May 14, 2025 • 37 mins
About 48 hours after the US National Security Advisor was spotted using a weird cloned version of Signal, someone said they’d hacked it. It took them all of 15 minutes. We now know that TeleMessage is ‘cartoonishly hackable,’ but we still don’t know why top White House officials were using it. And what about the investigation to find out if this Israel-based app is bad on accident, or on purpose? I called up my friends Evan McMorris-Santoro of NOTUS and Joseph Cox of 404 Media to get some more context on how bad this might actually be.
Here’s the links promised in the episode:
Evan’s daily newsletter in NOTUS
Joseph’s article in 404 on the Telemessage hack
And here’s Micha Lee’s technical breakdown of Telemessage’s security problems
Our guests:
Evan McMorris-Santoro: @evanmcs.bsky.social
Joseph Cox: @josephcox.bsky.social
Got something you’re curious about? Hit up @dexdigi on IG or Bluesky. See you on the next one.
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:15):
I'm afraid Kaleidoscope and iHeart podcasts. This is kill Switch.
I'm Dextera Thomas. Maybe you've heard a signal Gate. If not,
I'll get you up to speed real quick. Back in March,
a bunch of top White House staff, including the Vice President,
(00:36):
Secretary of Defense, and a lot of other people, were
discussing military operations in Yemen. And they were having this
discussion on a chat app called signal which you'll hear
more about in the second But amongst all the White
House officials was an outsider somebody, and that somebody turned
out to be US National Security Advisor Mike Waltz, had
accidentally added a journalist from the Atlantic to that group chat.
(01:00):
That journalists did what journalists are supposed to do, tell
the public what's happening. It was embarrassing for the White House,
and it also raised a lot of questions about what
exactly the US is doing overseas. It's a big enough
deal that Signalgate has its own Wikipedia entry, and the
story would have ended there. Then fast forward to May. First,
(01:23):
a picture started to circulate of the very same guy,
Mike Waltz, looking at his phone in a meeting using
an app that looked familiar sort of.
Speaker 2 (01:33):
He was in a cabinet meeting with President Trump and
other senior officials, and the Roysters photographer got him looking
down at his phone, and if you zoomed in, it
looked like he was using signal, which is of course
very Ray funny and Rai Ray ironic. So people saw
that they started tweeting it and posting on Blue Sky saying,
ha ha, look, Mike Waltz's using signal in this photo.
(01:56):
And then of course when you zoom in there are names.
It shows the chat and there's says Rubio. I only
know if one senior official who has a surname Rubio
obviously relates me to the Department of State. There's Gabbard,
I think probably Tolsy Gabbard. And then there's one that's
just straight up says jd Vance.
Speaker 1 (02:14):
Yeah, I wasna say. Jadvance is right in there, and
I'm just I'm reading part of jd Vance's messages right here,
just in this picture, which brings up an entirely different question,
which is should you be reading your text messages during
a meeting in which they are photographers. But I suppose
we can leave that to the side. This is my
(02:37):
friend and former colleague from my Vice News days, Joseph Cox.
He now reports for and co owns the online publication
four or for Media.
Speaker 2 (02:45):
Somebody put it in our in our work group chat
and I was say, I look at Signal every day,
like way too much, like twelve hours a day. I'm
looking at that app. This is not Signal. There's a
there's something ever so slightly different. And when I look
at the bottom, there's usually a message in Signal says
please verify your signal pin. And this is so you
(03:05):
remember the pin so you don't get locked out, and
it keeps your account more secure. It's a very good thing.
But at the bottom it said please remember your TM
SGNL pin. And I'm like, what the well the hell
is that? And then I google around and that leads
me to tele Message and their modified version of Signal.
Speaker 1 (03:26):
You really have to be hyper focusing on this stuff
to notice it at all. And then you further zoomed
in and said, Yo, this ain't signal.
Speaker 2 (03:34):
This is not signal, this is some weird modified version.
So yeah, we report that Mike Waltz has inadvertently revealed
the weird Signal clone that the Trump administration is using.
Speaker 1 (03:49):
Just to clarify here, Signal the actual Signal is a
messaging app that uses what's called end to end encryption,
which means that when you send a message, nobody, not
the government, not even Signal can read your messages. Even
if they do intercept them, only the intended recipient can
read the message. It's basically the gold standard for secure messaging.
(04:10):
What Joseph noticed was that the app Mike Waltz was
using in the picture looked like the actual Signal, but
that something was off. This app looked kind of similar,
but it was clear that someone else had modified it,
and his suspicion was that this modified version might not
have had the same security that the actual Signal does.
(04:30):
So Joseph wrote an article on four or four that
explained the issue here, and the key was that phrase
at the bottom TMSGNL. Joseph started digging around and realized
that this was probably from a company called tele Message.
This company basically makes clones of popular messaging apps like WhatsApp, Telegram,
we Chat, and Yes Signal with one extra feature. It
(04:55):
saves copies of all the messages sent or received onto
another server not to spoil the next part. But maybe
you're already seeing the problem here, So let's talk about
the timeline. This picture of Mike Waltz circulates and Joseph
publishes that article on May first. On May third, two
days later, an anonymous hacker contacts another reporter named Micah
(05:19):
Lee saying that they've managed to hack tele a message,
and so Micah and Joseph put together another article explaining
how bad this really is.
Speaker 2 (05:32):
I'm getting these screenshots and I'm getting sent this data.
One of the first examples is a screenshot of a
telemessage back end, which you know, a normal person should
not be able to access and a hacker should be
able to access it. And it has all of these
contact details for officials from Customs and Border Protection, implying
that they use the tool as well for some reason.
(05:52):
So I spend my Sunday phoning up numbers in this
list of CPB officials contact information, and I answer with
the name, and I say with Customs and Border and
they confirm, so it verifies the data. They then hang
up after I explain what's happening.
Speaker 3 (06:08):
Wow.
Speaker 2 (06:08):
But then there's the much more serious stuff, which is
messages that they may have thought were secure with a
modified version of Signal, and these messages are going off
against archived somewhere. The hacker was able to essentially intercept
them in the middle of that process, and we were
reading messages that were clearly sent that day of internal
(06:29):
conversations between various people. One example was one from it
looks like it was from Galaxy Digital, which is a
cryptocurrency connected company, and they were talking about some sort
of bill or law that the Dems may or may
not support. I'm not particularly interested in the specifics of
that bill, but it just shows you whoa this is
(06:52):
a really sensitive conversation, even if I don't really care
about cryptocurrency. This isn't something that a hacker should be
able to get, and this isn't something that I should
be able to read. But the implication is is that
Mike Waltz and people he was talking to, like Rubio
or whoever run this same platform, the hacker just managed
to break into and get the contents of messages. And
(07:13):
that's massive because who knows who else had access to this.
Speaker 1 (07:17):
So just giving these government officials the benefit of the
doubt for a moment, maybe this is what happened. Using
an app that can automatically delete messages is not okay
for government officials because the public is supposed to have
access to non classified information, and one of the things
telemessage promises to do is help organizations comply with regulations
(07:38):
about retaining records. Now, we have no evidence of the
reasoning or timing of the government's use of telemessage, but
that would be a charitable reading here. Maybe they did
it to obey the law.
Speaker 2 (07:49):
It is a really really, really really hard trade off,
and one side we want the government to keep records
so we can foil them and there can be accountability
and transparency whenever we need that, you know, either in
the current moment or at a later date. And then
when they do seemingly choose at all to do that,
it blows up massively in their face, and it's actually
probably even worse than the problem they were trying to
(08:10):
solve in the first place. Tele a message who don't
make signal, they don't develop signal in any capacity. They
don't do it for reach Out, Whatsapple Telegram either, but
they take those apps and they like shoven archiving ability
onto it. So presumably you might just not make a
fully secure solution. But then even more fundamentally, there are
(08:31):
just always going to be risks involved of this, and
it kind of reminds me of you know, government's always
asking for back doors into communication products. I'm not saying
tele message is absolutely a backdoor, and they don't use
that terminology, but practically it's kind of the same. It's
(08:53):
taking the messages and copying them elsewhere, which is what
we think of a backdoor. Fundamentally, by introduce seeing another
party to the chat, you're introducing more risk in some form.
