1 00:00:11,760 --> 00:00:13,440 I'm Jared. And I'm Mike. 2 00:00:13,600 --> 00:00:16,160 And this is posting through it Bulletin. 3 00:00:16,320 --> 00:00:18,760 We're trying something new here. This is going to be a shorter 4 00:00:18,760 --> 00:00:23,600 episode focused on giving you the information that will 5 00:00:23,600 --> 00:00:26,960 hopefully help guide you as the weather warms up and we enter 6 00:00:26,960 --> 00:00:30,560 into protest season. A lot of crazy shit in this 7 00:00:30,560 --> 00:00:32,880 country right now. And I think people are going to 8 00:00:32,880 --> 00:00:35,360 be active. The Trump administration's given 9 00:00:35,360 --> 00:00:39,040 us no sign of backing down from its authoritarian push across 10 00:00:39,040 --> 00:00:42,840 the US, which all but guarantees that we're going to see more 11 00:00:42,840 --> 00:00:46,680 conflicts in the streets with Trump's paramilitary forces. 12 00:00:46,680 --> 00:00:50,920 It's almost inevitable. And we've seen in Minneapolis 13 00:00:50,920 --> 00:00:55,240 and other places as well. You know what they did to Renee 14 00:00:55,240 --> 00:00:57,200 Goode, what they did to Alex Petty? 15 00:00:57,320 --> 00:00:59,320 These people are capable of killing. 16 00:00:59,960 --> 00:01:03,400 But they've also expressed a desire to stamp out anti fascist 17 00:01:03,400 --> 00:01:07,080 activism, which can theoretically include anything 18 00:01:07,240 --> 00:01:10,720 that opposes their autocratic vision for the country. 19 00:01:11,480 --> 00:01:16,760 That puts a greater scrutiny on communication between organizers 20 00:01:16,760 --> 00:01:19,160 and protesters, which is what this episode's going to focus 21 00:01:19,160 --> 00:01:22,600 on. As tensions grew in Minneapolis 22 00:01:22,600 --> 00:01:26,320 and protesters, community organizers, activists responded 23 00:01:26,520 --> 00:01:31,320 to the administration's violent I'll fated operation Metro surge 24 00:01:31,800 --> 00:01:36,480 influencers claim to have quote UN quote, infiltrated Signal 25 00:01:36,480 --> 00:01:40,440 chats used by people on the ground there by joining these 26 00:01:40,440 --> 00:01:44,040 groups where links were publicly shared and then posting 27 00:01:44,040 --> 00:01:49,160 screenshots, screen recordings and all kinds of outlandish 28 00:01:49,160 --> 00:01:52,000 commentary about what those chats contained. 29 00:01:52,440 --> 00:01:54,920 Right, Jared? And it's important to note that 30 00:01:54,920 --> 00:02:00,320 these anti antifa Internet performers who are essentially 31 00:02:00,320 --> 00:02:03,080 interchangeable and wait, if you're listening to this in 32 00:02:03,080 --> 00:02:05,520 future, there may be new ones I haven't even heard of yet. 33 00:02:06,040 --> 00:02:09,520 They are not particularly gifted sleuths generally. 34 00:02:10,080 --> 00:02:12,920 They have a tendency to lie and self aggrandize. 35 00:02:13,760 --> 00:02:17,120 They aren't journalists. What they do is designed to 36 00:02:17,120 --> 00:02:21,240 serve themselves financially and to please authority, IE they 37 00:02:21,240 --> 00:02:25,560 don't speak truth to power, they distort tattle, and they flatter 38 00:02:25,560 --> 00:02:29,480 powerful men. They are in no uncertain terms 39 00:02:29,600 --> 00:02:32,360 and in a literal sense, professional bootlickers. 40 00:02:33,000 --> 00:02:35,800 One of these guys is a big chunkist named Cam Higbee. 41 00:02:38,360 --> 00:02:41,800 We have covered this guy on PCI before. 42 00:02:42,160 --> 00:02:46,160 Higbee claimed to infiltrate so-called antifa networks on 43 00:02:46,240 --> 00:02:49,040 Signal. Influencers like this call 44 00:02:49,040 --> 00:02:52,480 protest protesters terrorists. That's the way they describe 45 00:02:52,840 --> 00:02:56,680 people who are law abiding protesters and they steal that 46 00:02:56,680 --> 00:02:59,160 language from the Trump administration itself. 47 00:02:59,400 --> 00:03:03,320 He unveiled his findings about the Minneapolis protests in 48 00:03:03,320 --> 00:03:06,360 January 2026 on Benny Johnson's show. 49 00:03:06,680 --> 00:03:10,360 Benny Johnson, another influencer, said this is clearly 50 00:03:10,360 --> 00:03:14,200 a coordinated infrastructure and we'd like for the feds to take a 51 00:03:14,200 --> 00:03:17,080 crack at trying to get rid of this infrastructure. 