Ask HN: Is Washington Post correct in saying Signal is unsecure?

Hacker News Discussion ↗

What “unsecure” means here

  • Many argue “secure” is relative to a threat model: cops vs foreign intelligence vs internal accountability.
  • For everyday users, Signal is seen as one of the most secure E2EE messengers.
  • For national-security use, “unsecure” is taken to mean “not an NSA‑approved, centrally managed classified comms system,” not “weak crypto.”

Signal’s cryptography vs system‑level security

  • Broad agreement that Signal’s protocol and E2EE are strong and well regarded.
  • Multiple comments stress that E2EE only secures the channel, not the endpoints (phones, OS, app supply chain).
  • Some point out that if apps, OSes, or toolchains are compromised, messages can be exfiltrated in plaintext regardless of encryption.

Unsuitability for classified / organizational use

  • Key criticism: Signal lacks features required for classified or corporate environments:
    • No enforced vetting/clearance checks before adding participants.
    • No centralized identity provider, device management, or policy enforcement.
    • Easy to add the wrong person to a group; that’s exactly what happened.
  • For “top secret” material, commenters say only SCIFs and air‑gapped classified networks are appropriate.

Device and endpoint vulnerabilities

  • Phones are seen as fundamentally exposed: Pegasus‑style zero‑click exploits, theft, shoulder‑surfing.
  • Comparison: desktops on isolated networks can be locked down more than consumer smartphones that constantly talk to cell towers.
  • Conclusion: for high‑value state targets, assume phones can be fully read if the intel value exceeds the cost of an exploit.

Record‑keeping, law, and ethics

  • Several emphasize the bigger issue is evading legal record‑keeping (e.g., disappearing messages, unofficial channels), not Signal’s math.
  • Debate over whether deleting/auto‑deleting such chats is itself illegal, especially for senior officials.
  • Strong disagreement on the journalist’s role: some see exposing the chat as vital accountability; others call it unethical or even treasonous.

Alternatives, anonymity, and public perception

  • Some suggest alternatives like Matrix or SimpleX, though others distrust little‑known projects or ones exposing IPs / requiring phone numbers.
  • A few suspect media framing might wrongly damage Signal’s reputation among the general public.