Frédéric JacobsMar 25, 2025

When Signal was designed, our threat model was protecting the communications of civil society, journalists, just regular citizens ...

The threat model of military operations & sharing your hate of Europeans was not what Signal was designed for. Ephemeral messages and cryptographic deniability are not fit for communications that require accountability.
But I appreciate their effort to make government more efficient by adding journalists to the chat instead of requiring to go through FOIA.

Show threadFrédéric JacobsMar 27, 2025

Trump said “Signal could be defective, we're going to have to find out”.
And now we hear that Elon and DOGE are getting involved.

I don't know how to say this respectfully, but the go-to Elon person in DOGE for Cybersecurity doesn't seem at all up to the task. It's the person who designed the flawed encrypted DMs on X, which very much are defective ...

https://thehill.com/homenews/administration/5215547-white-house-asks-musk-investigate-signal/

Show threadSoatok DreamseekerMar 27, 2025
@fj I can't wait for Website Boy to conclude that Curve25519 is broken because Twitter chose P-256 instead, and no other basis for such an argument.
Show threadSophie Schmieg
@soatok @fj it is not FIPS! Of course it's insecure. Only FIPS can ever be secure. Or so I was told. /s
Mar 27, 2025 at 9:19amWeb