. It was cheered on.
The emails scandal was on for months and got invoked during election by conservative pundits, politicians. Again and again and again and again. They made it a whole big thing, pretending to care about security.
So yeah, it matters. The consistent track record of just extremely one sided care for security, respectability, lies and what not actually matter a lot. Now we know that conservatives complaining about X does not mean they care about X. They dont, they are ok when one of them does worst. It is just hypocrisy.
That's almost exactly my point. Four weeks into scandal B, it's not getting as much coverage and discussion as scandal A did during a campaign.
None of that is surprising, and I expect the current $SHITSTORM_DU_JOUR to get a lot more amplification in 2028 than in May of 2025, which is the same pattern as happened in scandal A's emails.
She was Secretary of State from 2009 to 2013. We heard a ton about the scandal in the 2016 election cycle [when it was convenient and useful politically], not in 2009-2013.
I'm friends with several retired military officers. They tend towards red, but they're absolutely incensed over the Hegseth topic, especially the ones who flew pointy jets.
N-gram viewer: https://books.google.com/ngrams/graph?content=Clinton+email+...
Sharing details as he has done would put my brother who works for the Navy in the brig. As someone in his role he should know better but he’s only in his role as he will do whatever Trump asks him to. He was a O4, there’s a zero percent chance of him being knowledgeable enough to be competent in his role.
He knew better when saying Clinton's behavior amounted to treason.
We don't need to argue about if he knew better; he did, from his own mouth. We need to argue about if it is ok and if it is ok for the people in power to do nothing about it because it's "their team".
At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
> At some point soon we need to realize we the people are on one team and everyone saying otherwise is trying to hurt us.
This might be good for a generic politician running for an election to say, but it's not true. We're not on the same team; we're different groups of people with different values who hate each other. Our politicians are the people we've voted to represent us. It's not like Trump, for example, hoodwinked Republicans; they like everything he's doing, and have for ten years, and a lot of it is because people like me hate him. We're not on the same team.
I know some pretty competent O-4s...but also a TON of mouth-breathing field grade officers too. Hegseth sucks on his own merits (or lack thereof) as a person.
SecDef Lovett only rose to O-4 before going into the NYC business community and then becoming a Special Assistant to SecWar Stimpson in 1940. https://history.defense.gov/Multimedia/Biographies/Article-V...
SecDef McElroy came up through Proctor & Gamble, no government or military experience. https://history.defense.gov/Multimedia/Biographies/Article-V...
Just as a few examples of adequately-successful SecDefs coming from "unimpressive" paper resumes.
> If you read the article, there are both classified/secured and unsecured lines available at the station. So what specifically is the problem the administration uses Signal together with unsecured comms?
There are two issues. First, official communications about the workings of government ought to occur on government platforms, so that there's a permanent record for the communication. (As others have mentioned, this is required by the Federal Records Act.)
Second, the Pentagon has limited phone service and limited public internet access by design. The other computers in the office, while for unclassified material, are not (as I understand it) connected to the public internet like Hegseth's personal laptop is.
That said, I have no issue if Hegseth wants to use Signal to make dinner plans with other government officials.
> First, official communications [..]
Unfortunately the list of politicians who either don't care about records of their communications being properly kept, or who went out of their way to keep their comms "off the books" is long.
We should want to hold all of them to account, not just this one.
> We should want to hold all of them to account, not just this one
We should and do. FBI investigated Clinton because of her emails.
> FBI investigated Clinton because of her emails.
Correct, and this was the outcome:
[FBI director James Comey said] "Clinton had been 'extremely careless' but recommended that no charges be filed because Clinton did not act with criminal intent, the historical standard for pursuing prosecution"
Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
> Is '[not] acting with criminal intent' really the standard we think we want to hold our elected officials to?
Yes, mens rea is a deeply-precedented standard that's a good default.
[1] https://en.wikipedia.org/wiki/Mens_rea
> Yes, mens rea is a deeply-precedented standard that's a good default
(From the other side the pond) it does seem that legal standards such that one are applied very selectively in the USA, apparently depending heavily on the political leanings of those involved in any (potential) case.
On the other hand, at least you do actually run elections to pick your POTUS, this side of the Atlantic we get the President of the European Commission based on a back-room deal and a Soviet-style "vote" in the Parliament with no choice. To top it off, when she first got the job in 2019, VdL wasn't even a candidate for it during the immediately preceeding European elections.
> We should and do
The European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
https://www.theguardian.com/commentisfree/2025/feb/10/i-aske...
https://www.politico.eu/article/ursula-von-der-leyen-eu-comm...
Outcome? A(nother) nothingburger.
> European Commission ended up in court trying to keep Ursula von der Leyen's messages secret 'claiming that the texts were “by [their] nature short-lived” and were not covered by the EU’s freedom of information law'
Sure. They still wound up in court. Hegseth hasn't had to go to court to defend himself because he hasn't even been investigated. You really have to go back to the Austro-Hungarian Empire to find these levels of exploitable ineptitude at the highest ranks of a major military structure.
> Sure. They still wound up in court.
That case was brought by the New York Times, not any oversight body or investigative function of the EU, which makes it even more cringe-worthy.
