this post was submitted on 25 Mar 2025

277 points (96.9% liked)

World News

44649 readers

4075 users here now

A community for discussing events around the World

Rules:

Rule 1: posts have the following requirements:
- Post news articles only
- Video links are NOT articles and will be removed.
- Title must match the article headline
- Not United States Internal News
- Recent (Past 30 Days)
- Screenshots/links to other social media sites (Twitter/X/Facebook/Youtube/reddit, etc.) are explicitly forbidden, as are link shorteners.
Rule 2: Do not copy the entire article into your post. The key points in 1-2 paragraphs is allowed (even encouraged!), but large segments of articles posted in the body will result in the post being removed. If you have to stop and think "Is this fair use?", it probably isn't. Archive links, especially the ones created on link submission, are absolutely allowed but those that avoid paywalls are not.
Rule 3: Opinions articles, or Articles based on misinformation/propaganda may be removed. Sources that have a Low or Very Low factual reporting rating or MBFC Credibility Rating may be removed.
Rule 4: Posts or comments that are homophobic, transphobic, racist, sexist, anti-religious, or ableist will be removed. “Ironic” prejudice is just prejudiced.
Posts and comments must abide by the lemmy.world terms of service UPDATED AS OF 10/19
Rule 5: Keep it civil. It's OK to say the subject of an article is behaving like a (pejorative, pejorative). It's NOT OK to say another USER is (pejorative). Strong language is fine, just not directed at other members. Engage in good-faith and with respect! This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban.

Similarly, if you see posts along these lines, do not engage. Report them, block them, and live a happier life than they do. We see too many slapfights that boil down to "Mom! He's bugging me!" and "I'm not touching you!" Going forward, slapfights will result in removed comments and temp bans to cool off.

Rule 6: Memes, spam, other low effort posting, reposts, misinformation, advocating violence, off-topic, trolling, offensive, regarding the moderators or meta in content may be removed at any time.
Rule 7: We didn't USED to need a rule about how many posts one could make in a day, then someone posted NINETEEN articles in a single day. Not comments, FULL ARTICLES. If you're posting more than say, 10 or so, consider going outside and touching grass. We reserve the right to limit over-posting so a single user does not dominate the front page.

We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.

All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.

Lemmy World Partners

News !news@lemmy.world

Politics !politics@lemmy.world

World Politics !globalpolitics@lemmy.world

Recommendations

How to spot Misinformation and Propaganda

For Firefox users, there is media bias / propaganda / fact check plugin.

https://addons.mozilla.org/en-US/firefox/addon/media-bias-fact-check/

Consider including the article’s mediabiasfactcheck.com/ link

founded 2 years ago

MODERATORS

NewsAutoMod@lemmy.world

jordanlund@lemmy.world

Tenthrow@lemmy.world

little_cow@lemmy.world

lemmyAtom@lemmy.world

277

Kremlin targeting app at heart of White House group chat leaks (www.telegraph.co.uk)

submitted 1 day ago by zaxvenz@lemm.ee to c/world@lemmy.world

27 comments fedilink hide all child comments

all 28 comments

sorted by: hot top controversial new old

[–] skozzii@lemmy.ca 12 points 16 hours ago (1 children)

These boomers think Signal is safe because they use the word encrypted.

Can we please vote these clowns out and get some adults back in government?

[–] runiq@feddit.org 31 points 14 hours ago

Signal is pretty safe. They exploited a specific phishing vector and forged group chat invite links that also send conversation data to their own linked devices.

AFAICT this was a phishing attack, not an attack on Signal.

Disclaimer: I'm not endorsing the use of Signal for government information, which is supposed to be kept for the record.

[–] mhague@lemmy.world 27 points 19 hours ago* (last edited 19 hours ago)

As of March 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.0.3 using a zero-click exploit. While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps.

This is consumer grade spyware built by Israeli intelligence and loaned out to just about everyone. It's been around for a decade. Governments use this to hunt down activists and opposition party members.

This Signal leak is one hole in the colander. Sure, water will leak through that hole. But water will also leak through all the other holes. And the countries collecting that water have more than what NSO Group contracts out.

[–] disguy_ovahea@lemmy.world 108 points 23 hours ago (1 children)

It’s ok. The US government decided Russia isn’t a cyberthreat anymore.

https://www.theguardian.com/us-news/2025/feb/28/trump-russia-hacking-cyber-security

[–] JasonDJ@lemmy.zip 18 points 23 hours ago

It could also be someone sitting on their bed that weighs 400 pounds

[–] sylver_dragon@lemmy.world 81 points 1 day ago* (last edited 1 day ago) (2 children)

Uh, no shit. State backed espionage groups are targeting the communications channels used by their primary targets. What are you going to tell me next? That water is wet and fire is hot? If the US government started using IP over Avian Carrier (RFC1149) you can bet that the GRU would start up a program to intercept the carriers.

