from Hacker News

CIA Director Reveals Signal Comes Installed on Agency Computers

by jbegley on 3/26/25, 2:02 AM with 99 comments

  • by jandrewrogers on 3/26/25, 2:26 AM

    A lot of tech people here are obviously unfamiliar with the history of this. They used to use Gmail for nominally unclassified communication. Several years ago they unceremoniously dropped Gmail for all purposes, without much explanation. It was mostly replaced with Signal.

    I originally started using Signal almost entirely as a side effect of this transition. It was blessed as a preferred choice of the US intelligence community for unclassified comms many years ago. And a lot of classified comms if we are honest. If you worked in the US government, you needed Signal.

    This isn’t a value judgement, just an acknowledgement of reality. Given this, it would be weird if they didn’t have Signal installed.

  • by epistasis on 3/26/25, 2:37 AM

    Signal can be used to arrange meetings, but secret materials like war plans need to be in SCIFs

    Everybody that saw that usage of Signal and didn't shut it down should face the normal consequences, in addition to the consequences that a leader undergoes for such terrible decision making.

  • by colmmacc on 3/26/25, 2:45 AM

    I'm not saying this in humor, I'm genuinely curious ... how do they handle Signal's absence of FIPS validation and FedRamp certification? Signal isn't even capable of being FIPS validated, the core cryptography is off NIST piste.

  • by jaysonelliot on 3/26/25, 2:30 AM

    Does this mean the CIA is not subject to the Federal Records Act, or does it mean they're simply flaunting the law?

  • by czk on 3/26/25, 2:22 AM

  • by bediger4000 on 3/26/25, 2:33 AM

    This is just an attempt at damage control over the Goldberg-in-the-chat thing, isn't it?

  • by lenerdenator on 3/26/25, 2:30 AM

    Nice feather in the cap.

    But do they send the really sensitive stuff over it?

    Or, rather, do the competent people send really sensitive stuff over it?

  • by rich_sasha on 3/26/25, 7:41 AM

    Serious question: how would it be different if JD etc al used a "proper" secure comms app? Perhaps it would be harder to add a random journalist, but they could still accidentally add the wrong government official (maybe).

  • by monocasa on 3/26/25, 3:57 PM

    Reminder that the CIA funded Signal in the first place through the National Endowment for Democracy.

  • by raggi on 3/26/25, 3:16 AM

    dedramp