Speaker 1 (09:05):
Right exactly, because the idea here, what sounds like tell
Message is promising is that well, signal your message is
encrypted from one end to the other. It's end to
end encrypted, so nobody can intercept that. But then it's
going through tele messages being copied somewhere else, and so
by default, by definition, it's not encrypted in to end anymore.
Speaker 2 (09:29):
So when we first reported on sort of the Trump
happening use of telemessage, the New York Times followed up
a few days later, and they were talking about some
of the security risks about this, and they spoke to
some executive that's Smash, which is the American company that
owns the Israeli company tele message, and that executive to
The New York Times was saying something like we we
(09:49):
don't de encrypts, which is a bizarre term I've never
heard anyone use with any in any serious context. But
what they were trying to say was basically, it's still secure,
you know, even though we have we're adding this archiving thing,
it's still secure. And I mean they say that, they
say it's still end to end encrypted, and of course
(10:09):
they're free to say whatever they want that they're comfortable
saying in their marketing material. But Michah Lee, the security
of research and journalist we worked on the hack, has
done a ray detailed analysis about how telem message does
have access to the plain text of messages. But then
I think even just more importantly, we were looking at
the contents of messages. It's clearly not end to end encrypted.
(10:31):
We were reading the messages. So and maybe there is
a way, and maybe there are some messages that are
encrypted by tele message, but what we've seen and what
I'm saying is some are definitely not.
Speaker 1 (10:42):
And just to be clear, we don't necessarily know that
every single top ranking official in the government is using
this tele message clone of signal. It looks like tele
message acts enough like regular signal to where you can
send messages back and forth and you wouldn't know if
the person on the other side is using the clone.
But even if one person in a group chat is
(11:03):
using it, and we know that former National Security advisor
Mike Watz is using it, that potentially means that everyone
they talk to or everyone in a group chat is
having their messages sent to a third party server and
that someone else would be able to see those messages.
In the article, you pretty explicitly say we're not going
(11:24):
to tell you how the hacker did it, so it
sounds like the hacker communicated to you, this is how
I did it. You don't make that public. Why is
there Yeah, I.
Speaker 2 (11:36):
Mean, first of all, we ask as part of the
verification process, if they can explain how they did it
in a verifiable manner, that's good or even better. Of course,
we can't always fully verify that because we're not going
to go do the hack ourselves inane and obviously, so
it really depends, and you have to be really, really
careful about what you're amplifying because if you include certain
(11:57):
information that could give other hackers or random people the
ability to go basically do it again, and who knows
what they're going to then do with that data. We
don't want to cause more harm, so there's a trade
off there, and it also relates to how security researchers
often disclose vulnerabilities. What hackers will often do is they
will probe a server or reverse engineering app. They'll go
(12:20):
to the company, Hey, I found this vulnerability. I think
you should fix it. The company will say, wow, that's
really bad. His ten thousand dollars in a T shirt
or a coffee mug or something, and they'll fix it,
hopefully within thirty days. Blah blah blah. That's called responsible disclosure.
That doesn't really involve the media at least traditionally. The
other way that some hackers do, and they did it
in this case, they find a vulnerability, they might actually
(12:44):
exploit that vulnerability to show it's real and to get data,
and then they go to the press. And in this case,
the hackers said they did this because they thought the
company might cover it up.
Speaker 1 (12:54):
So after the four or four article comes out, NBC
reports that they'd spoken to a second hacker. Is it
possible that there's another hacker who's gotten information and not
reported it to a journalist.
Speaker 2 (13:08):
It's absolutely possible. Like already you have one hacker who
provided information to us, you then have a second hacker
who also breaks into the system. And that's quite rare,
to be honest, Like, I report on so many data breaches,
and it's not common for a media outlet to report
on a hack and then a day or so later,
(13:29):
another media outlet says, another hacker got it. Like that
just doesn't doesn't really happen. Now, let's assume those hackers
are probably random hackers who were just talking to the
press or whatever. If you are from a nation state
intelligence agency like China or Russia or Iran, if you
haven't even looked at that server, you should probably lose
(13:50):
your job because that's literally your job is to find
out where these vulnerabilities are. You don't really have a
more pressing target than the people around Donald Trump or
Donald Trump himself. That's sort of in a circle. It
is your job too, among us of these people.
Speaker 1 (14:11):
Should people stop using signal after all this came out?
Speaker 2 (14:14):
Absolutely not. More people should use signal or a secure
alternative that makes sense in their life. Don't let the
telemassage Debarkle throw you off that just you probably don't
use a tool like that. It's like an archiving tool.
Speaker 1 (14:29):
Okay, So hopefully we haven't scared you away from using Signal. Truly,
it is a great app. There's nothing wrong with Signal itself.
The issue is with tell Message. But there's something else
we need to talk about, because we've talked about the
technical side of all this, and now we need to
talk about the human side. Once a vulnerability is found,
(14:49):
the next step is figuring out what the potential damage is.
And to know that, you need to know whether this
vulnerability was a mistake or it was there on purpose.
And this is where things get tricky because Telemessage, the company,
not only has access to servers where messages are archived,
but they theoretically would have access to all the chat
logs of everything ever said using their service. And Telemessage
(15:14):
is based in Israel, founded by someone who worked in
intelligence for the Israel Defense Force. So what does this
mean for the US government and what might they do next?
That's after the break Politics is not really my forte.
(15:40):
But in order to understand what exactly is at stake
in this hack, I knew I'd have to learn a
little bit more about what people are saying in DC.
So I called up yet another friend and former colleague,
Evan McMorris Centaro. He's a longtime politics reporter and he
now writes a daily newsletter for a nonprofit media organization
called Notice That's NTU.
Speaker 3 (16:00):
It kind of sort of broke in the journalism i'd say,
around that snowed in era. That's when I first started
hearing about it.
Speaker 1 (16:08):
It's not just government officials who use Signal. Actually, outside
of tech people, journalists were some of the earliest adopters.
The fact that this app is not only secure, but
that it would automatically delete messages is a big benefit.
This stuff is really important when you're talking to a
source about something sensitive.
Speaker 3 (16:25):
And you know, an important thing about Washington is everybody
that you're talking to is old for the most part,
and their tech savviness is very low, and so it
takes a long time for this something like this to
kind of matriculate out through the entire system. So now
we're in a world now where the Vice president is
on it, and the National Security Advisor is on it,
(16:46):
and the Secretary of Defense is on it. You know,
these are particularly old people as far as politics goes.
But it takes from that sort of snowed in time
all those years ago to now for it to become
very very prevalent as people sort of start to catch
on to something that's new. It is not like in
the movies where the movie shows, you know, the government
(17:07):
officials have the coolest, slickest, most amazing technology that has
the best features. In reality, you know, tech in the
government is a slow, slow moving process and one that
has a lot of lawyering involved. There are laws, very
specific laws about the kinds of records that government officials
(17:29):
have to keep, and so you know there's sort of like,
you know, these government officials will tell you we're keeping records,
we are doing things the right way. Some Biden officials
talked about how they would use it to you know,
plan like where they would meet up for dinner or
something like that if they were on the road somewhere,
things like that. But as we saw with this signal gate,
there was a real comfort in using this service for
(17:51):
something that would absolutely be governed by classified records acts
that are very specific and how classical records must be handled,
and also in record keeping that are very specific in
what kind of things administration officials have to keep to
be archived for history.
