From Signal Pete To Deepfake Rubio: The Struggle To Bootstrap And Protect Trust

But Signal is secure, right? Right?

Well, sort of, at least theoretically, at least probabilistically, at least to a degree and in certain contexts… We might reasonably forgive the layperson for not fully appreciating such nuances given that Signal’s own home page currently reads confidently as follows…

Share Without Insecurity. State-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure. We can’t read your messages or listen to your calls, and no one else can either. Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time.

That sounds pretty good. In fact Signal is pretty good. I am, myself, a Signal user and it is my preferred platform for personal messaging and some business use cases. The efficacy of a given security system, however, hinges on the context in which it operates, and the threat models for my personal and business scenarios don’t even vaguely resemble the threat model for national security scenarios.

Let’s imagine two people in a personal context want to use Signal as securely as practical. How might they go about doing that? First they each acquire a phone — for the sake of argument we’ll say one from Apple and the other from Samsung. Then they each install Signal via their phone’s app store. Then, if they are playing on expert mode (which, frankly, most people aren’t), they get together and bootstrap their trust relationship, doing so by initiating contact with Signal via their phones and then validating in person the “safety number” that Signal computes as a pairing of cryptographic material from each participant. This “safety number” will remain fixed unless and until Signal gets reinstalled or installed on an additional device.

Group chats in Signal, meanwhile, start from this foundation, putting the onus on users to optionally verify a shared “safety number” with each participant, while layering on additional security that minimizes knowledge of group membership and limits members to seeing messages only from the window during which they were a member. To minimize server-side knowledge of group membership, Signal stores only an encrypted blob that it uses to perform a zero-knowledge check to see if a polling client is authorized to retrieve messages for the group, though we should note that this technique relies on the server not retaining information and perhaps correlating with network traffic. To prevent a member from reading messages that pre-date or post-date membership, meanwhile, the Signal protocol uses a per-sender key, scoped to each group, that evolves with usage and rotates whenever a group member departs.

The cryptographic protocols that Signal employs are clearly designed by serious professionals with deep consideration for use cases and threat models. Signal thus represents an excellent choice for many people across diverse contexts. These contexts, alas, do not include most national defense scenarios, where the extreme stakes and operational complexity result in powerful adversaries possessing the motivations, coupled with the means and methods, to undermine its security in practice.

That moment when Mike Walsh, erstwhile National Security Adviser of the current Trump administration, inadvertently invited Jeffrey Goldberg, editor at The Atlantic magazine, to a Signal group chat where an assortment of officials discussed impending airstrikes against Houthi rebels in Yemen, represents only the most cartoonishly buffoonish mistakes that one might make when using Signal, wherein somehow he (presumably) invited the wrong person and nobody else even noticed his addition, never mind checked a “safety number”. No adversary had to do anything even vaguely l337 in this case — he just committed an unforced error and spilled classified information to a journalist while multiple colleagues were too out-to-lunch to even notice. Imagine the possibilities if an adversary were actually putting some effort into this.

When in my own life I have had occasion to handle TS//SCI data — Top Secret Sensitive Compartmented Information — it has been on government information systems with multiple interlocking controls in play. Supply chain security protocols carefully vetted the hardware and software that was allowed to run on the classified network. The classified network was itself rigorously partitioned from the wider Internet to a degree that using SaaS products was an impossibility. The people allowed to access this network for any purpose were subjected to recurring and excruciating investigations. The credentials granted to log into such a network were obtained by physically going to a special identity verification office. Reaching a terminal where you could log into this system involved first passing through a vehicle control point that included guys with guns and vehicle traps followed by proceeding through multiple identification-requiring checkpoints on foot. Finally you would end up in a room where line-of-sight protected windows were tinted, walls were shielded against electromagnetic leakage, and desks were arrayed to prevent shoulder surfing. Anybody who played Fuck Around Find Out in this ecosystem would face the loss of their job and criminal prosecution.

Contrast this with the coterie of Trump officials using personal phones in unsecured spaces to discuss the details of imminent military operations as casually as if they were exchanging recipes or dumping on libs. The incentives to compromise this information were every bit as serious as the information protected by the previously described fortress and yet the diligence in evidence in protecting it was, by the standards applied to any rank-and-file civilian, contractor, or military employee, criminally negligent. Holding the highest officials to a double standard not only gravely imperils national security directly, but also indirectly — through spillover effects that range from widespread harm to morale to erosion of operational discipline. Any government that hopes to survive in the long run must not tolerate such cultural drift and consequent structural rot.

So why is the previously described fortress-like posture commonplace in the military intelligence space and to what kinds of attacks were the Trump crew woefully vulnerable?

Consider supply chain security: consumer-grade hardware and software are subject to little or no meaningful scrutiny and so may be injected with backdoors at multiple levels as it passes through a series of manufacturers and middlemen.

Consider physical security: devices left lying around unsecured areas can be modified by unauthorized individuals and users in such spaces can be spoofed, tricked, coerced, or even tortured.

Consider device and network partitioning: devices employed for personal usage and attached to the general Internet exhibit an amplified attack surface to a degree that having their blast radius extend into national defense workflows is reckless.

Consider trust bootstrapping: if there isn’t a face-to-face component between either individuals or, alternately, with a trusted agent that operates a public key infrastructure certificate authority, then you really don’t have trust at all; note that the former doesn’t scale to large organizations which is why, unsurprisingly, government agencies often opt for the latter.

Finally, consider availability: even if you trust Signal to nail its end-to-end guarantees, and even if you somehow also avoid all of the previous traps and thus somehow have passable Confidentiality and Integrity, there is still the A in CIA, Availability, which has nothing to do with cryptography, and without which you are dead in the water, hence all the hullaballoo about players like Huawei trying to own the world’s networking infrastructure.

Now let’s fast-forward from the Signalgate debacle of a few months ago to the Marco Rubio deepfakery revelations of just last week. The chickens, evidently, have come home to roost, in an event where an imposter is leveraging AI to spoof communiqués from Marco Rubio to foreign ministers. Rubio, of course, hasn’t done anything untoward in this case, but he is reaping the consequences of the precedent earlier set.

This, alas, is exactly the kind of development one might expect if, say, you installed an extreme and aggrieved narcissist into the role of Commander In Chief — someone who prioritizes loyalty over competence, vengeance over ethics, and ideology over mission. The result? Instead of a cabinet staffed by career professionals, we now have a rogue’s gallery of cosplayers occupying the most senior levels of defense, intelligence, and law enforcement, causing operational discipline to collapse precisely when the risk of cyber shenanigans has never been greater.

It would be impossible to overstate how incredibly bad this all is.