52 00:03:17,080 --> 00:03:20,600 The way they approach the mob or cartels or other terrorist 53 00:03:20,600 --> 00:03:23,040 networks, right By the way, the mob. 54 00:03:23,280 --> 00:03:25,480 OK, this is the anti ICE protest. 55 00:03:25,800 --> 00:03:30,120 There's no credible evidence of technical hacking or covert 56 00:03:30,120 --> 00:03:34,280 access beyond simply joining these chats like any other user 57 00:03:34,280 --> 00:03:36,200 could. There's no reason to think Kim 58 00:03:36,200 --> 00:03:39,880 Higbee pulled off some sort of technical feat that allowed him 59 00:03:39,880 --> 00:03:42,080 to get into it. The law enforcement is now 60 00:03:42,080 --> 00:03:46,720 looking at both the communication practices and the 61 00:03:46,720 --> 00:03:48,720 public claims these influencers are making. 62 00:03:49,320 --> 00:03:54,720 FBI Director and frequent PTI punchline Akash Patel announced 63 00:03:54,720 --> 00:03:59,440 on the same podcast hosted by Benny Johnson that after seeing 64 00:03:59,440 --> 00:04:03,240 Kim Higbee's post about the Signal chats in Minneapolis, he 65 00:04:03,240 --> 00:04:05,560 asked the FBI to open up an investigation. 66 00:04:05,560 --> 00:04:08,520 We immediately opened up that investigation because that sort 67 00:04:08,520 --> 00:04:12,840 of Signal chat being coordinated with individuals, not just 68 00:04:12,840 --> 00:04:15,240 locally in Minnesota, but maybe even around the country. 69 00:04:15,840 --> 00:04:19,600 If that leads to a break in the federal statute or a violation 70 00:04:19,880 --> 00:04:22,800 of some law, then we are going to arrest people. 71 00:04:22,800 --> 00:04:27,280 You cannot create a scenario that illegally entraps and puts 72 00:04:27,280 --> 00:04:30,920 law enforcement in harm's way. So understandably this has made 73 00:04:30,920 --> 00:04:34,280 a lot of people nervous. A lot of people have questions 74 00:04:34,320 --> 00:04:37,360 about Signal. There's some bad information, 75 00:04:37,360 --> 00:04:41,320 some bad advice going around. So on this one, we've got Bill 76 00:04:41,320 --> 00:04:45,000 Buddington with us. He's going to talk through how 77 00:04:45,280 --> 00:04:50,440 to use Signal effectively during a protest and in a way that 78 00:04:50,440 --> 00:04:53,680 doesn't put you in danger. We want everyone to stay safe 79 00:04:53,680 --> 00:04:57,000 here. Say from a blamely corrupt 80 00:04:57,000 --> 00:05:01,880 regime that equates their dissent, their dissatisfaction, 81 00:05:01,880 --> 00:05:04,720 their outrage, their anger with terrorism. 82 00:05:05,400 --> 00:05:10,560 Say from far right influencers who would not hesitate to ruin 83 00:05:10,560 --> 00:05:14,040 your life if it meant content they could profit from. 84 00:05:15,080 --> 00:05:18,600 And I thought it'd also just be helpful to give you some general 85 00:05:18,600 --> 00:05:22,440 background about what signal is and how it works exactly. 86 00:05:36,440 --> 00:05:38,920 Bill, thanks for taking some time to join us today. 87 00:05:39,480 --> 00:05:42,760 A lot of people have, you know, I've certainly seen a lot of 88 00:05:42,760 --> 00:05:47,160 people getting a little antsy about Signal, maybe not fully 89 00:05:47,160 --> 00:05:49,440 understanding it. And I appreciate you taking the 90 00:05:49,440 --> 00:05:53,720 time to sit down with us and kind of explain to us what it 91 00:05:53,720 --> 00:05:58,160 is, how it works, and if people are considering participating in 92 00:05:58,160 --> 00:06:01,200 a protest or doing some kind of activism, what they need to 93 00:06:01,200 --> 00:06:03,480 know. So first I just want to start 94 00:06:03,480 --> 00:06:07,760 off, what can you tell us about Signal and its origins? 95 00:06:08,120 --> 00:06:12,160 Yeah. So Signal came into being as 96 00:06:12,160 --> 00:06:17,200 kind of a combination of two apps that preceded it and they 97 00:06:17,200 --> 00:06:20,160 were developed between 2010 and 2015. 