Speaker 1 (18:08):
Why does this stuff need to be archived.
Speaker 3 (18:12):
Well, you know, Acts of the presidential record jacks are
designed for history when you're president. When your government official,
your privacy is different. The work that you do, the
work product that you do as a government official. It
kind of belongs to the government with means it belongs
to everybody. That's true of the executive branch. It's not
true of Congress. It's a very important part of what
(18:36):
an administration does is create a history of how decisions
are made so future decisions can be made better. They
are not This is not your personal private email. Those
emails are public record and can be looked at by
people and can be requested by people.
Speaker 1 (18:54):
So look, one of the first things that I thought
of when I saw this whole telemessage thing in the
hack is the first thing that popped in my mind
was this kind of reminds me of Hillary Clinton in
the emails, And it's become kind of a meme at
this point. You know, I've heard the memes so much
that I've actually kind of forgotten what the email thing
was about.
Speaker 3 (19:12):
There are actually three separate email scandals in the Clinton
campaign twenty sixteen. A right, so let's start with the
first one. So Hillary Clinton, rather than use her email
system that was given to her the as Secretary of
State that goes through the government, she sent all of
(19:33):
her emails through a private email server that she had
set up herself. But so what happened was is that
when she was done being Secretary of State, she had
to do the Official Records Acts part of her job,
and so she turned over all of these emails. And
then it turned out that the way those emails had
been turned over was that her and her lawyers had
(19:56):
gone through all these emails on this server that she
owned and said, these are the ones that are professional,
these are the ones that you need to categorize, and
thousands of other ones we're keeping them. They're not they're
personal emails, they're not subject to the Official Records Act.
And then also we're like kind of deleting them for
all time, so it's never to be found again. The
(20:19):
second email scandal was the Clinton campaign itself. When it
was running, it's senior advisor, John Podesta, used his personal
Gmail for all of his communications with the campaign. He
was a top advisor. He got a lot of emails,
a lot of very sensitive series emails. So he gets
this weird email one day that asks him for like
(20:41):
his information and passwords and stuff were like you know,
links away as a phishing attack. He sends it to
the IT guy and says, is this bad? And the
IT guy sends it back email saying, now this is
a legitimate email, but actually he meant to say it
was an illegitimate email. Pessa clicks on it spears phishing attack.
All of his emails are harvested. Huge scandal for the
(21:01):
Clinton campaign, all right. So that's the second one. The
third one is that Kuma Abidin, who was another top
senior Clinton advisor while she was Secretary of State and
on her campaign, had a personal laptop of her own
and she would get all of Hillary Clinton's emails. And
so you know, they had had all this conversation. The
(21:24):
fbi'd investigated the private email server thing, They talked about it.
The FBI had said, look, this is not great that
you did this, but we don't see anything worth prosecuting here.
That happened early in the campaign, but at the very end,
in the last subverts of the campaign, whom Abiden's then
husband named Anthony Wiener, who was a congressman from New York.
(21:46):
He was involved in a very like embarrassing and like ongoing,
endless kind of sex scandal involving him texting people, some
of them underage, sexting them.
Speaker 1 (21:57):
Right.
Speaker 3 (21:58):
So, in the course of that investigator of that, they
uncover that, oh, he's been using this laptop that has
of course archived on it in its own version of
Outlook or its email software whatever it was, all of
these old Hillary Clinton emails that maybe some of them
are the ones that she, you know, tried to delete
(22:18):
from a server. We can go back where we can
look and see if any of them are going to
violate the lot. So this comes out right near the
very end of the campaign, and all of a sudden,
Hill Clinton's emails are back, and then she loses in
a very close election to Donald Trump, and a lot
of people equate it being at least one of these
email scandals that did it, possibly three, but really it
(22:41):
was email all along. But it does also feel like
a different time. I will give you a great example
that just happened, you know, the one hundred days of
Trump's administration just passed, and so everybody is trying to
score interview with the president and write a big piece
about the one hundred days. The Atlantic magazine, which of
course is the place where Signal Gate happened, was was revealed.
(23:03):
The reporters reveal that they just at one point just
called up the president on his cell phone and Trump
answered and agreed to do an interview.
Speaker 1 (23:14):
Like just.
Speaker 3 (23:16):
Hello, mister President, I'd like to interview. Okay, sure, we're
not talking about going through layers of security here. We're
not talking about going through you know, arbiters that are
checking on this. This is a guy just has a
phone that can ring, you can pick it up. When
President Obama was in power, you know, he wanted to
keep his personal BlackBerry. You know, this is how long
(23:38):
ago it was. The BlackBerry. A part of like what
made Obama cool was that he was like a guy
that knew how he was a BlackBerry and he wanted
to keep it. There was some conversation that maybe he
had been given this like super secure government version of
a BlackBerry. Near the end of his administration. You can
go on YouTube and you can watch this. He goes
on Jimmy Fallon and talks about getting his first smartphone
(24:00):
near the end of his administration, that the government gives
him a smartphone that he can use, and Obama says
he can't take a picture, I can't do a phone call,
can't send a text message because all that stuff makes
it not secure. Then the president having an ability to
do that, all that can be hacked not secure. The
president now gets a phone call from reporters. There was
(24:22):
no conversation at all about the president just having a
phone you can call. This is an incredibly different idea
of what it means to be a secure administration, and
nobody cares anymore. It just not even talked about. It's
a completely different landscape.
Speaker 1 (24:38):
And I mean this has been different even on the
Republican side. I mean, didn't Bush just not use email,
not use personal email?
Speaker 3 (24:44):
That's correct. George W. Bush famously sent a last email
to all of his friends in his email list, like, look,
I'm not gonna be able to email anymore because they
can see my email. So I'm not going to do
that anymore. Goodbye for now. And He's not the only
person to do this. I remember the interview with Lindsay Graham.
He has talked about how he is never in his
(25:05):
life sent an email? Wow, right, Why would I send
an email? He says? Why would I do that? And
the thing is, you know, part of being a senators
you have a staff or anything they can deal this
communication for you. Why, He's like, why do I send
an email? An email can only get me in trouble?
Why would I ever do it?
Speaker 1 (25:20):
Let me jump to signal gate real quick, because let's
go with single gate. You've got these high levels senior
officials on the Trump administration talking about essentially war plans,
right doing it on signal What, strictly speaking, what were
they supposed to have been using.
Speaker 3 (25:37):
There are extremely secure government communication tools that are used
to talk about things like national security stuff. But chat
that involves the Vice president, the Secretary of Defense, the
Secretary of State, the National Security Advisor, and the chief
of staff and some of their deputies. Every single person
(25:59):
on that chat has access to millions of dollars of
equipment specifically designed to let them communicate without breaching national security.
For whatever reason, they chose not to use that stuff.
And the result is in this case, they ended up
(26:21):
inviting a reporter in. There's been a lot of reporting
for other government officials who talk about how, yes, we
use signal, but just how incredibly dumb and unbelieve, unfathomably
dumb it was to use a signal group chat to
plan and execute a military strike and to then detail
how that worked. The problem is not the reporter you
(26:44):
ineventally put on, it's the foreign power that can hack
it and look at it. So, even in a world
where people do increasingly use signal, this particular thing was
seen as one of the dumbest things that people can
imagine in a long long time in Washington, a town
where dumb things happen pretty much every day.
Speaker 1 (27:05):
So sener Ron Widen has he basically is demanding and
he's released this letter, but he's demanding an investigation, right.
