tomhow3 hours ago
All: the main reason for not giving this story front page exposure is that there is already an article about this app that's been on the front page all day:
https://news.ycombinator.com/item?id=43875476
And that article contains a link to the 404media.co story, reporting the hack, and other commentary about the security of the app.
And there are several mentions in that discussion thread about the 404media.co story, and I've pinned another link to the top of that thread.
If we had a separate thread it would split the discussion and we always avoid doing that; it makes more sense to keep it all in one thread, as it really is one topic.
It should also be noted the article specifically states:
“The hacker has not obtained the messages of cabinet members, Waltz, and people he spoke to . . .”, so it’s not actually a breach of administration communication that it first seems to be from the headline.
croemer5 hours ago
See this for a non-flagged discussion on the topic: https://news.ycombinator.com/item?id=43875476
tomhow3 hours ago
Comments moved thither. Thanks!
croemer18 minutes ago
toofy12 hours ago
it is a bit troubling to me how this and stories covering the same group of people are so often quickly flagged.
i saw this story on other sites and immediately thought: hacker news will be the best place to follow along with this only to see it flagged dead. it does seem like this seems to be happening quite a lot when a certain group of people and their competence levels are being covered.
thanks for not burying this particular instance.
be_erik10 hours ago
Installing Signal using this method provides none of the guarantees Signal can normally provide by being an open verifiable application. It not only opens you up to state actors, but also IT folks like us. This is very much tech news. It helps explain why MDM is both critically important for businesses and terrible for security.
croemer5 hours ago
Luckily, flagged doesn't mean deleted or locked so we can still read and comment
afavour14 hours ago
Surely the most significant tech news story of the day and it’s immediately flagged off HN.
robocat14 hours ago
Hacker news is not about political hacks.
Use /active as your start page on HN if you're interested politics. Political discussions occur, just not on front page.
My guess is that HN will shut down within a few years because it doesn't much serve a purpose for PG or YC.
afavour13 hours ago
Hacker news is about tech news. Political hacks are absolutely included within that. Personally I’d love to read HN users knowledgable thoughts on the topic, the community here is very well qualified to make points others won’t.
But alas. We won’t get any of that.
croemer5 hours ago
> But alas. We won’t get any of that.
We can still comment and read, it's just not shown by default. I found it by submitting it myself just to find it flagged.
be_erik10 hours ago
There’s chatter on bsky.
But tl;dr anything said on those phones is assumed to be compromised until proven otherwise by time or a whole lot of very interesting security verifications. So far the evidence that this is a very large leak looks probable based on the evidence presented.
croemer5 hours ago
Why do you say "everything said on those phones" - did you mean "on this app"? If the backend of an app was compromised, that wouldn't mean the phone itself was rooted?
be_erikan hour ago
By installing MDM you’re effectively chaining your security to the security of the MDM. The MDM gives you the ability to install arbitrary code via a blessed backdoor. There’s no reason currently not to suspect that anything said on that phone (signal or not) is compromised.