98 00:06:20,440 --> 00:06:25,960 The one app was tech secure and that was text messaging, 99 00:06:25,960 --> 00:06:29,040 encrypted text messaging. And then there was also Red 100 00:06:29,040 --> 00:06:34,160 Phone that was encrypted calls and they merged to form Signal 101 00:06:34,160 --> 00:06:37,680 because all that is incorporated in Signal and that that merger 102 00:06:37,680 --> 00:06:41,520 happened in around 2015. So yeah, that that's kind of, 103 00:06:42,520 --> 00:06:47,880 you know, was developed by Moxie Marlinspike originally. 104 00:06:48,400 --> 00:06:55,560 Yeah, just kind of was handed over to its own nonprofit in 20, 105 00:06:55,560 --> 00:06:57,920 I want to say like 20-17 around then. 106 00:06:58,200 --> 00:07:02,440 So when you say encrypted, maybe this is really basic, but just 107 00:07:02,440 --> 00:07:05,160 to break it down for people so they understand what that 108 00:07:05,160 --> 00:07:09,000 actually means. When you say text messages or 109 00:07:09,000 --> 00:07:12,520 phone calls are encrypted, what's actually going on there? 110 00:07:12,840 --> 00:07:19,240 What encryption means in the most basic general form is that 111 00:07:19,720 --> 00:07:24,920 a message or some communication is being a scrambled up and the 112 00:07:24,920 --> 00:07:29,080 only way to unscramble it is to have some secret key that you're 113 00:07:29,080 --> 00:07:32,360 able to unscramble it with basic encryption. 114 00:07:32,680 --> 00:07:37,360 So if you go to a website like, you know, googleoreff.org, 115 00:07:37,640 --> 00:07:42,200 you're going to go to that website over what's called HTTPS 116 00:07:42,520 --> 00:07:45,560 and HTTPS that S stands for secure. 117 00:07:46,000 --> 00:07:52,080 That's accessing the website over protocol that allows you to 118 00:07:52,080 --> 00:07:57,240 communicate with it in a way that your say, coffee shop 119 00:07:57,480 --> 00:08:01,880 hacker isn't able to actually intercept and see that traffic. 120 00:08:02,120 --> 00:08:05,240 So they can't read your messages or read your communications or 121 00:08:05,480 --> 00:08:10,960 be able to look at what's going on or, or impersonate you with 122 00:08:10,960 --> 00:08:13,440 your communication to that website, right? 123 00:08:13,960 --> 00:08:17,120 So that's basic encryption that's widely deployed 124 00:08:17,320 --> 00:08:21,760 everywhere by this point. Now there's a more advanced form 125 00:08:21,760 --> 00:08:24,920 of encryption called end to end encryption. 126 00:08:25,400 --> 00:08:32,000 An end to end encryption is so that you are communicating with 127 00:08:32,000 --> 00:08:36,200 your friend and you know, it's not so much about the service 128 00:08:36,440 --> 00:08:40,960 that that a hacker, for instance, can impersonate. 129 00:08:41,280 --> 00:08:46,280 But with end to end encryption, you're able to, to ensure that 130 00:08:46,360 --> 00:08:51,920 you know, your communications aren't being able to be seen by 131 00:08:51,920 --> 00:08:56,040 the service itself and, and not being able to be impersonated by 132 00:08:56,040 --> 00:08:59,760 that service as well. So so there are guarantees that 133 00:08:59,760 --> 00:09:03,680 end to end encryption really provides above and beyond basic 134 00:09:03,680 --> 00:09:06,240 encryption. So I make sure I understand it. 135 00:09:06,240 --> 00:09:10,280 Basically if you're in Signal, you write a message when it goes 136 00:09:10,280 --> 00:09:13,520 out of the app, it kind of scrambles it up and then when it 137 00:09:13,520 --> 00:09:18,200 gets to the person that you're sending it to, it unscrambles it 138 00:09:18,200 --> 00:09:20,520 and shows it to them. Is that does that sound right? 139 00:09:20,880 --> 00:09:23,680 Yeah. And it's using public key 140 00:09:23,680 --> 00:09:28,800 cryptography, which is this advanced way of ensuring that 141 00:09:29,440 --> 00:09:32,040 there are keys that are generated on your device that 142 00:09:32,160 --> 00:09:34,080 allow that communication to happen. 143 00:09:34,200 --> 00:09:36,640 And those are stored on the device itself that you're 144 00:09:36,640 --> 00:09:41,520 holding in your hand and not on the signal servers for instance. 