Agree that it is fairly vacuous, however the article does say that the content of the communications were backed up to Apple's cloud leading to it getting compromised.
Case in point, all of my messages in Signal are locked behind a password phrase, which I have to re-enter every time the phone restarts or the app gets updated. I figured it was iron-clad. Until I discovered that the whole password-protected message vault is entirely optional (must've been one of those things I toggled years ago and never looked back). My girlfriend, of course, uses Signal but does not have that turned on, so if they really wanted a record of our communications, all they'd have to do is subpoena her phone instead of mine.
Not a big surprise. Being secure against the FBI (not to mention NSA) is really hard, even for a technical person.
If you want to be secure against a possible prosecution you really need to hire an expert to setup your devices and teach you how to use them securely. And you also need to think about physical security.
"It’s unclear if the FBI actually broke through any layers of encryption to get the data. It’s possible that Cohen, who apparently at times taped conversations, stored the conversation logs in a less-than-secure way."
I wanted to post that exact quote as a TL;DR for the article.
We can consider the article a reminder that secure communication tools are not enough for full privacy. One also needs a privacy aware behavior to take advantage of such tools: don't record/backup these conversations, delete the history from your app, have strong passwords, etc.
14 comments
[ 3.8 ms ] story [ 51.8 ms ] thread[About Cohen] > It’s unclear if the FBI actually broke through any layers of encryption to get the data
[About Manafort] > Paul Manafort, himself found ... Those messages appeared to have been found through Manafort’s Apple iCloud account.
Case in point, all of my messages in Signal are locked behind a password phrase, which I have to re-enter every time the phone restarts or the app gets updated. I figured it was iron-clad. Until I discovered that the whole password-protected message vault is entirely optional (must've been one of those things I toggled years ago and never looked back). My girlfriend, of course, uses Signal but does not have that turned on, so if they really wanted a record of our communications, all they'd have to do is subpoena her phone instead of mine.
If you want to be secure against a possible prosecution you really need to hire an expert to setup your devices and teach you how to use them securely. And you also need to think about physical security.
"It’s unclear if the FBI actually broke through any layers of encryption to get the data. It’s possible that Cohen, who apparently at times taped conversations, stored the conversation logs in a less-than-secure way."
We can consider the article a reminder that secure communication tools are not enough for full privacy. One also needs a privacy aware behavior to take advantage of such tools: don't record/backup these conversations, delete the history from your app, have strong passwords, etc.
"Secure communications app" != "Secure communications"
Reminds me of.. « Yes your database was encrypted but the key was stored in a file on the server adjacent. »