And there's one part of this letter that I found
kind of wild, right, And this is kind of near
the middle, near the end. So he's talking about tele
message and he says, I'm gonna read this here. It
(27:26):
remains unclear whether the design of this system was merely
the result of incompetence on the part of the foreign
company whose senior leadership are former intelligence officers, or a
backdoor designed to facilitate foreign intelligence collection against US government officials.
So the foreign government here and the foreign intelligence officers
(27:46):
he's speaking about this is Israel, which is regardless of
one's personal beliefs, may be the official US stance is
that we're very friendly with Israel. This is an ally
to even can leave open the door to suggest that
this is the creation of the app is intentional active espionage?
(28:11):
Am I just reading this? Or is this that actually
just a wild thing to say in public?
Speaker 3 (28:16):
One Israel has absolutely by the United States a number
of times. You know that a country is going to
say something in public, but you really want to know
what they're talking about in private, right And so even
if that country is ostensibly your ally, you want to
know what's going on. And two, this has of course
(28:37):
been a central concern when it comes to information technology
and the government for a long time now. This idea
that this kind of technology can be used by a
foreign government to hack our stuff, even this foreign government,
even this ally is not an unlikely one. Why it does, like, look,
(29:00):
this piece of technology telling message was so sort of
cartoonishly hackable according to the reporting that we have read
about it, that either someone is just like really bad
at making something and has scammed people into buying it,
or they're stupid like a fox and they made this
(29:21):
thing so they could just harvest all the information that
they could get. Either way, you're looking at a huge
failure of the American governmental state to protect our secrets.
Clear like an undeniable fuck up. And the question is
just like how much of a fuck up is it?
(29:43):
And they're not sure yet, but that is what he
is saying needs to be investigated. After Pete hegsif their
secretary of defense was on this signal chat. Later reporting
discovered he had put an unsecure line into his office
in a Pentagon that he had ad maybe you signal.
In many other contexts, the President didn't say, Okay, we
(30:06):
got to do an investigation what exactly we have been
spreading all over the place through bad op sect by
our secretary of defense? Right, very serious job, right, The
President said, Look, I talked to him again. It was
a serious conversation. But you know he's going to get
it together now, that's for the president. That was the
President's response to this. So in that context, I would
(30:30):
say it is not that likely that Roten Widen is
going to get either of the investigations he wants from
the Trump administration. This administration is much more focused on
protecting its own, much more focused on circling the wagons here.
Speaker 1 (30:47):
Evan, Okay, I get that, But do people in DC
even understand this stuff? Do they even care?
Speaker 3 (30:54):
Well, you know, we are asking them to understand this stuff, right,
These are the ones who often these people who have
to write regulations about crypt currency for us, these are
the ones you have to figure out what we're going
to do about artificial intelligence. Right. The woman who is
in charge of determining how much we're going to use
artificial intelligence in American education recently referred to it as
(31:15):
a one like the steak sauce, not AI, but a
one in a public's forum. Wait, this is the Secretary
of Education, Wynda McMahon. She was talking about artificial intelligence
and education.
Speaker 1 (31:29):
Okay, just as an aside here. I had to look
this up later and Evan was right. This was in
an education summit in San Diego, and she said a
one twice.
Speaker 3 (31:38):
And so if you're a person involved in technology in
the tech world, if you're a person trying to get
these regulations or stop these regulations, these are the people
that you're working with. And I think it explains a
lot about some of the scandals that we have seen
when it comes to technology, and it also explains a
lot of some of the confusing life that we live
(32:01):
in America when it comes to technology.
Speaker 1 (32:03):
Man. So maybe the last one I'll ask you here
then is you know you've you've been in the game
for a minute. You've been reporting on politics, and this
is how I know you, right, I know you. You
know we were advice. I knew you as like, if
I have a question about politics, let me ask Evin.
He's gonna understand this stuff.
Speaker 3 (32:21):
Yeah, I'm a nerd. I with the nerd. I know
I did it. I would hold it.
Speaker 1 (32:26):
But hold on, you're the politics nerd. Now you're kind
of having to be the technology nerd a little bit.
I'm starting to notice that tech is starting to creep
into politics. You got to understand signal. Five years ago,
I wouldn't have been asking you a questions about apps,
That's right. I'm starting to notice that politics reporting is
starting to Frankly, I think we should start requiring our
(32:49):
reporters know more about technology. Maybe they did in the past,
Like you can't get that pass, you know what I
mean for not knowing stuff?
Speaker 3 (32:56):
Oh one, this is a huge problem in politics. It
matters what you can do with AI and things like
misinformation and fake videos. It matters what you can do
with things like the hack ability of some of these apps.
All this stuff matters, But you're still living in a
(33:17):
world in politics often where it's like, hey, it's just Twitter,
like it's twenty ten, or hey, it's just signal, Right,
we're just signaling. Who cares? It's just signal, Like what
are we doing? Who cares? And that is a huge problem.
It is a huge problem, and they're changing the nature
of the way politics works, and unless we're able to
(33:40):
get up to speed, we are hosed. So you are
one hundred percent right there. So we absolutely need to
know about this stuff. The tech is starting to eat
the politics, and the politics is not ready to stand
up to that yet. And maybe they will be, maybe
(34:02):
it'll happen, but right now it absolutely is not.
Speaker 1 (34:08):
And this all brings us back to where we started
the technology. I asked a similar question to our first guest,
Joseph Cox from four or four Media. I've been reading
your reporting forever and it seems that a lot of
your stuff was focused on specifically on companies. But it
seems like a lot of politics reporting nowadays is necessarily
(34:30):
tech reporting, especially with this administration.
Speaker 2 (34:32):
Oh yeah, absolutely. When you have the CEOs of the
biggest tech companies in America, you know, Jeff Bezos, Smug Zuckerberg,
Tim Cook, Ela Musk officely, but he's almost in his
own category because he essentially is a member of the
US government. When you have all of those people going
to Trump's inauguration and donating a million dollars each or
(34:54):
whatever to it, that inherently makes tech political. Three four
or five years ago, you'd have people say, oh, stick
to tech, you're getting too political. I tech is inherently political.
Is the tools and the companies that provide the technical
infrastructure for how the will's functions and political decisions directly
(35:16):
dictate that. And tech decisions can directly dictate political decisions
as well, so they're completely inseparable.
Speaker 1 (35:26):
Maybe this is sort of obvious, but when I talk
to my friends who report on politics or the economy
or art or whatever, they're being expected to understand technology
for their work. Now, this stuff is connected, and I
think it always was, but especially now, we can't ignore it.
And that's part of what we're trying to explore with
kill Switch. If you want to keep up with Evans' work,
(35:46):
I highly recommend checking it out at Notice That's in
ot Us. You should also check out Joseph Cox's articles
on four or four and if you want a really
technical analysis of tell a Message and how cartoonishly bad
it is, I highly recommend checking out Michael Lee's article
on his own site, and all those links are in
the show notes. Thank you so much for listening to
(36:14):
kill Switch. Let us know what you think and yo,
if there's something you want us to cover, let us
know about that too. You can hit us at kill
Switch at Kalaidoscope dot NYC, or you can hit me
at dex digi that's d e x d I g
I on the Gram or on Blue Sky if that's
your thing. Also leave us a review that helps other
people find the show, which in turn helps us keep
doing our thing. Kill Switch is hosted by Me, Dexter Thomas,
(36:38):
is produced by Sena Ozaki, Darl Lukkatts and Kate Osborne
and this week we have production help from a LISTA
midcalf Our theme song is by me and Kyle Murdoch,
and Kyle also mixed. The show from Kalaidoscope. Our executive
producers are Oz Valashin, Mangesh Hatigodur and Kate Osbourne. From
iHeart our executive producers are Katrina Norvil and Nikki E.
Speaker 3 (36:59):
Tour.
Speaker 1 (37:00):
Catch on the next one, good Bye,
I'm afraid Kaleidoscope and iHeart podcasts. This is kill Switch.
I'm Dextera Thomas. Maybe you've heard a signal Gate. If not,
I'll get you up to speed real quick. Back in March,
a bunch of top White House staff, including the Vice President,
(00:36):
Secretary of Defense, and a lot of other people, were
discussing military operations in Yemen. And they were having this
discussion on a chat app called signal which you'll hear
more about in the second But amongst all the White
House officials was an outsider somebody, and that somebody turned
out to be US National Security Advisor Mike Waltz, had
accidentally added a journalist from the Atlantic to that group chat.
(01:00):
That journalists did what journalists are supposed to do, tell
the public what's happening. It was embarrassing for the White House,
and it also raised a lot of questions about what
exactly the US is doing overseas. It's a big enough
deal that Signalgate has its own Wikipedia entry, and the
story would have ended there. Then fast forward to May. First,
(01:23):
a picture started to circulate of the very same guy,
Mike Waltz, looking at his phone in a meeting using
an app that looked familiar sort of.
Speaker 2 (01:33):
He was in a cabinet meeting with President Trump and
other senior officials, and the Roysters photographer got him looking
down at his phone, and if you zoomed in, it
looked like he was using signal, which is of course
very Ray funny and Rai Ray ironic. So people saw
that they started tweeting it and posting on Blue Sky saying,
ha ha, look, Mike Waltz's using signal in this photo.
(01:56):
And then of course when you zoom in there are names.
It shows the chat and there's says Rubio. I only
know if one senior official who has a surname Rubio
obviously relates me to the Department of State. There's Gabbard,
I think probably Tolsy Gabbard. And then there's one that's
just straight up says jd Vance.
Speaker 1 (02:14):
Yeah, I wasna say. Jadvance is right in there, and
I'm just I'm reading part of jd Vance's messages right here,
just in this picture, which brings up an entirely different question,
which is should you be reading your text messages during
a meeting in which they are photographers. But I suppose
we can leave that to the side. This is my
(02:37):
friend and former colleague from my Vice News days, Joseph Cox.
He now reports for and co owns the online publication
four or for Media.
Speaker 2 (02:45):
Somebody put it in our in our work group chat
and I was say, I look at Signal every day,
like way too much, like twelve hours a day. I'm
looking at that app. This is not Signal. There's a
there's something ever so slightly different. And when I look
at the bottom, there's usually a message in Signal says
please verify your signal pin. And this is so you
(03:05):
remember the pin so you don't get locked out, and
it keeps your account more secure. It's a very good thing.
But at the bottom it said please remember your TM
SGNL pin. And I'm like, what the well the hell
is that? And then I google around and that leads
me to tele Message and their modified version of Signal.
Speaker 1 (03:26):
You really have to be hyper focusing on this stuff
to notice it at all. And then you further zoomed
in and said, Yo, this ain't signal.
Speaker 2 (03:34):
This is not signal, this is some weird modified version.
So yeah, we report that Mike Waltz has inadvertently revealed
the weird Signal clone that the Trump administration is using.
Speaker 1 (03:49):
Just to clarify here, Signal the actual Signal is a
messaging app that uses what's called end to end encryption,
which means that when you send a message, nobody, not
the government, not even Signal can read your messages. Even
if they do intercept them, only the intended recipient can
read the message. It's basically the gold standard for secure messaging.
(04:10):
What Joseph noticed was that the app Mike Waltz was
using in the picture looked like the actual Signal, but
that something was off. This app looked kind of similar,
but it was clear that someone else had modified it,
and his suspicion was that this modified version might not
have had the same security that the actual Signal does.
(04:30):
So Joseph wrote an article on four or four that
explained the issue here, and the key was that phrase
at the bottom TMSGNL. Joseph started digging around and realized
that this was probably from a company called tele Message.
This company basically makes clones of popular messaging apps like WhatsApp, Telegram,
we Chat, and Yes Signal with one extra feature. It
(04:55):
saves copies of all the messages sent or received onto
another server not to spoil the next part. But maybe
you're already seeing the problem here, So let's talk about
the timeline. This picture of Mike Waltz circulates and Joseph
publishes that article on May first. On May third, two
days later, an anonymous hacker contacts another reporter named Micah
(05:19):
Lee saying that they've managed to hack tele a message,
and so Micah and Joseph put together another article explaining
how bad this really is.
Speaker 2 (05:32):
I'm getting these screenshots and I'm getting sent this data.
One of the first examples is a screenshot of a
telemessage back end, which you know, a normal person should
not be able to access and a hacker should be
able to access it. And it has all of these
contact details for officials from Customs and Border Protection, implying
that they use the tool as well for some reason.
(05:52):
So I spend my Sunday phoning up numbers in this
list of CPB officials contact information, and I answer with
the name, and I say with Customs and Border and
they confirm, so it verifies the data. They then hang
up after I explain what's happening.
Speaker 3 (06:08):
Wow.
Speaker 2 (06:08):
But then there's the much more serious stuff, which is
messages that they may have thought were secure with a
modified version of Signal, and these messages are going off
against archived somewhere. The hacker was able to essentially intercept
them in the middle of that process, and we were
reading messages that were clearly sent that day of internal
(06:29):
conversations between various people. One example was one from it
looks like it was from Galaxy Digital, which is a
cryptocurrency connected company, and they were talking about some sort
of bill or law that the Dems may or may
not support. I'm not particularly interested in the specifics of
that bill, but it just shows you whoa this is
(06:52):
a really sensitive conversation, even if I don't really care
about cryptocurrency. This isn't something that a hacker should be
able to get, and this isn't something that I should
be able to read. But the implication is is that
Mike Waltz and people he was talking to, like Rubio
or whoever run this same platform, the hacker just managed
to break into and get the contents of messages. And
(07:13):
that's massive because who knows who else had access to this.
Speaker 1 (07:17):
So just giving these government officials the benefit of the
doubt for a moment, maybe this is what happened. Using
an app that can automatically delete messages is not okay
for government officials because the public is supposed to have
access to non classified information, and one of the things
telemessage promises to do is help organizations comply with regulations
(07:38):
about retaining records. Now, we have no evidence of the
reasoning or timing of the government's use of telemessage, but
that would be a charitable reading here. Maybe they did
it to obey the law.
Speaker 2 (07:49):
It is a really really, really really hard trade off,
and one side we want the government to keep records
so we can foil them and there can be accountability
and transparency whenever we need that, you know, either in
the current moment or at a later date. And then
when they do seemingly choose at all to do that,
it blows up massively in their face, and it's actually
probably even worse than the problem they were trying to
(08:10):
solve in the first place. Tele a message who don't
make signal, they don't develop signal in any capacity. They
don't do it for reach Out, Whatsapple Telegram either, but
they take those apps and they like shoven archiving ability
onto it. So presumably you might just not make a
fully secure solution. But then even more fundamentally, there are
(08:31):
just always going to be risks involved of this, and
it kind of reminds me of you know, government's always
asking for back doors into communication products. I'm not saying
tele message is absolutely a backdoor, and they don't use
that terminology, but practically it's kind of the same. It's
(08:53):
taking the messages and copying them elsewhere, which is what
we think of a backdoor. Fundamentally, by introduce seeing another
party to the chat, you're introducing more risk in some form.
Speaker 1 (09:05):
Right exactly, because the idea here, what sounds like tell
Message is promising is that well, signal your message is
encrypted from one end to the other. It's end to
end encrypted, so nobody can intercept that. But then it's
going through tele messages being copied somewhere else, and so
by default, by definition, it's not encrypted in to end anymore.