[–] Darkassassin07@lemmy.ca 43 points 1 day ago (2 children)

It's not a surprise Russia and friends are attacking the platform; it's surprising the Whitehouse is using it for official communications. (or at least it would be, if the WH wasn't occupied by nazi tech bros...)

[–] LastYearsIrritant@sopuli.xyz 15 points 22 hours ago

Additionally, they're likely using it on their personal, insecure phones, on insecure networks.

There's whole layers of security being bypassed here.

[–] sapetoku@sh.itjust.works 3 points 22 hours ago (1 children)

It's a pretty good endorsement of the app!

[–] Aqarius@lemmy.world 2 points 17 hours ago

Honestly, yeah. IIRC, the Swedish military also advised using it.

[–] PrettyFlyForAFatGuy@lemmy.ml 14 points 1 day ago* (last edited 1 day ago) (1 children)

IPoAC. The ping is pretty slow, but the packet size is incredible

[–] Darkassassin07@lemmy.ca 4 points 1 day ago (4 children)

🤔 I wonder how much data a single bird could feasibly carry. Quite a bit more than when this standard was first thought up I'm sure. You can get some incredibly high capacity sd cards now.

[–] phar@lemmy.ml 1 points 11 hours ago

Its not a question of where it could grasp the data, it's a question of weight ratios

[–] lka1988@sh.itjust.works 3 points 16 hours ago* (last edited 16 hours ago)

I wonder how much data a single bird could feasibly carry

I imagine it's quite a lot. You already brought up high-capacity SD cards, so at that point it's figuring out how much weight the bird can carry in terms of 1TB SD cards or similar.

[–] AbidanYre@lemmy.world 14 points 23 hours ago

African or European swallow?

[–] evasive_chimpanzee@lemmy.world 3 points 23 hours ago (2 children)

Pretty much every time there have been head to head competitions between birds and wires, the birds have won.

[–] lka1988@sh.itjust.works 3 points 16 hours ago

The birds stand on the wires to mock their inferior bandwidth

[–] Aqarius@lemmy.world 3 points 17 hours ago* (last edited 17 hours ago) (1 children)

Yeah, it's not the bandwidth that's the problem, it's the ping.

Well, ping and packet loss.

[–] Albbi@lemmy.ca 2 points 13 hours ago* (last edited 13 hours ago)

I'd assume range too. Hard to go across the ocean by pigeon.

[–] RamblingPanda@lemmynsfw.com 21 points 23 hours ago

To be honest, I'm surprised they didn't use telegram.

[–] Paragone@lemmy.world 9 points 1 day ago* (last edited 1 day ago)

https://duckduckgo.com/?q=kremlin+targetting+signal+accounts&t=fpas&ia=web

it seems there's some real mechanism, involved in this..

Here's the best-quality information I could readily-find..

https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger

[–] zaxvenz@lemm.ee 6 points 1 day ago

Witkoff in Moscow when added to chat?

https://bsky.app/profile/olgalautman.bsky.social/post/3ll663snbc224

[–] arankays@lemmy.ca 6 points 1 day ago (3 children)

Even if they do get access to the chat logs, good luck brute forcing those encryption keys Putin!

[–] ramjambamalam@lemmy.ca 19 points 22 hours ago* (last edited 22 hours ago)

I can think of easier ways of compromising the data besides brute forcing the keys, off the top of my head, and I'm just some schmuck. Relevant XKCD: https://xkcd.com/538/

Compromise their endpoint with a malicious app on the app store.
Gain physical access to the device and compromise it. Use your imagination – pickpocket, traffic stop or customs inspection by a compromised agent, seduce them with a honeypot, etc.
Socially engineer them to mistakingly add you to their group chats.
SIM swap

Signal might be fine for journalists, criminals, cheating spouses, and general privacy when used properly with good OpSec but nation state adversaries have significantly greater resources than your average attacker, and thus require more significant security.

[–] alphadont@lemmy.ca 6 points 22 hours ago

Well, he just needs to get them to accidentally add his spy to their group chat. How hard can it be?

[–] jaybone@lemmy.world 1 points 22 hours ago

Wasn’t there a hacker group some years ago that released Signal binaries with backdoors that allowed attackers to read decrypted messages?