Stories like this are why we started the gospl.chat project I've been part of.
Most so called “secure” systems sabotage themselves not by accident, but because of compromises. There's always an attempt to “secure the system” for the system which often results in architectures that fail the people they're supposed to protect. Industry headliners often focus on encryption protocols, but E2EE alone doesn’t guarantee safety. If a user or business finds themselves in a life-threatening situation most messaging platforms will do nothing to protect them and may even become part of the threat. We approached gospl.chat from the opposite direction - modeled real world threats and built a communication system that minimizes the risk of harm, even in worst-case scenarios.
Security isn’t just about math. It’s about context. It’s about the environment where an app is used and how it behaves when things go wrong. Our goal isn’t to win a crypto audit. It’s to make sure no one loses their freedom, safety, or life because of a message.
No, the point is for the government to have access the plaintext after it is securely delivered to an approved archive location, not TeleMessage having access on AWS-hosted servers exposed to the public internet.
TeleMessage pitched their service as using end-to-end encryption of the message into the corporate archive.
> End-to-End encryption from the mobile phone through to the corporate archive
Apparently the plaintext messages were going to a TeleMessage server on AWS (not an approved government archive location) that was publicly accessible. Naturally it was hacked.
Presumably, in the spectrum of secure network protocols, something exists between "delete the message before it can leave this machine" and "send this message to a cloud provider and have them email it in plain text to another cloud provider".
It's supposed to be available in plaintext to the end customer (government), at their secured archive, but not available in plaintext to TeleMessage.
>TeleMessage lies about this in their marketing material, claiming that TM SGNL supports "End-to-End encryption from the mobile phone through to the corporate archive."
Surely someone of your expertise and renown recognizes this difference.
The point is making SecDef's communications, including scramble orders, available to whoever can find a TeleMessage employee who will cave to a bribe or blackmail?
It’s probably against the rules to self-link old comments. And it’s hard to be remotely proud about having a good take on this news as it unfolded.
However, when this first broke, select HN users were claiming this was OPSEC 4D chess and not deeply irresponsible cybersec practices.
That was a terrible take then, and it’s a terrible take now.
Clear as day when this started there was a nasty vendor supply chain risk lurking, and if it was 4D cybersec chess it was done by some absolute muppets.
I'd find it useful if I could access my Signal chat logs in plaintext. The software offers no facility to do this on any platform, and on Desktop the programs that have allowed me to take proper backups are (by necessity) a moving target because of changes to the database, so I am constantly having to get around to updating them and occasionally even that's a pain.
It'd also be useful if backups on Android actually streamed somewhere off the phone so they could be meaningfully appended to, kept. Or handled per channel (i.e. my baby pictures channel with family).
Why bother hacking your phone and installing a keylogger when we can convince your IT department to buy it and install it for your entire team. Have to say, this is pretty epic.
For anyone else confused, "Krebs" in this context refers to Chris Krebs[0, 1], former Director of the US Cybersecurity and Infrastructure Security Agency.
Chris Krebs is unrelated to Brian Krebs of Krebs on Security.
And still there is ample support for the administration, also here. I am curious how much of it is through cognitive dissonance and how much not thinking too hard about the stuff a particular supporter don't like, and how much of it is with eyes open, embracing the crazy and the incompetence for some "higher goal" whatever that may be.
(It also probably is very different, all from "own the libs" through "escalate the second coming of Christ" or any combination thereof.)
This may be a factual but not truthful article. This was initially framed to appear like the Trump Administration was doing something out of the ordinary by using Signal. There were also accusations that they were using Signal's disappearing message feature to conceal their activities from the authorities, and that they were breaking the Presidential Records Act, etc. Now it's revealed that they are using a version that actually archives all the messages to be compliant with the law and individual Agency policies. The new theory is that the Trump Administration is doing something especially nefarious by archiving the messages and/or they are doing it insecurely and they are controlled by Israel.
First and foremost, the Signal infrastructure was setup in most cases by the previous administration! Even a cursory search of USA Spending reveals millions were spent on telemessage before Trump was elected. https://www.usaspending.gov/search?hash=d900bda0a5eccae47ba7... I'm not a journalist, but look for yourself.
As for accusations that what the Biden Administration procured and configured is insecure: it's not. TeleMessage has a configuration approved for CUI that integrates with GCC-high (IL4) and O365 DoD (IL5). Thus they are fine to collect and archive unclassified CUI, ITAR, NSS data, command and control/ISR, tactical data, etc.
"TeleMessage can go a long way in enabling regulatory compliance by working with Microsoft to capture, archive, and maintain text messages, voice calls, and other files, leading to stress-free adherence to all the security controls required as per FedRAMP. Crucially, the mobile archiver supports Microsoft 365 Government Community Cloud, Government Community Cloud High, and Department of Defense solutions across all devices, carriers, and instant messengers.
Federal agencies and contractors can issue their own phones to personnel or have their employees use their own BYOD devices because TeleMessage can still securely retain all the communication within its servers or have it forwarded to a data storage vendor of choice. There is also the option of cross-carrier and international mobile text and calls archiving." -- https://web.archive.org/web/20250502041804/https://www.telem...
So far they're good in theory. They decrypted messages are transmitted in at least 1 encrypted wrapper (TLS) to mobile archiver, then ultimately landing in the DoD Azure cloud environment. The question is whether the whole chain after the phone is in the DoD environment, or if it routes through Telemessage's systems.
If you look at the hack (https://archive.ph/yyyLg), initially it leads you to believe that the message archiver doesn't live in the DoD environment and instead lives in AWS commercial or some lesser rated cloud. I think this is only true some of the time. Note in the hack, they only have messages from CPB. They don't appear to have any .mil, cia.gov, eop.gov, etc. CBP doesn't have access to the IL5 DoD Tenant in the first place and their archiver is likely hosted in AWS Commercial or AWS East/West (IL2).
Frankly, I don't think that any of the higher sensitivity organizations will be routing through a TeleMessage controlled server, or any server lower than IL4. They host that piece on their own infrastructure.
Without more technical details about telemessage it isn't clear how archive servers are actually selected by the app, where they are hosted, or how they are secured.
For example, while it's possible that DoD phones would only connect to Signal via proxies from within a VPN to a private network, direct Internet connectivity could lead to a potential leak of archived messages to any Internet-connected telemessage server if the app is misconfigured or the wrong app installed.
Given the debug logs shown by the attacker it sounds like the archive server has vulnerabilities exploitable over any connected network which wouldn't protect self-hosted version in govcloud from exploitation from within those networks.
[+] [-] mersorion|10 months ago|reply
[+] [-] dang|10 months ago|reply
Technical analysis of the Signal clone used by Trump officials - https://news.ycombinator.com/item?id=43875476 - May 2025 (313 comments)
[+] [-] ChrisArchitect|10 months ago|reply
https://news.ycombinator.com/item?id=43865103
[+] [-] tptacek|10 months ago|reply
[+] [-] Aurornis|10 months ago|reply
TeleMessage pitched their service as using end-to-end encryption of the message into the corporate archive.
> End-to-End encryption from the mobile phone through to the corporate archive
Apparently the plaintext messages were going to a TeleMessage server on AWS (not an approved government archive location) that was publicly accessible. Naturally it was hacked.
[+] [-] hedora|10 months ago|reply
[+] [-] ziddoap|10 months ago|reply
>TeleMessage lies about this in their marketing material, claiming that TM SGNL supports "End-to-End encryption from the mobile phone through to the corporate archive."
Surely someone of your expertise and renown recognizes this difference.
[+] [-] Dylan16807|10 months ago|reply
On top of that the company TeleMessage has access, and that is bad.
[+] [-] JumpCrisscross|10 months ago|reply
The point is making SecDef's communications, including scramble orders, available to whoever can find a TeleMessage employee who will cave to a bribe or blackmail?
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] dogman144|10 months ago|reply
However, when this first broke, select HN users were claiming this was OPSEC 4D chess and not deeply irresponsible cybersec practices.
That was a terrible take then, and it’s a terrible take now.
Clear as day when this started there was a nasty vendor supply chain risk lurking, and if it was 4D cybersec chess it was done by some absolute muppets.
Bad setups get exploited in natsec.
A bad setup exploited.
Sounds like a brutal US natsec leak is brewing.
[+] [-] whatshisface|10 months ago|reply
[+] [-] metadat|10 months ago|reply
It's not against the rules to link past comments - in fact it's preferred to repeating the same or similar content across stories.
At the same time, does 'look, I had the right take once in the past' make for interesting conversation? I'm keen to see it unfold!
[+] [-] proactivesvcs|10 months ago|reply
[+] [-] JumpCrisscross|10 months ago|reply
I'd probably also find it useful if I could access your Signal chat logs in plaintext. That's the problem.