"The European Commission faced an embarrassing grilling for almost five hours on Friday as top EU judges cast doubt on the executive’s commitment to transparency on the Covid-19 vaccine negotiations. The EU institution defended itself in a packed EU court in Luxembourg in the so-called Pfizergate case, brought by the New York Times and its former Brussels bureau chief Matina Stevis-Gridneff."
The NYT is presumably welcome to try to take Hegseth to court?
> The NYT is presumably welcome to try to take Hegseth to court?
The Times sued to get Von der Leyen to share information. Hegseth already does that because he's an idiot. To my knowledge, SecDef isn't subject to FOIA in a meaningful way.
> The Times sued to get Von der Leyen to share information
...and failed
> To my knowledge, SecDef isn't subject to FOIA in a meaningful way
...and as it turned out, neither is VdL.
The case didn't succeed in producing the records. But the process uncovered a lot of shit.
But again, you're comparing non-disclosure to irresponsible disclosure. VdL didn't send highly sensitive scramble times to a rando.
(With apologies if this appears provocative)
Is there evidence that SECDEF 'acted with criminal intent'?
We've already clarified that '[being] extremely careless' is not enough for a court case.
[I have a mental picture of a Venn diagram with three circles: "Politicians", "Idiots" and "Criminals"...]
> Is there evidence that SECDEF 'acted with criminal intent'?
Tough to say if there’s no investigation!
> We've already clarified that '[being] extremely careless' is not enough for a court case
Investigation.
The issue is much deeper and more concerning. They’ve been using Signal like this across multiple administrations because the “official” tools are broken to the point of being almost useless. Signal has been one of the major workarounds.
It isn’t enough to say “don’t use Signal”, at some point they need to address the reality that there are no functional alternatives.
The article dissects what's on Hesgeth's desk behind him. First, there's a personal computer there connected to the open web. The article says, "He wanted this computer to use the messaging app Signal, which is the preferred method of communication among Trump's government officials."
Right next to that computer is a "Cisco IP Phone 8851 with a 14-key expansion module." That phone "connects the President, the National Security Council, Cabinet members, the Joint Chiefs of Staff, intelligence agency watch centers, and others." IOW everybody ostensibly on that Signal chat except the editor of The Atlantic.
So now I'm questioning what "functional" means in this context. Does it mean "A thing I can type into while I'm at my desk and can continue to use while I'm taking a dump as long as I poop in public wifi", or does it mean "a thing that brings all top staff together to truly "have op-sec"?
Reading further it looks like he also had access to "SecDef Cables", which provides " interoperable, certified and accredited, multi-security level voice, video, and data services."
So there are functional alternatives, especially considering the functions I personally thought our government was looking for. Maybe they prioritized a safe space for Waltz to use his favorite emojis instead?
Bingo. If a hacker did this it would be understood as a sign that the comms aren’t secure and praised. He was clearly briefed on Salt Typhoon.
The thing I am more bothered by is why would he take a picture of his desk, thereby narrowing the attack profile.
> Has Congress made it illegal to use an off-brand messaging app for secure communications?
Yes. The law requires that classified information be handled under certain standards.
> _Why_ is it insecure?
Classified data is being transmitted on an unsecured device. If Hegseth's personal phone has Uber, Tinder, ... whatever apps installed, that software is running on a device that's contains national secrets.
Systems which handle classified data are meant to be airgapped from the normal internet/normal software.
The issue is not that signal is insecure, but rather that sensitive government information demands additional precaution (e.g. airgapping).
There's a separate issue that there are legal requirements for maintaining records of government communication. Using a personal device (especially with disappearing messages) is illegal since it doesn't maintain this documentation.
Additionally, classified information is tracked to see who read it and when. In the event of a security leak, this can help isolate where the leak happened. If the information gets posted on Signal, then there's nothing more that can be tracked.
> For better or worse, he is the Secretary of Defense...The man we've entrusted to help coordinate our national defense.
That's not the way rule of law works. The Secretary of Defense doesn't get to _decide_ we're doing things differently now. His actions, as well as the actions of his staff, are bound by the laws that congress has passed.
> We need to start from the presumption that the people-in-power don't care that it's always been done this way...in fact, they have a ton of pressure to be different. But, in some cases, these people may be willing to listen to reasonable arguments which clearly establish _why_ using Signal is unreasonably worse than using US Government Issue messaging.
The onus should not be on the general public to convince the Secretary of Defense to adhere to bog standard requirements for handling sensitive information. If he has an idea, "I think using Signal on my personal phone to discuss imminent military actions is better than using a secure line," he could push that idea forward. Have the Pentagon's security staff evaluate the idea. Instead, he simply did it.
Regarding Signal:
Check out what happened to the Signal FOSS fork.
Then check out what Molly is doing, and why.
Personally I'd favor Briar over Signal any day.
Anyone in the military who did this, and didn't have the president personally protecting him would be cooling his heels in an 8x8 cell in Fort Leavenworth for a very long time.
The issue is that it has all been done with great incompetence, and with apparent glorification of ignorance as a sign of bravado. I, for one, want serious people in charge of my defense, not sycophants more concerned with their stage makeup, hair, fitted suit, and with 'owning the libs' than defending our nation.
> help coordinate our national defense
I mean, thinking the DoD is actually defending the U.S. is where you went wrong. The stakes are so incredibly low that none of this actually matters.