Hacker News new | ask | show | jobs
by be_erik 413 days ago
There’s chatter on bsky.

But tl;dr anything said on those phones is assumed to be compromised until proven otherwise by time or a whole lot of very interesting security verifications. So far the evidence that this is a very large leak looks probable based on the evidence presented.
2 comments
dang 413 days ago
(this was originally a reply to https://news.ycombinator.com/item?id=43890827 but since it's an on-topic comment, I moved it to the merged thread)
link
croemer 413 days ago
Why do you say "everything said on those phones" - did you mean "on this app"? If the backend of an app was compromised, that wouldn't mean the phone itself was rooted?
link
Zak 413 days ago
It is reasonable to assume that the intelligence services of unfriendly countries are actively devoting significant resources to compromising both issued and personal phones of top-level officials in the US government. They would be negligent not to. It's also a good guess that those efforts would be increased after the first time it became public knowledge the officials were likely using those phones for secret official business.

It is also reasonable to guess that such services have access to malware similar to the infamous Pegasus and a nonzero success rate at deploying it. In short, it's careless to assume none of the phones aren't rooted by a hostile actor.

That's one of several reasons the government has rules requiring that classified conversations take place on specific approved devices which aren't used for anything else.

link
be_erik 413 days ago
By installing MDM you’re effectively chaining your security to the security of the MDM. The MDM gives you the ability to install arbitrary code via a blessed backdoor. There’s no reason currently not to suspect that anything said on that phone (signal or not) is compromised.
link
croemer 413 days ago
The MDM admin can do whatever the user can do (or more), sure. So yes the MDM admin can potentially read/hear/see stuff, but everyone knows that. That's not a vulnerability, that's by design.

The compromise is only wrt the admin. Are you claiming the admin itself is compromised? What's the evidence for that?

link