Hacker News new | past | comments | ask | show | jobs | submit login
DOJ says encrypted Signal messages used to charge Oath Keepers leader (cnbc.com)
77 points by nsxwolf 5 days ago | hide | past | favorite | 24 comments

I would assume the most likely explanation is an informant was included in the Signal conversations and forwarded the contents along. I wonder if we will get an official statement from Signal.

Isn't this the case where there were more informants and undercover agents than there were actual group members?

When you have multiple sources receiving (ie they are the intended recipients) decrypted messages that corroborate each other, the encryption aspect probably becomes all but moot.

Not sure about this one, but there are questionable actions taken by informant insiders that many might consider entrapment. We've seen this with terrorist cases and more recently with the kidnapping the governor case. Would these people have gone as far as they did without the encouragement and material support of the agencies and informants? Who knows

Not sure it's more informants, but they do seem to use more than one

No. Good conspiracy though.

You mean "conspiracy theory", right?

No, that was the plot against governor Whitmer.

Forwarded...or simply handed over their phone (after unlocking it) later as part of a plea deal.

I think Signal provides deniable authentication, i.e. you can forge messages which cannot be distinguished from a real conversations. I wonder if it has any impact legally speaking, but I guess it would not matter unless there's evidence of tampering.

Signal uses sender certificates and end to end signing the messages. Even if you don't set a pin to enable registration lock and someone steals your phone number temporarily without you noticing and they know who to send the forged messages to everyone will get a big warning message about the key being changed and to verify it's the other person.

Unless you just mean completely invent evidence on a controlled device in which case sure just edit the local message database like you would anything.

I'm referring to this cryptographic property: https://en.wikipedia.org/wiki/Deniable_authentication

which means that once a message is received you cannot re-authenticate it, so evidence on any device is no better than with unencrypted messaging. This is in contrast with classic public key authentication like PGP which provides further evidence that the message is legit and was indeed sent by who it says.

Surprised this post doesn't have more traction. I guess it's because the subject of the investigation. But we should really be focusing on the privacy aspect.

Assuming the Signal protocol itself wasn't compromised, this illustrates why it is important to use expiring messages if your goal is privacy.

Any device involved in the conversation could have been compromised. In that case the entire message history would be intact.

Expiring messages don't completely solve the problem but it can drastically reduce the amount of information available.

This lawyer explains this whole thing, and touches on a the signal messages a little, I interpret what he said as he thinks someone was in the group from the government, but it's not totally clear: https://www.youtube.com/watch?v=NiCAFV_XBGc

That could explain the group chats sure but there are also a couple references to a message and the content from person A to person B.

So did the government come into possession of those messages by getting a warrant for the phones and discovering the messages post fact or is there some indication that the government was legally (or illegally) intercepting the messages over the wire?

Either the Feds have compromised Signal's encryption scheme, OR they compromised one of the two people's phones, OR they just got one of the two people to flip and give them access to the message history.

I certainly know which one I think is likely.

Interesting. It appears they intercepted audio as well? I see use of [unintelligible] in one place:

"Get it, Jess. Do your fucking thing. This is what we fucking [unintellgible] up for. Everything we fucking trained for."

I'm pretty sure that particular clip came from a Zello chat room. On The Media did a great episode on work they did listening in on these rooms leading up to January 6, and they handed over all of their recordings to the FBI.


Signal includes audio recordings. You just press and hold down the microphone icon.

The only technical solution, not that I have any first hand knowledge of this, would be a remote desktop server running in the secure enclave. Basically everything you do on your phone can be viewed remotely by law enforcement and it seems they only need a warrant if they want to try to use it against you in court. 60 frame per second updates on most iPhone screens, means when connected, it takes 1 frame out of 60, combines each of the 59 frames and sends those over to the secure enclave kernel. Basically just like remote desktop operates. There are other debugging features that can be enabled for the virtual keyboards and so on that can leak information.

Sure, you have end to end encryption but that's hardly all of the threat vector.

People need to accept that it's far more than metadata, we have no privacy, and in a way we are all locked inside of these virtual jails that keep people locked in like drug addicts.

Not without a warrant.

Good conspiracy though.

Ohhh, you sound so confident! Give it some time…

Surely you mean "conspiracy theory"?

Signal, along with ALL messaging apps/protocols are only secured by the weakest link.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact