Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

everyone else in the chat is responsible for not shutting it down


Yeah, ultimately they are all morons.

If I was on Slack at work and someone tried sharing secrets I would immediately say hey, we have protocols for this. Now we have to rotate keys. Please follow the protocols. Let’s walk you through it if you don’t remember. Etc.

And those are just API keys or similar data. We take it seriously because 1. It actually matters and 2. The habit will save your ass when it counts. Make it a habit

These guys have not made security a habit. It doesn’t actually matter to these guys. That’s scary. This is so much more than access to my org’s AWS services.


If you worked for the Trump administration, you would then be fired for getting in the way of what he wants.


Sure they are all morons and culpable but still the largest failure is the person who leaked details.


There is something bigger at play when so many people make mistakes all at once. Considering the seriousness of the topic, wasn't there any sort of protocol or monitoring system that would alert them that the information is too privileged for that medium? I have seen ordinary institutions behave more sensibly. I don't have any experience in national security matters. But even as a tech professional, I would expect at least one dedicated official to be watching the channel for compliance. How does such an experienced institution make such fundamental mistakes?


> But even as a tech professional, I would expect at least one dedicated official to be watching the channel for compliance.

The group already had the supposed who's who of dedicated security professionals .. as appointed by Trump admin, of course.

Vice President JD Vance, senior White House staff, three Cabinet secretaries, and the directors of two Intelligence Community agencies.

Oh, and Marco Rubio .. the actual "acting archivist of the United States" responsible for ensuring that such conversation chains are preserved for posterity and not auto discarded on Signal.

~ https://en.wikipedia.org/wiki/United_States_government_group...

Speaking from an allied five eyes perspective .. it was an amateur hour clown show of epic proportions.

Followed up by Trump trashing America’s intelligence capability on the say so of a far-right conspiracy theorist and 9/11 truther.


I don’t disagree, but I think GP means someone who is not a political appointee, like the non-partisan national security officers whose role is basically exactly what GP discussed. I don’t know if it’s usual for NSC officers to be included in these kinds of chats that are ostensibly just for coordinating secure meetings between principals though - maybe it should be


Sure, the equivilant of a professional court reporter with a standards enforcing role ... but that was never ever going to be a thing on a non SCIF casual signal group setup to gossip and swap fire emoji's outside of the official chain of defence command ...


Humor me here, but i thought using e2e encryption was less bad than other forms of communication




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: