this post was submitted on 26 Mar 2025

836 points (99.5% liked)

politics

22706 readers

3794 users here now

Welcome to the discussion of US Politics!

Rules:

Post only links to articles, Title must fairly describe link contents. If your title differs from the site’s, it should only be to add context or be more descriptive. Do not post entire articles in the body or in the comments.

Links must be to the original source, not an aggregator like Google Amp, MSN, or Yahoo.

Example:

Articles must be relevant to politics. Links must be to quality and original content. Articles should be worth reading. Clickbait, stub articles, and rehosted or stolen content are not allowed. Check your source for Reliability and Bias here.
Be civil, No violations of TOS. It’s OK to say the subject of an article is behaving like a (pejorative, pejorative). It’s NOT OK to say another USER is (pejorative). Strong language is fine, just not directed at other members. Engage in good-faith and with respect! This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban.
No memes, trolling, or low-effort comments. Reposts, misinformation, off-topic, trolling, or offensive. Similarly, if you see posts along these lines, do not engage. Report them, block them, and live a happier life than they do. We see too many slapfights that boil down to "Mom! He's bugging me!" and "I'm not touching you!" Going forward, slapfights will result in removed comments and temp bans to cool off.
Vote based on comment quality, not agreement. This community aims to foster discussion; please reward people for putting effort into articulating their viewpoint, even if you disagree with it.
No hate speech, slurs, celebrating death, advocating violence, or abusive language. This will result in a ban. Usernames containing racist, or inappropriate slurs will be banned without warning

We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.

All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.

That's all the rules!

Civic Links

• Register To Vote

• Citizenship Resource Center

• Congressional Awards Program

• Federal Government Agencies

• Library of Congress Legislative Resources

• The White House

• U.S. House of Representatives

• U.S. Senate

Partnered Communities:

• News

• World News

• Business News

• Political Discussion

• Ask Politics

• Military News

• Global Politics

• Moderate Politics

• Progressive Politics

• UK Politics

• Canadian Politics

• Australian Politics

• New Zealand Politics

founded 2 years ago

MODERATORS

[email protected]

836

The Atlantic releases the entire Signal chat showing Hegseth's detailed attack plans against Houthis (apnews.com)

submitted 1 week ago by [email protected] to c/[email protected]

114 comments fedilink hide all child comments

(page 3) 17 comments

sorted by: hot top controversial new old

[–] [email protected] 15 points 1 week ago (2 children)

At 11:44 a.m. eastern time, Hegseth posted in the chat, in all caps, “TEAM UPDATE:”

The text beneath this began, “TIME NOW (1144et): Weather is FAVORABLE. Just CONFIRMED w/CENTCOM we are a GO for mission launch.” Centcom, or Central Command, is the military’s combatant command for the Middle East. The Hegseth text continues:

•“1215et: F-18s LAUNCH (1st strike package)”

•“1345: ‘Trigger Based’ F-18 1st Strike Window Starts (Target Terrorist is @ his Known Location so SHOULD BE ON TIME – also, Strike Drones Launch (MQ-9s)”

Let us pause here for a moment to underscore a point. This Signal message shows that the U.S. secretary of defense texted a group that included a phone number unknown to him—Goldberg’s cellphone—at 11:44 a.m. This was 31 minutes before the first U.S. warplanes launched, and two hours and one minute before the beginning of a period in which a primary target, the Houthi “Target Terrorist,” was expected to be killed by these American aircraft. If this text had been received by someone hostile to American interests—or someone merely indiscreet, and with access to social media—the Houthis would have had time to prepare for what was meant to be a surprise attack on their strongholds. The consequences for American pilots could have been catastrophic.

The Hegseth text then continued:

•“1410: More F-18s LAUNCH (2nd strike package)”

•“1415: Strike Drones on Target (THIS IS WHEN THE FIRST BOMBS WILL DEFINITELY DROP, pending earlier ‘Trigger Based’ targets)”

•“1536 F-18 2nd Strike Starts – also, first sea-based Tomahawks launched.”

•“MORE TO FOLLOW (per timeline)”

•“We are currently clean on OPSEC”—that is, operational security.

•“Godspeed to our Warriors.”

load more comments (2 replies)

[–] [email protected] 13 points 1 week ago (5 children)

Can't the US government host it's own encrypted chatroom or something

[–] [email protected] 18 points 1 week ago (1 children)

No way! Private companies are always better than government ones! /s

[–] [email protected] 7 points 1 week ago

Buttery Males?

load more comments (4 replies)

[–] [email protected] 68 points 1 week ago (4 children)

Signal is a publicly available app that provides encrypted communications, but it can be hacked.

This is misleading statement that will only confuse people who want to use a secure messenger.

To clear things up with anyone who's not technically inclined: Anything can be theoretically hacked. Signal has not been hacked and has no history of being compromised.

The Signal "hacks" that linked people's Signal client to devices that aren't theirs were sophisticated phishing/spoofing attacks. The equivalent of getting someone to click a malicious link via email because it looked like the real thing.

A reminder that you still need to do your due diligence even when using a secure service. Technology alone cannot completely protect you.

load more comments (4 replies)

[–] [email protected] 17 points 1 week ago (3 children)

I will say a prayer for perjury convictions 🙏

load more comments (3 replies)

[–] [email protected] 168 points 1 week ago* (last edited 1 week ago) (22 children)

I’m watching the hearing now. Democrats are ROASTING them and calling for their resignations, while Republicans are asking them about China and Mexico and praising their first months in position. It’s disgusting.

