[metayrnc]

> The Armed Forces, on the other hand, are negative and write in a letter to the government that the proposal cannot be realized "without introducing vulnerabilities and backdoors that can be exploited by third parties

First time I am seeing an organization against this. Kudos to them for standing up.

[diggan]

According to the original article (Swedish: https://www.svt.se/nyheter/inrikes/signal-lamnar-sverige-om-...), the reason for the armed forces to be against it is because they recently started advocating for its personnel to start using Signal to reduce eavesdropping, so backdooring Signal would decrease the armed forces security.

> Men Försvarsmakten är negativa och nyligen uppmanade försvaret sin personal att börja använda Signal för att minska risken för avlyssning.

[hav]

In fact, they are negative because they say that this can't be done without opening up the service to vulnerabilities that could be used by others.

> I ett brev till regeringen skriver Försvarsmakten att lagförslaget inte kommer kunna förverkligas ”utan att införa sårbarheter och bakdörrar som kan komma att nyttjas av tredje part”.

> In a letter to the government, the Swedish Armed Forces writes that the legislative proposal will not be able to be implemented "without introducing vulnerabilities and backdoors that may be utilized by third parties."

[diggan]

That specific quote is in the original comment of this thread :)

[hav]

Yes, but your deduction is incorrect. They're saying the SAF are negative _and_ they recommend their personell to use the service, not that they are negative _because_ they recommend it.

[Thorrez]

I don't see how you can know that "because" is incorrect. This seems like it could be possible to me:

(Possibly) SAF is negative because they use Signal, and don't want a law that would introduce vulnerabilities into Signal that could be utilized by third parties.

[squigz]

This was already commented by the original comment in this thread and is not mutually exclusive to GP's comment. What is your point?

[giancarlostoro]

Makes sense, the entire point of Signal is no backdoors. If you add one, you might as well make the app illegal.

[bee_rider]

TOR was sort of famously contributed to by a dude in US Naval research early on, right?

They are militaries, not police or intelligence forces. The job is to be ready to do war, not nanny and snoop on civilians (Some of that might be a necessary side effect but it isn’t their reason for being).

[tga_d]

The NRL originally developed onion routing and Tor. It was then open sourced, stewarded by the EFF for a few years, before becoming its own non-profit. The NRL still do a ton of work on Tor and its ecosystem, primarily through academic research and occasionally code, though the Tor Project is obviously now the biggest player in the space. The original motivation was to enable communicating with covert assets (intelligence services and the like) overseas, which requires lots of non-military cover traffic to be useful, hence the opening up. Its popularity as an anti-censorship tool has motivated a lot of the continued support from various US agencies, including the NRL. Really though, the NRL is a largely civilian institution, and while the people who work there do work for the military, they aren't typically enlisted, have limited security clearance if any, etc. It's sort of like the Navy's version of Microsoft Research, or Bell Labs.

[psunavy03]

Militaries need intelligence services to be their eyes and ears. That said, most people who are not in their country's armed forces, government, or intelligence service vastly overestimate how much another country's intelligence services actually care about them. Most people aren't that interesting and don't have any intelligence value for another country's government.

[red-iron-pine]

US Navy research labs developed onion routing and the core of Tor

arguably, one of the reasons it was released to the public was to get large amounts of traffic using onion routing. because if it's just 50 data steams that are entirely ONI or NSA then it's easy to hit them with timing attacks.

but 2+ million streams from all over makes it a lot easier to hide.

[dijit]

And SELinux was given to us by the NSA.

[zaggynl]

I question the use of an instant messaging service hosted in another country for your armed forces, is that a good idea, especially now?

As good as Signal is I mean, you will want something under your control.

[diggan]

They're not using/advocating to use Signal for their military control/communication:

> This week, Brigadier General Mattias Hanson, the Swedish Armed Forces' CIO (Chief Information Officer), decided that calls and text messages that do not concern classified information should, as far as possible, be made using the Signal app. The decision aims to make it more difficult to intercept calls and messages sent via the telephone network.

https://www.forsvarsmakten.se/sv/aktuellt/2025/02/forsvarsma...

Seems people were using SMS for those messages they are now advocating to use Signal for.

Also, seems they've done a review (obviously) but unclear if they had access to something internal from Signal to do the review, feels like they had to:

> The Signal application has been deemed by the Swedish Armed Forces to have sufficient security to make it difficult to intercept calls and messages.

[Gud]

Any decent military will be using multiple forms of communication systems.

I was a communications specialist for the Swedish Armed forces 10+ years ago, including a tour in Afghanistan and a tour in Kosovo.

We used radio links for internet that I can tell you, were more adversarial than friendly.

The Swedish military is highly capable when it comes to network communications. A small nation will have to think differently.

You could potentially use an instant messaging system in control by someone else, if you are willing and capable of sharing encryption keys with whomever you are going to communicate with beforehand.

[Thorrez]

Is Signal hosted in just 1 country?

[zaggynl]

Good question! I assumed it was US only but things have changed a while back after it becoming popular it seems. Going by https://signal.org/blog/signal-is-expensive/

>Because everything in Signal is end-to-end encrypted, we can rent server infrastructure from a variety of providers like Amazon AWS, Google Compute Engine, Microsoft Azure, and others while ensuring that your messages and calls remain private and secure.

[gruez]

Your source doesn't support your claim. The exact snippet you quoted, interpreted strictly, only means they have the option to host it across providers, not that they actually do so. It also doesn't say anything about where it's hosted. It can be hosted in AWS, GCP, and azure, but all in the US, for instance.

[Schiendelman]

Apple took the same stance during the San Bernardino case!