[+] [-] XorNot|10 months ago|reply
[+] [-] nicbou|10 months ago|reply
It's usually impossible to regularly export your chats to a machine you own in a format you can use. Same with photo apps.
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] aeontech|10 months ago|reply
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] csours|10 months ago|reply
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] fnordpiglet|10 months ago|reply
[+] [-] mtlynch|10 months ago|reply
Chris Krebs is unrelated to Brian Krebs of Krebs on Security.
[0] https://en.wikipedia.org/wiki/Chris_Krebs
[1] https://www.whitehouse.gov/fact-sheets/2025/04/fact-sheet-pr...
[+] [-] actionfromafar|10 months ago|reply
(It also probably is very different, all from "own the libs" through "escalate the second coming of Christ" or any combination thereof.)
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] khaki54|10 months ago|reply
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] mmooss|10 months ago|reply
A large portion of HN's commenters wouldn't make this mistake in a quickly written offhand comment.
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] Zambyte|10 months ago|reply
[deleted]
[+] [-] asadm|10 months ago|reply
[deleted]
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] chipsrafferty|10 months ago|reply
[deleted]
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] theyknowitsxmas|10 months ago|reply
[+] [-] woah|10 months ago|reply
[+] [-] freen|10 months ago|reply
[+] [-] unknown|10 months ago|reply
[deleted]
[+] [-] felishiagreen12|10 months ago|reply
[deleted]
[+] [-] khaki54|10 months ago|reply
First and foremost, the Signal infrastructure was setup in most cases by the previous administration! Even a cursory search of USA Spending reveals millions were spent on telemessage before Trump was elected. https://www.usaspending.gov/search?hash=d900bda0a5eccae47ba7... I'm not a journalist, but look for yourself.
As for accusations that what the Biden Administration procured and configured is insecure: it's not. TeleMessage has a configuration approved for CUI that integrates with GCC-high (IL4) and O365 DoD (IL5). Thus they are fine to collect and archive unclassified CUI, ITAR, NSS data, command and control/ISR, tactical data, etc.
"TeleMessage can go a long way in enabling regulatory compliance by working with Microsoft to capture, archive, and maintain text messages, voice calls, and other files, leading to stress-free adherence to all the security controls required as per FedRAMP. Crucially, the mobile archiver supports Microsoft 365 Government Community Cloud, Government Community Cloud High, and Department of Defense solutions across all devices, carriers, and instant messengers.
Federal agencies and contractors can issue their own phones to personnel or have their employees use their own BYOD devices because TeleMessage can still securely retain all the communication within its servers or have it forwarded to a data storage vendor of choice. There is also the option of cross-carrier and international mobile text and calls archiving." -- https://web.archive.org/web/20250502041804/https://www.telem...
So far they're good in theory. They decrypted messages are transmitted in at least 1 encrypted wrapper (TLS) to mobile archiver, then ultimately landing in the DoD Azure cloud environment. The question is whether the whole chain after the phone is in the DoD environment, or if it routes through Telemessage's systems.
If you look at the hack (https://archive.ph/yyyLg), initially it leads you to believe that the message archiver doesn't live in the DoD environment and instead lives in AWS commercial or some lesser rated cloud. I think this is only true some of the time. Note in the hack, they only have messages from CPB. They don't appear to have any .mil, cia.gov, eop.gov, etc. CBP doesn't have access to the IL5 DoD Tenant in the first place and their archiver is likely hosted in AWS Commercial or AWS East/West (IL2).
Frankly, I don't think that any of the higher sensitivity organizations will be routing through a TeleMessage controlled server, or any server lower than IL4. They host that piece on their own infrastructure.
[+] [-] benlivengood|10 months ago|reply
For example, while it's possible that DoD phones would only connect to Signal via proxies from within a VPN to a private network, direct Internet connectivity could lead to a potential leak of archived messages to any Internet-connected telemessage server if the app is misconfigured or the wrong app installed.
Given the debug logs shown by the attacker it sounds like the archive server has vulnerabilities exploitable over any connected network which wouldn't protect self-hosted version in govcloud from exploitation from within those networks.
[+] [-] ceejayoz|10 months ago|reply
That's likely also true for the phones on their desks.
You're still not allowed to call me up and disclose in advance the battle plans for an attack on Yemen on your phone, though.
[+] [-] yapyap|10 months ago|reply