The NSA explicitly advised them all against the use of Signal back in February, citing recent breaches of the platform by Russian hackers. Two of them were in Moscow at the time the strikes were communicated, one being Gabbard, the Director of National Intelligence.

Edit: The lottery assigned Judge Boasberg to their trial. It’s a good day.

load more comments (22 replies)

[–] [email protected] 114 points 1 week ago (6 children)

Signal itself is not vulnerable. This article needs to correct itself. Signal is only vulnerable if the DEVICE THAT USES IT is compromised. Using devices that can be compromised is the issue here. Do not use that device to discuss anything confidential if you are in the government.

This is not Signal's fault at all.

[–] [email protected] 5 points 1 week ago (3 children)

Signal itself is not vulnerable. This article needs to correct itself. Signal is only vulnerable if the DEVICE THAT USES IT is compromised.

I think the description of vulnerability is subjective in this case. It could be that signal is inherently more vulnerable than official channels, as Signal is a private corporation that has no motivation to disclose any failures in their security.

I don't think the article is trying to blame Signal in any way, it's just not the proper communication channel and thus utilizing it is an inherent vulnerability no matter how secure their encryption may be.

[–] [email protected] 18 points 1 week ago* (last edited 1 week ago)

I think the description of vulnerability is subjective in this case.

No, it really isn't. The Signal protocol enables E2EE, meaning you don't have to worry about the server infra (that is, even if you don't buy that they're using the FOSS server code they say they are, it's irrelevant). The Signal protocol is open and has been examined forwards and backwards over and over by security researchers around the world. I can't emphasize how many eyes are on this protocol because of how prolifically used it is, including by government officials worldwide. The app is FOSS, and like the protocol, it has a ton of eyes on it for the same reason. The app is a reproducible build, meaning that if Signal baited you with a fake app, it would be found out immediately.

It could be that signal is inherently more vulnerable than official channels, as Signal is a private corporation that has no motivation to disclose any failures in their security.

They're a corporation, sure, but in the sense that they're a 501(c)(3), not a for-profit. Signal would have every incentive to disclose a failure in "their security" (where here that means their app or the protocol; again, what's happening on the servers literally, provably, mathematically doesn't matter). For a privacy org like this, it's in their best interest to immediately report any problems that might compromise privacy.

I don't think the article is trying to blame Signal in any way, it's just not the proper communication channel

Agreed. But here, I agree it's not the proper channel 1) because it's on their personal devices which the person you're responding to clearly stated and 2) a Signal chat (likely intentionally on their part) bypasses crucial records keeping laws. A known vuln for example is if someone has access to your phone, they can link their own personal device and read your messages as they come up. But again, that requires access to your phone, which becomes problematic if and only if you're using your own personal device rather than a secure government one.

and thus utilizing it is an inherent vulnerability no matter how secure their encryption may be.

No. Again, that's not an inherent vulnerability. Using it on their personal devices is, but unless you can come up with a vulnerability in the app itself or the protocol itself, then you're just agreeing with the person you're replying to.

[–] [email protected] 7 points 1 week ago* (last edited 1 week ago) (1 children)

Signal is a publicly available app that provides encrypted communications, but it can be hacked. It is not approved for carrying classified information. On March 14, one day before the strikes, the Defense Department cautioned personnel about the vulnerability of Signal, specifically that Russia was attempting to hack the app, according to a U.S. official who was not authorized to discuss the matter publicly and spoke on the condition of anonymity.

One known vulnerability is that a malicious actor, with access to a person’s phone, can link his or her device to the user’s Signal and essentially monitor messages remotely in real time.

This reads to me like Signal has weaknesses. Also, just so everyone is aware:

The Signal Technology Foundation, commonly known as the Signal Foundation, is an American Non-profit organization founded in 2018 by Moxie Marlinspike and Brian Acton. Its mission is to "protect free expression and enable Secure communication through Open source Digital privacy". Its subsidiary, Signal Messenger LLC, is responsible for the development of the Signal messaging app and the Signal Protocol.

Signal is an open-source, encrypted messaging service for instant messaging , voice calls, and video calls . The instant messaging function includes sending text, voice notes, images, videos, and other files. Communication may be one-to-one between users or may involve group messaging.

load more comments (1 replies)

[–] [email protected] 80 points 1 week ago (5 children)

There is no doubt in my mind that their phones are compromised.

[–] [email protected] 78 points 1 week ago (9 children)

They’re refusing to use government issued devices. They’re all using personals. This was an issue last time around, too. There’s a whole fucking division of the government (that I’m sure they’re hollowing out now) whose job it is to make sure people who need secure devices have them and use them.

load more comments (9 replies)

load more comments (4 replies)

[–] [email protected] 109 points 1 week ago (2 children)

Vance responded a minute later: “Excellent.” Thirty-five minutes after that, Ratcliffe, the CIA director, wrote, “A good start,” which Waltz followed with a text containing a fist emoji, an American-flag emoji, and a fire emoji.

You cannot make this shit up

[–] [email protected] 69 points 1 week ago* (last edited 1 week ago)

They're like a bunch of frat boys trying to outdo each other in their edgy hot take. They're creating their own tiny echo chamber where it is cool to hate on other Western countries and admire Russia.

[–] [email protected] 47 points 1 week ago (2 children)

👊🇺🇸🔥

[–] [email protected] 17 points 1 week ago* (last edited 1 week ago) (3 children)

'MURICA!

load more comments (3 replies)

load more comments (1 replies)

load more comments