Speaker 2 (09:29):
So when we first reported on sort of the Trump
happening use of telemessage, the New York Times followed up
a few days later, and they were talking about some
of the security risks about this, and they spoke to
some executive that's Smash, which is the American company that
owns the Israeli company tele message, and that executive to
The New York Times was saying something like we we
(09:49):
don't de encrypts, which is a bizarre term I've never
heard anyone use with any in any serious context. But
what they were trying to say was basically, it's still secure,
you know, even though we have we're adding this archiving thing,
it's still secure. And I mean they say that, they
say it's still end to end encrypted, and of course
(10:09):
they're free to say whatever they want that they're comfortable
saying in their marketing material. But Michah Lee, the security
of research and journalist we worked on the hack, has
done a ray detailed analysis about how telem message does
have access to the plain text of messages. But then
I think even just more importantly, we were looking at
the contents of messages. It's clearly not end to end encrypted.
(10:31):
We were reading the messages. So and maybe there is
a way, and maybe there are some messages that are
encrypted by tele message, but what we've seen and what
I'm saying is some are definitely not.
Speaker 1 (10:42):
And just to be clear, we don't necessarily know that
every single top ranking official in the government is using
this tele message clone of signal. It looks like tele
message acts enough like regular signal to where you can
send messages back and forth and you wouldn't know if
the person on the other side is using the clone.
But even if one person in a group chat is
(11:03):
using it, and we know that former National Security advisor
Mike Watz is using it, that potentially means that everyone
they talk to or everyone in a group chat is
having their messages sent to a third party server and
that someone else would be able to see those messages.
In the article, you pretty explicitly say we're not going
(11:24):
to tell you how the hacker did it, so it
sounds like the hacker communicated to you, this is how
I did it. You don't make that public. Why is
there Yeah, I.
Speaker 2 (11:36):
Mean, first of all, we ask as part of the
verification process, if they can explain how they did it
in a verifiable manner, that's good or even better. Of course,
we can't always fully verify that because we're not going
to go do the hack ourselves inane and obviously, so
it really depends, and you have to be really, really
careful about what you're amplifying because if you include certain
(11:57):
information that could give other hackers or random people the
ability to go basically do it again, and who knows
what they're going to then do with that data. We
don't want to cause more harm, so there's a trade
off there, and it also relates to how security researchers
often disclose vulnerabilities. What hackers will often do is they
will probe a server or reverse engineering app. They'll go
(12:20):
to the company, Hey, I found this vulnerability. I think
you should fix it. The company will say, wow, that's
really bad. His ten thousand dollars in a T shirt
or a coffee mug or something, and they'll fix it,
hopefully within thirty days. Blah blah blah. That's called responsible disclosure.
That doesn't really involve the media at least traditionally. The
other way that some hackers do, and they did it
in this case, they find a vulnerability, they might actually
(12:44):
exploit that vulnerability to show it's real and to get data,
and then they go to the press. And in this case,
the hackers said they did this because they thought the
company might cover it up.
Speaker 1 (12:54):
So after the four or four article comes out, NBC
reports that they'd spoken to a second hacker. Is it
possible that there's another hacker who's gotten information and not
reported it to a journalist.
Speaker 2 (13:08):
It's absolutely possible. Like already you have one hacker who
provided information to us, you then have a second hacker
who also breaks into the system. And that's quite rare,
to be honest, Like, I report on so many data breaches,
and it's not common for a media outlet to report
on a hack and then a day or so later,
(13:29):
another media outlet says, another hacker got it. Like that
just doesn't doesn't really happen. Now, let's assume those hackers
are probably random hackers who were just talking to the
press or whatever. If you are from a nation state
intelligence agency like China or Russia or Iran, if you
haven't even looked at that server, you should probably lose
(13:50):
your job because that's literally your job is to find
out where these vulnerabilities are. You don't really have a
more pressing target than the people around Donald Trump or
Donald Trump himself. That's sort of in a circle. It
is your job too, among us of these people.
Speaker 1 (14:11):
Should people stop using signal after all this came out?
Speaker 2 (14:14):
Absolutely not. More people should use signal or a secure
alternative that makes sense in their life. Don't let the
telemassage Debarkle throw you off that just you probably don't
use a tool like that. It's like an archiving tool.
Speaker 1 (14:29):
Okay, So hopefully we haven't scared you away from using Signal. Truly,
it is a great app. There's nothing wrong with Signal itself.
The issue is with tell Message. But there's something else
we need to talk about, because we've talked about the
technical side of all this, and now we need to
talk about the human side. Once a vulnerability is found,
(14:49):
the next step is figuring out what the potential damage is.
And to know that, you need to know whether this
vulnerability was a mistake or it was there on purpose.
And this is where things get tricky because Telemessage, the company,
not only has access to servers where messages are archived,
but they theoretically would have access to all the chat
logs of everything ever said using their service. And Telemessage
(15:14):
is based in Israel, founded by someone who worked in
intelligence for the Israel Defense Force. So what does this
mean for the US government and what might they do next?
That's after the break Politics is not really my forte.
(15:40):
But in order to understand what exactly is at stake
in this hack, I knew I'd have to learn a
little bit more about what people are saying in DC.
So I called up yet another friend and former colleague,
Evan McMorris Centaro. He's a longtime politics reporter and he
now writes a daily newsletter for a nonprofit media organization
called Notice That's NTU.
Speaker 3 (16:00):
It kind of sort of broke in the journalism i'd say,
around that snowed in era. That's when I first started
hearing about it.
Speaker 1 (16:08):
It's not just government officials who use Signal. Actually, outside
of tech people, journalists were some of the earliest adopters.
The fact that this app is not only secure, but
that it would automatically delete messages is a big benefit.
This stuff is really important when you're talking to a
source about something sensitive.
Speaker 3 (16:25):
And you know, an important thing about Washington is everybody
that you're talking to is old for the most part,
and their tech savviness is very low, and so it
takes a long time for this something like this to
kind of matriculate out through the entire system. So now
we're in a world now where the Vice president is
on it, and the National Security Advisor is on it,
(16:46):
and the Secretary of Defense is on it. You know,
these are particularly old people as far as politics goes.
But it takes from that sort of snowed in time
all those years ago to now for it to become
very very prevalent as people sort of start to catch
on to something that's new. It is not like in
the movies where the movie shows, you know, the government
(17:07):
officials have the coolest, slickest, most amazing technology that has
the best features. In reality, you know, tech in the
government is a slow, slow moving process and one that
has a lot of lawyering involved. There are laws, very
specific laws about the kinds of records that government officials
(17:29):
have to keep, and so you know there's sort of like,
you know, these government officials will tell you we're keeping records,
we are doing things the right way. Some Biden officials
talked about how they would use it to you know,
plan like where they would meet up for dinner or
something like that if they were on the road somewhere,
things like that. But as we saw with this signal gate,
there was a real comfort in using this service for
(17:51):
something that would absolutely be governed by classified records acts
that are very specific and how classical records must be handled,
and also in record keeping that are very specific in
what kind of things administration officials have to keep to
be archived for history.
Speaker 1 (18:08):
Why does this stuff need to be archived.
Speaker 3 (18:12):
Well, you know, Acts of the presidential record jacks are
designed for history when you're president. When your government official,
your privacy is different. The work that you do, the
work product that you do as a government official. It
kind of belongs to the government with means it belongs
to everybody. That's true of the executive branch. It's not
true of Congress. It's a very important part of what
(18:36):
an administration does is create a history of how decisions
are made so future decisions can be made better. They
are not This is not your personal private email. Those
emails are public record and can be looked at by
people and can be requested by people.
Speaker 1 (18:54):
So look, one of the first things that I thought
of when I saw this whole telemessage thing in the
hack is the first thing that popped in my mind
was this kind of reminds me of Hillary Clinton in
the emails, And it's become kind of a meme at
this point. You know, I've heard the memes so much
that I've actually kind of forgotten what the email thing
was about.