145 00:09:41,760 --> 00:09:44,880 Anyone can download, you know, if you have a smartphone, you 146 00:09:44,880 --> 00:09:46,960 can download it right from whatever App Store. 147 00:09:47,360 --> 00:09:51,520 Protesters are using this in Minneapolis as we discussed in 148 00:09:51,520 --> 00:09:54,360 the intro. Is this still the most effective 149 00:09:54,360 --> 00:09:56,640 way to organize during a protest? 150 00:09:56,640 --> 00:09:59,000 Do you believe that signal is the most effective way to 151 00:09:59,000 --> 00:10:03,560 organize I guess And is that what you would recommend vis A 152 00:10:03,560 --> 00:10:05,680 vis other products? Yeah. 153 00:10:05,680 --> 00:10:10,280 So Signal is kind of widely considered by security experts 154 00:10:10,280 --> 00:10:14,080 and information security field in general to be the gold 155 00:10:14,080 --> 00:10:18,720 standard in end to end encryption and in communication 156 00:10:18,720 --> 00:10:24,680 security in general. And it's something that I see as 157 00:10:24,680 --> 00:10:28,240 spring up personally as being the most secure option, 158 00:10:28,400 --> 00:10:31,600 especially for for audiences, audiences that that have access 159 00:10:31,600 --> 00:10:33,400 to it. Now, when you're in a protest 160 00:10:33,400 --> 00:10:37,760 situation, there could be, and there have been situations where 161 00:10:37,760 --> 00:10:41,800 they cut off all Internet access to a specific area. 162 00:10:41,960 --> 00:10:45,240 We haven't seen this recently, but this was part of, you know, 163 00:10:45,240 --> 00:10:48,720 the Bart protests and and in San Francisco. 164 00:10:48,880 --> 00:10:52,800 And so if that happens, then you might not have access to signal 165 00:10:53,000 --> 00:10:55,240 at that particular time. So it's important to point that 166 00:10:55,240 --> 00:10:58,640 out as a caveat and there might be other kind of more local 167 00:10:58,760 --> 00:11:01,280 options available. So that's something they have 168 00:11:01,280 --> 00:11:04,520 the, the government would have the capacity to do to people to 169 00:11:04,520 --> 00:11:08,400 in order to eliminate the, the advantages you might get from 170 00:11:08,400 --> 00:11:10,000 being able to use that in a protest. 171 00:11:10,160 --> 00:11:13,760 How does it prevent outside surveillance? 172 00:11:13,880 --> 00:11:17,400 Better necessarily than Telegram, Discord or WhatsApp? 173 00:11:17,520 --> 00:11:19,440 Those are the three that come to mind. 174 00:11:19,880 --> 00:11:22,240 But there are, I mean there are others that are out there. 175 00:11:22,680 --> 00:11:27,400 WhatsApp employs the Signal protocol, so it's able to 176 00:11:27,400 --> 00:11:32,480 scramble messages and send them and, you know, unscramble in the 177 00:11:32,480 --> 00:11:37,720 same way as Signal is. But in terms of the emphasis, 178 00:11:37,720 --> 00:11:43,000 they prioritize usability over the encryption and safety. 179 00:11:43,480 --> 00:11:47,240 And that means, for instance, that they'll make certain 180 00:11:47,240 --> 00:11:52,000 choices like, you know, not having your backups for your 181 00:11:52,000 --> 00:11:55,680 chats encrypted by default. And that will completely 182 00:11:55,920 --> 00:11:59,360 circumvent the protection that you get from an app like Signal. 183 00:11:59,360 --> 00:12:04,840 So Signal, you're going to have all of your defaults, all of 184 00:12:04,840 --> 00:12:08,400 your settings as secure as possible right out-of-the-box. 185 00:12:08,720 --> 00:12:13,800 And WhatsApp, you know it can do that, but it's not going to have 186 00:12:13,800 --> 00:12:18,680 those settings enabled and locked down just as you're 187 00:12:18,680 --> 00:12:20,280 downloading it. There's going to be a lot of 188 00:12:20,600 --> 00:12:23,960 ways in which the you can trip over the settings and not have 189 00:12:23,960 --> 00:12:28,040 your communications secure. So when it came to Minneapolis, 190 00:12:28,920 --> 00:12:33,800 one of the concerns about Signal I saw come out of that came 191 00:12:33,800 --> 00:12:39,360 after Alex Pretty was killed. About an hour later, this guy 192 00:12:39,360 --> 00:12:44,760 named Cam Higbee started posting a screen, recording videos, 193 00:12:45,120 --> 00:12:48,600 scrolling through different Signal chats, showing who's in 194 00:12:48,600 --> 00:12:51,880 there. You saw all kinds of people jump 195 00:12:51,880 --> 00:12:57,680 in on it, trying to make amateur identifications of who might be 196 00:12:57,680 --> 00:13:03,600 in it, that sort of thing. So one of the things that people 197 00:13:03,920 --> 00:13:06,680 that we saw were talking about that we wanted to, you know, try 198 00:13:06,680 --> 00:13:09,680 to make an episode to help people understand the reality 199 00:13:09,680 --> 00:13:12,360 about is the idea of infiltration. 