Wouldn’t be surprised if they went undercover as a member.
The FBI spied on a Signal group chat of immigration activists, records reveal
Submitted 3 weeks ago by herseycokguzelolacak@lemmy.ml to technology@lemmy.world
https://www.theguardian.com/us-news/2025/nov/21/fbi-signal-group-chat-immigration
Comments
THX1138@lemmy.ml 3 weeks ago
h54@programming.dev 3 weeks ago
My guess as well. Historically, the FBI has spent substantial resources infiltrating groups deemed even the smallest threat to state power.
JoeKrogan@lemmy.world 3 weeks ago
Lowest barrier to entry
SleeplessCityLights@programming.dev 3 weeks ago
Remember that most hacking is not done by breaking encryption and running code. It’s %100 social engineering. The weakest point is always a person.
SnoringEarthworm@sh.itjust.works 3 weeks ago
Most activism groups aren’t really screening for membership.
Usually it’s, “you want to join ? Cool, I’ll add you.”
captainlezbian@lemmy.world 3 weeks ago
Oh so it’s an activist group that’s doing valuable work but has no need to background check for security. Makes sense, basically every activist or political group is on signal these days.
vacuumflower@lemmy.sdf.org 2 weeks ago
We are starting to learn that the world with computers and the Internet is like the world without them, except with them.
There were those medieval German secret courts with their secret judgements and assassins fulfilling those. And there were various masonic and such groups. And even secret societies of revolutionaries.
All they were was crime groups, interest clubs and elites pastime, in the end.
But it all started really working with mass politics. Because secrecy of a group requiring communication and adding new members can’t be preserved, and once it’s broken, it’s just a few people challenging the power. While a crowd with torches (because nobody gives days off for demonstrations at daytime ; yes, torches were not a Nazi thing, they were common for all “worker” parties) doesn’t need secrecy - its idea’s survival is guaranteed not by secrecy, but by inability to stop its spread.
herseycokguzelolacak@lemmy.ml 2 weeks ago
This is why I don’t subscribe to the Signal E2EE hype cult.
The fact that Signal doesn’t hide the anonymity of its users, and forces everyone to use phone numbers is a huge red flag.
jjlinux@lemmy.zip 2 weeks ago
SimpleX is the way to go, always making sure you never say anything that can point to you in any chat.
vacuumflower@lemmy.sdf.org 2 weeks ago
Yes. And the only person I know to have interacted with state security agencies in professional area has told me a few times that any security system based on cryptography is of no real use. Like perpetuum mobile, snake oil, and so on.
If your information is protected by cryptography, it could as well be protected by using “Aesopean language” or memorized by loyal courier or put on paper note in a secret place. You have a secret and a message, ultimately. If your secret place can be predicted, then your secret key can be stolen. If your loyal courier can be drugged\tortured\intimidated, so can be you or your addressee or your cryptography means’ providers to give up the secret key or the message contents or to sabotage your tools.
“Aesopean language” is how they really do it for anything important, it’s pretty naturally learned from culture (one case where spy movies and such show it right), it doesn’t require niche expertise, and it does require common context that can’t be fully reconstructed in most cases.
Unfortunately I’m autistic and impaired in that exact part of human communication, but honestly some of famous people whose jobs involve being enlightened black belt masters of that are autistic, so perhaps I’m just dumb.
root@lemmy.world 3 weeks ago
The FBI’s report from August, prepared by its New York division, does not make clear how the bureau accessed the Signal group
The question I’m most curious to have answered
otter@lemmy.ca 3 weeks ago
Sounds like they joined a very large group chat as a member
The FBI, the documents show, gained access to conversations in a “courtwatch” Signal group that helps coordinate volunteer activists who monitor public proceedings at three New York federal immigration courts. The US government has repeatedly been accused of violating immigrants’ due process rights at those courts.
mienshao@lemmy.world 3 weeks ago
I’ve always felt like Signal isn’t half as secure as it claims to be, and articles like this don’t help that feeling…
THX1138@lemmy.ml 3 weeks ago
Why’s that exactly… who’s not to say they just joined the huge group undercover? Or randomly added to a sensitive group aka the journalist debacle a few months ago.
neukenindekeuken@sh.itjust.works 3 weeks ago
It’s as secure as it can be in the modern world really.