Speaker 3 (19:12):
There are actually three separate email scandals in the Clinton
campaign twenty sixteen. A right, so let's start with the
first one. So Hillary Clinton, rather than use her email
system that was given to her the as Secretary of
State that goes through the government, she sent all of
(19:33):
her emails through a private email server that she had
set up herself. But so what happened was is that
when she was done being Secretary of State, she had
to do the Official Records Acts part of her job,
and so she turned over all of these emails. And
then it turned out that the way those emails had
been turned over was that her and her lawyers had
(19:56):
gone through all these emails on this server that she
owned and said, these are the ones that are professional,
these are the ones that you need to categorize, and
thousands of other ones we're keeping them. They're not they're
personal emails, they're not subject to the Official Records Act.
And then also we're like kind of deleting them for
all time, so it's never to be found again. The
(20:19):
second email scandal was the Clinton campaign itself. When it
was running, it's senior advisor, John Podesta, used his personal
Gmail for all of his communications with the campaign. He
was a top advisor. He got a lot of emails,
a lot of very sensitive series emails. So he gets
this weird email one day that asks him for like
(20:41):
his information and passwords and stuff were like you know,
links away as a phishing attack. He sends it to
the IT guy and says, is this bad? And the
IT guy sends it back email saying, now this is
a legitimate email, but actually he meant to say it
was an illegitimate email. Pessa clicks on it spears phishing attack.
All of his emails are harvested. Huge scandal for the
(21:01):
Clinton campaign, all right. So that's the second one. The
third one is that Kuma Abidin, who was another top
senior Clinton advisor while she was Secretary of State and
on her campaign, had a personal laptop of her own
and she would get all of Hillary Clinton's emails. And
so you know, they had had all this conversation. The
(21:24):
fbi'd investigated the private email server thing, They talked about it.
The FBI had said, look, this is not great that
you did this, but we don't see anything worth prosecuting here.
That happened early in the campaign, but at the very end,
in the last subverts of the campaign, whom Abiden's then
husband named Anthony Wiener, who was a congressman from New York.
(21:46):
He was involved in a very like embarrassing and like ongoing,
endless kind of sex scandal involving him texting people, some
of them underage, sexting them.
Speaker 1 (21:57):
Right.
Speaker 3 (21:58):
So, in the course of that investigator of that, they
uncover that, oh, he's been using this laptop that has
of course archived on it in its own version of
Outlook or its email software whatever it was, all of
these old Hillary Clinton emails that maybe some of them
are the ones that she, you know, tried to delete
(22:18):
from a server. We can go back where we can
look and see if any of them are going to
violate the lot. So this comes out right near the
very end of the campaign, and all of a sudden,
Hill Clinton's emails are back, and then she loses in
a very close election to Donald Trump, and a lot
of people equate it being at least one of these
email scandals that did it, possibly three, but really it
(22:41):
was email all along. But it does also feel like
a different time. I will give you a great example
that just happened, you know, the one hundred days of
Trump's administration just passed, and so everybody is trying to
score interview with the president and write a big piece
about the one hundred days. The Atlantic magazine, which of
course is the place where Signal Gate happened, was was revealed.
(23:03):
The reporters reveal that they just at one point just
called up the president on his cell phone and Trump
answered and agreed to do an interview.
Speaker 1 (23:14):
Like just.
Speaker 3 (23:16):
Hello, mister President, I'd like to interview. Okay, sure, we're
not talking about going through layers of security here. We're
not talking about going through you know, arbiters that are
checking on this. This is a guy just has a
phone that can ring, you can pick it up. When
President Obama was in power, you know, he wanted to
keep his personal BlackBerry. You know, this is how long
(23:38):
ago it was. The BlackBerry. A part of like what
made Obama cool was that he was like a guy
that knew how he was a BlackBerry and he wanted
to keep it. There was some conversation that maybe he
had been given this like super secure government version of
a BlackBerry. Near the end of his administration. You can
go on YouTube and you can watch this. He goes
on Jimmy Fallon and talks about getting his first smartphone
(24:00):
near the end of his administration, that the government gives
him a smartphone that he can use, and Obama says
he can't take a picture, I can't do a phone call,
can't send a text message because all that stuff makes
it not secure. Then the president having an ability to
do that, all that can be hacked not secure. The
president now gets a phone call from reporters. There was
(24:22):
no conversation at all about the president just having a
phone you can call. This is an incredibly different idea
of what it means to be a secure administration, and
nobody cares anymore. It just not even talked about. It's
a completely different landscape.
Speaker 1 (24:38):
And I mean this has been different even on the
Republican side. I mean, didn't Bush just not use email,
not use personal email?
Speaker 3 (24:44):
That's correct. George W. Bush famously sent a last email
to all of his friends in his email list, like, look,
I'm not gonna be able to email anymore because they
can see my email. So I'm not going to do
that anymore. Goodbye for now. And He's not the only
person to do this. I remember the interview with Lindsay Graham.
He has talked about how he is never in his
(25:05):
life sent an email? Wow, right, Why would I send
an email? He says? Why would I do that? And
the thing is, you know, part of being a senators
you have a staff or anything they can deal this
communication for you. Why, He's like, why do I send
an email? An email can only get me in trouble?
Why would I ever do it?
Speaker 1 (25:20):
Let me jump to signal gate real quick, because let's
go with single gate. You've got these high levels senior
officials on the Trump administration talking about essentially war plans,
right doing it on signal What, strictly speaking, what were
they supposed to have been using.
Speaker 3 (25:37):
There are extremely secure government communication tools that are used
to talk about things like national security stuff. But chat
that involves the Vice president, the Secretary of Defense, the
Secretary of State, the National Security Advisor, and the chief
of staff and some of their deputies. Every single person
(25:59):
on that chat has access to millions of dollars of
equipment specifically designed to let them communicate without breaching national security.
For whatever reason, they chose not to use that stuff.
And the result is in this case, they ended up
(26:21):
inviting a reporter in. There's been a lot of reporting
for other government officials who talk about how, yes, we
use signal, but just how incredibly dumb and unbelieve, unfathomably
dumb it was to use a signal group chat to
plan and execute a military strike and to then detail
how that worked. The problem is not the reporter you
(26:44):
ineventally put on, it's the foreign power that can hack
it and look at it. So, even in a world
where people do increasingly use signal, this particular thing was
seen as one of the dumbest things that people can
imagine in a long long time in Washington, a town
where dumb things happen pretty much every day.
Speaker 1 (27:05):
So sener Ron Widen has he basically is demanding and
he's released this letter, but he's demanding an investigation, right.
And there's one part of this letter that I found
kind of wild, right, And this is kind of near
the middle, near the end. So he's talking about tele
message and he says, I'm gonna read this here. It
(27:26):
remains unclear whether the design of this system was merely
the result of incompetence on the part of the foreign
company whose senior leadership are former intelligence officers, or a
backdoor designed to facilitate foreign intelligence collection against US government officials.
So the foreign government here and the foreign intelligence officers
(27:46):
he's speaking about this is Israel, which is regardless of
one's personal beliefs, may be the official US stance is
that we're very friendly with Israel. This is an ally
to even can leave open the door to suggest that
this is the creation of the app is intentional active espionage?
(28:11):
Am I just reading this? Or is this that actually
just a wild thing to say in public?
