I guess “FBI infiltrated group of immigration activist” would be boring and not fitting the FUD about encrypted messaging…
Wouldn’t be surprised if they went undercover as a member and was just accepted to the group.
My guess as well. Historically, the FBI has spent substantial resources infiltrating groups deemed even the smallest threat to state power.
Lowest barrier to entry
Remember that most hacking is not done by breaking encryption and running code. It’s %100 social engineering. The weakest point is always a person.
This is why I don’t subscribe to the Signal E2EE hype cult.
The fact that Signal doesn’t hide the anonymity of its users, and forces everyone to use phone numbers is a huge red flag.
The FBI’s report from August, prepared by its New York division, does not make clear how the bureau accessed the Signal group
The question I’m most curious to have answered
Sounds like they joined a very large group chat as a member
The FBI, the documents show, gained access to conversations in a “courtwatch” Signal group that helps coordinate volunteer activists who monitor public proceedings at three New York federal immigration courts. The US government has repeatedly been accused of violating immigrants’ due process rights at those courts.
I’ve always felt like Signal isn’t half as secure as it claims to be, and articles like this don’t help that feeling…
Why’s that exactly… who’s not to say they just joined the huge group undercover? Or randomly added to a sensitive group aka the journalist debacle a few months ago.
I’m literally just talking, giving an opinion. Nothing was that fucking deep, just talking about my feelings about how a supposedly secure encrypted website was infiltrated by the motherfucking FBI…
And I’m downvoted? Fucking why? Every day Lemmy gets a little more like Reddit. Shit like this is why the numbers go down. Just spread that negativity—make everyone feel like shit.
Downvote this while you’re at it! Fuck yall!
I don’t know who still needs to hear this, so I’m going to say it again for the people in the back.
Assume every form of communication you have is being spied on.
If you’re using an app like signal or similar, make sure you and everyone else in the chat has encryption enabled.
Verify the other users in the chat.
Do not plan any activity that could be considered a criminal enterprise on an electronic device with a connection to the internet.
This had nothing to do with encryption. 99.99% of breaches aren’t some pen hack, it’s social engineering of someone to gain access. You have all the best software and practices in place, but if the dumbass on the fourth floor decides that they’re gonna let someone in who’s called them from Microsoft, then it doesn’t matter.
They let the FBI into the chat because they don’t know opsec for shit.
I agree that you’re right. My thought was it was more likely that they socially engineered their way into getting invited to the chat.
This is why I said that a lot of people are the weakest link in their own secured communications networks.
I just got downvoted in the comments above for basically having the EXACT same sentiment. I fucking hate it here.
Yeah. I dunno man. I’m sorry.
But like. A lot of the time security/privacy fails like this are user-inflicted. Either because people don’t understand the apps and services they use, or because other people aren’t as vigilant about auditing their networks (the people, the hardware the software).
Fair point!
