That is what I assumed as well. In both the current and previous admins.
But as more details come out about the current admins use of signal, this appears to not be the case.
They are using a shitty third party patched version of signal specifically designed to archive messages.
Leaving aside the security issues with the version they are using and the lack of public facing policy, the use of a Signal variant that archives chats is a reasonable compromise.
Instead of walling off users, creating a barrier to use and therefore extensive bypassing of the security standards, they have met users where they are and provided them with what the user cannot distinguish from official signal. This allows them to interface internally and externally through signal, preserving records and maintaining a much better level of security than the other options.
This represents a huge breach of trust between external parties and government signal users, but most of the government signal users are probably completely unaware that it's being logged.
My issue is not that they are using Signal. I think it's one of the better options. My issue is that they use a shitty version of it when there should be an in house maintained version for government use.
But as more details come out about the current admins use of signal, this appears to not be the case.
They are using a shitty third party patched version of signal specifically designed to archive messages.
Leaving aside the security issues with the version they are using and the lack of public facing policy, the use of a Signal variant that archives chats is a reasonable compromise.
Instead of walling off users, creating a barrier to use and therefore extensive bypassing of the security standards, they have met users where they are and provided them with what the user cannot distinguish from official signal. This allows them to interface internally and externally through signal, preserving records and maintaining a much better level of security than the other options.
This represents a huge breach of trust between external parties and government signal users, but most of the government signal users are probably completely unaware that it's being logged.
My issue is not that they are using Signal. I think it's one of the better options. My issue is that they use a shitty version of it when there should be an in house maintained version for government use.