Speaker 3 (28:16):
One Israel has absolutely by the United States a number
of times. You know that a country is going to
say something in public, but you really want to know
what they're talking about in private, right And so even
if that country is ostensibly your ally, you want to
know what's going on. And two, this has of course
(28:37):
been a central concern when it comes to information technology
and the government for a long time now. This idea
that this kind of technology can be used by a
foreign government to hack our stuff, even this foreign government,
even this ally is not an unlikely one. Why it does, like, look,
(29:00):
this piece of technology telling message was so sort of
cartoonishly hackable according to the reporting that we have read
about it, that either someone is just like really bad
at making something and has scammed people into buying it,
or they're stupid like a fox and they made this
(29:21):
thing so they could just harvest all the information that
they could get. Either way, you're looking at a huge
failure of the American governmental state to protect our secrets.
Clear like an undeniable fuck up. And the question is
just like how much of a fuck up is it?
(29:43):
And they're not sure yet, but that is what he
is saying needs to be investigated. After Pete hegsif their
secretary of defense was on this signal chat. Later reporting
discovered he had put an unsecure line into his office
in a Pentagon that he had ad maybe you signal.
In many other contexts, the President didn't say, Okay, we
(30:06):
got to do an investigation what exactly we have been
spreading all over the place through bad op sect by
our secretary of defense? Right, very serious job, right, The
President said, Look, I talked to him again. It was
a serious conversation. But you know he's going to get
it together now, that's for the president. That was the
President's response to this. So in that context, I would
(30:30):
say it is not that likely that Roten Widen is
going to get either of the investigations he wants from
the Trump administration. This administration is much more focused on
protecting its own, much more focused on circling the wagons here.
Speaker 1 (30:47):
Evan, Okay, I get that, But do people in DC
even understand this stuff? Do they even care?
Speaker 3 (30:54):
Well, you know, we are asking them to understand this stuff, right,
These are the ones who often these people who have
to write regulations about crypt currency for us, these are
the ones you have to figure out what we're going
to do about artificial intelligence. Right. The woman who is
in charge of determining how much we're going to use
artificial intelligence in American education recently referred to it as
(31:15):
a one like the steak sauce, not AI, but a
one in a public's forum. Wait, this is the Secretary
of Education, Wynda McMahon. She was talking about artificial intelligence
and education.
Speaker 1 (31:29):
Okay, just as an aside here. I had to look
this up later and Evan was right. This was in
an education summit in San Diego, and she said a
one twice.
Speaker 3 (31:38):
And so if you're a person involved in technology in
the tech world, if you're a person trying to get
these regulations or stop these regulations, these are the people
that you're working with. And I think it explains a
lot about some of the scandals that we have seen
when it comes to technology, and it also explains a
lot of some of the confusing life that we live
(32:01):
in America when it comes to technology.
Speaker 1 (32:03):
Man. So maybe the last one I'll ask you here
then is you know you've you've been in the game
for a minute. You've been reporting on politics, and this
is how I know you, right, I know you. You
know we were advice. I knew you as like, if
I have a question about politics, let me ask Evin.
He's gonna understand this stuff.
Speaker 3 (32:21):
Yeah, I'm a nerd. I with the nerd. I know
I did it. I would hold it.
Speaker 1 (32:26):
But hold on, you're the politics nerd. Now you're kind
of having to be the technology nerd a little bit.
I'm starting to notice that tech is starting to creep
into politics. You got to understand signal. Five years ago,
I wouldn't have been asking you a questions about apps,
That's right. I'm starting to notice that politics reporting is
starting to Frankly, I think we should start requiring our
(32:49):
reporters know more about technology. Maybe they did in the past,
Like you can't get that pass, you know what I
mean for not knowing stuff?
Speaker 3 (32:56):
Oh one, this is a huge problem in politics. It
matters what you can do with AI and things like
misinformation and fake videos. It matters what you can do
with things like the hack ability of some of these apps.
All this stuff matters, But you're still living in a
(33:17):
world in politics often where it's like, hey, it's just Twitter,
like it's twenty ten, or hey, it's just signal, Right,
we're just signaling. Who cares? It's just signal, Like what
are we doing? Who cares? And that is a huge problem.
It is a huge problem, and they're changing the nature
of the way politics works, and unless we're able to
(33:40):
get up to speed, we are hosed. So you are
one hundred percent right there. So we absolutely need to
know about this stuff. The tech is starting to eat
the politics, and the politics is not ready to stand
up to that yet. And maybe they will be, maybe
(34:02):
it'll happen, but right now it absolutely is not.
Speaker 1 (34:08):
And this all brings us back to where we started
the technology. I asked a similar question to our first guest,
Joseph Cox from four or four Media. I've been reading
your reporting forever and it seems that a lot of
your stuff was focused on specifically on companies. But it
seems like a lot of politics reporting nowadays is necessarily
(34:30):
tech reporting, especially with this administration.
Speaker 2 (34:32):
Oh yeah, absolutely. When you have the CEOs of the
biggest tech companies in America, you know, Jeff Bezos, Smug Zuckerberg,
Tim Cook, Ela Musk officely, but he's almost in his
own category because he essentially is a member of the
US government. When you have all of those people going
to Trump's inauguration and donating a million dollars each or
(34:54):
whatever to it, that inherently makes tech political. Three four
or five years ago, you'd have people say, oh, stick
to tech, you're getting too political. I tech is inherently political.
Is the tools and the companies that provide the technical
infrastructure for how the will's functions and political decisions directly
(35:16):
dictate that. And tech decisions can directly dictate political decisions
as well, so they're completely inseparable.
Speaker 1 (35:26):
Maybe this is sort of obvious, but when I talk
to my friends who report on politics or the economy
or art or whatever, they're being expected to understand technology
for their work. Now, this stuff is connected, and I
think it always was, but especially now, we can't ignore it.
And that's part of what we're trying to explore with
kill Switch. If you want to keep up with Evans' work,
(35:46):
I highly recommend checking it out at Notice That's in
ot Us. You should also check out Joseph Cox's articles
on four or four and if you want a really
technical analysis of tell a Message and how cartoonishly bad
it is, I highly recommend checking out Michael Lee's article
on his own site, and all those links are in
the show notes. Thank you so much for listening to
(36:14):
kill Switch. Let us know what you think and yo,
if there's something you want us to cover, let us
know about that too. You can hit us at kill
Switch at Kalaidoscope dot NYC, or you can hit me
at dex digi that's d e x d I g
I on the Gram or on Blue Sky if that's
your thing. Also leave us a review that helps other
people find the show, which in turn helps us keep
doing our thing. Kill Switch is hosted by Me, Dexter Thomas,
(36:38):
is produced by Sena Ozaki, Darl Lukkatts and Kate Osborne
and this week we have production help from a LISTA
midcalf Our theme song is by me and Kyle Murdoch,
and Kyle also mixed. The show from Kalaidoscope. Our executive
producers are Oz Valashin, Mangesh Hatigodur and Kate Osbourne. From
iHeart our executive producers are Katrina Norvil and Nikki E.
Speaker 3 (36:59):
Tour.
Speaker 1 (37:00):
Catch on the next one, good Bye,
kill switch News
Hosts And Creators
Oz Woloshyn
Karah Preiss
Show Links
AboutPopular Podcasts
Are You A Charlotte?
In 1997, actress Kristin Davis’ life was forever changed when she took on the role of Charlotte York in Sex and the City. As we watched Carrie, Samantha, Miranda and Charlotte navigate relationships in NYC, the show helped push once unacceptable conversation topics out of the shadows and altered the narrative around women and sex. We all saw ourselves in them as they searched for fulfillment in life, sex and friendships. Now, Kristin Davis wants to connect with you, the fans, and share untold stories and all the behind the scenes. Together, with Kristin and special guests, what will begin with Sex and the City will evolve into talks about themes that are still so relevant today. "Are you a Charlotte?" is much more than just rewatching this beloved show, it brings the past and the present together as we talk with heart, humor and of course some optimism.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.