But none of the technology matters if you let an FBI agent into your super secure encrypted group chat.
jjlinux@lemmy.zip 2 weeks ago
Read and research a little before just repeating what you hear some saying. Signal is regularly audited by individuals and institutions, and every time it comes back as the top in terms of encryption. But encryption means nothing if a group, or even 1 individual in a group, is compromised.
Nima@leminal.space 3 weeks ago
why is this downvoted? its not even that wild a comment. Signal fans need to chill a bit.
atrielienz@lemmy.world 3 weeks ago
I don’t know who still needs to hear this, so I’m going to say it again for the people in the back.
Assume every form of communication you have is being spied on.
If you’re using an app like signal or similar, make sure you and everyone else in the chat has encryption enabled.
Verify the other users in the chat.
Do not plan any activity that could be considered a criminal enterprise on an electronic device with a connection to the internet.
darklamer@lemmy.dbzer0.com 3 weeks ago
If you’re using an app like signal or similar, make sure you and everyone else in the chat has encryption enabled.
PSA: There’s no way to disable encryption in Signal.
atrielienz@lemmy.world 3 weeks ago
That’s why I said an app like signal. People assume that every app works the same. Telegram had issues with encryption where all parties didn’t have encryption enabled but one or more of the parties involved assumed the chat was still encrypted.
However I should probably change that to read more along the lines of: know the features and settings of your app and ensure that encryption settings are set to maximize the protection of privacy.
I’m gonna have to workshop that. It’s a mouthful.
Either way, thank you for pointing that out.
SupraMario@lemmy.world 3 weeks ago
This had nothing to do with encryption. 99.99% of breaches aren’t some pen hack, it’s social engineering of someone to gain access. You have all the best software and practices in place, but if the dumbass on the fourth floor decides that they’re gonna let someone in who’s called them from Microsoft, then it doesn’t matter.
They let the FBI into the chat because they don’t know opsec for shit.
atrielienz@lemmy.world 3 weeks ago
I agree that you’re right. My thought was it was more likely that they socially engineered their way into getting invited to the chat.
This is why I said that a lot of people are the weakest link in their own secured communications networks.
mienshao@lemmy.world 3 weeks ago
I just got downvoted in the comments above for basically having the EXACT same sentiment. I fucking hate it here.
Postimo@lemmy.zip 3 weeks ago
The difference is they gave solid sound advice on opsec, and your comment seemed more in line with distrusting signal’s tech. One of these comments makes sense, the other doesn’t.
atrielienz@lemmy.world 3 weeks ago
Yeah. I dunno man. I’m sorry.
But like. A lot of the time security/privacy fails like this are user-inflicted. Either because people don’t understand the apps and services they use, or because other people are as vigilant about auditing their networks (the people, the hardware the software).
Engywuck@lemmy.zip 3 weeks ago
Just don’t care about down votes.
abbiistabbii@lemmy.blahaj.zone 3 weeks ago
Imagine saying “Feds should follow the law” is an extreme anarchist statement.
vacuumflower@lemmy.sdf.org 2 weeks ago
What you allow them, they do. It’s always so. That right to bear arms - see, when most people think that “Feds should follow the law” is a normal statement, then in a society where carry is normalized one can just not be afraid of repeating it and demanding its fulfillment. Including in crowds near migration courts. While for those disagreeing it’s not convenient.
(I don’t like school shootings, but schools can be guarded with armed adults, which is far easier to do if you arm personnel and not send police there, which is easy with legal carry. I also don’t like political murders, but politicians are not in short supply, or, as we say in Russian, “there’s [as plenty] of them as of shit behind a bathhouse”.)
captainlezbian@lemmy.world 3 weeks ago
It becomes one every anti left scare (red, but also green and lavender)
architect@thelemmy.club 3 weeks ago
Shocking revelation.
Ooops@feddit.org 3 weeks ago
I guess “FBI infiltrated group of immigration activist” would be boring and not fitting the FUD about encrypted messaging…
jjlinux@lemmy.zip 2 weeks ago
Understand that encryption is useless if 1 or more of the parties in a group is already compromised. That’s the problem. Signal’s encryption is great, but you are not anonymous in it. Additionally, even if, like me, you only use your handle and hide your phone number, most people tend to name your contact with your name anyway, effectively breaking the purpose. I use signal only because I’m sure my data is not being sucked as with WhatsApp, but I’m not dreaming for a second that someone will not fuck up at some point and give me away, so I keep stuff I don’t want out there to personal interactions.