200 00:13:12,720 --> 00:13:15,720 There's different kinds of signal group chat links you can 201 00:13:15,720 --> 00:13:17,800 send. There's, you know, publicly 202 00:13:17,800 --> 00:13:20,120 shared links, privately shared links. 203 00:13:20,160 --> 00:13:23,320 But when it comes to infiltration or, or, or this 204 00:13:23,320 --> 00:13:27,280 idea that maybe the police might join your signal chat or one of 205 00:13:27,280 --> 00:13:31,000 these influencers who seeks to get the police to crack down on 206 00:13:31,000 --> 00:13:34,520 you joins into it or a counter organizer, I mean, whoever it 207 00:13:34,520 --> 00:13:37,360 may be. How real is that risk? 208 00:13:37,720 --> 00:13:40,760 Does it have anything to do with the app itself or sort of how 209 00:13:40,760 --> 00:13:43,280 it's used? Or help me understand that? 210 00:13:43,520 --> 00:13:51,520 This is a situation where you're adding someone to a chat and 211 00:13:51,520 --> 00:13:56,960 they can be someone who you're not intending to, to actually 212 00:13:56,960 --> 00:14:00,440 add to the chat, right? You need to make sure that 213 00:14:00,440 --> 00:14:03,360 you're vetting that person. And, and as the National 214 00:14:03,360 --> 00:14:07,760 Security Advisor Mike Waltz found out when he mistakenly 215 00:14:07,760 --> 00:14:12,240 added chief editor of The Atlantic to a group chat, you 216 00:14:12,240 --> 00:14:15,800 know, you need to to make sure that the you're actually adding 217 00:14:15,800 --> 00:14:18,000 the people that you expect to be adding, right? 218 00:14:18,880 --> 00:14:23,760 So it's important to kind of do that vetting and because 219 00:14:23,760 --> 00:14:26,640 otherwise you can have that situation where your messages 220 00:14:26,640 --> 00:14:30,680 are inadvertently leaked and posted all over the Atlantic's 221 00:14:30,680 --> 00:14:34,800 website for the case of, you know, the current 222 00:14:34,800 --> 00:14:36,120 administration. Yeah. 223 00:14:36,120 --> 00:14:39,160 And and also I think it's important to point out that we 224 00:14:39,160 --> 00:14:44,680 want to have people actually using the official Signal app 225 00:14:44,920 --> 00:14:48,360 because, you know, they're not. The other aspect of that story 226 00:14:48,360 --> 00:14:51,680 is that there was this third party app that the 227 00:14:51,680 --> 00:14:56,960 administration was using and that app was also kind of 228 00:14:56,960 --> 00:15:00,000 storing all their backups onto a third party server. 229 00:15:00,000 --> 00:15:04,760 So something that you really want to make sure that you're 230 00:15:04,760 --> 00:15:09,240 using official software and not some kind of, you know, clone of 231 00:15:09,240 --> 00:15:11,720 the official software. This, There may not be a correct 232 00:15:11,720 --> 00:15:16,000 answer to this, but let's say Minneapolis is happening in your 233 00:15:16,000 --> 00:15:18,560 neighborhood. And I don't just mean the cold. 234 00:15:19,160 --> 00:15:21,760 You want to organize a kind of a large group of people very 235 00:15:21,760 --> 00:15:24,320 quickly. Is there really anything you can 236 00:15:24,320 --> 00:15:28,760 do about that other than a public facing link to kind of 237 00:15:28,760 --> 00:15:31,120 just get people to, you know, on the same page? 238 00:15:31,120 --> 00:15:34,120 I mean, other than perhaps spelling out some rules of 239 00:15:34,120 --> 00:15:36,600 engagement and just to make people realize that like, hey, 240 00:15:36,600 --> 00:15:39,440 what you post on here could create problems for you. 241 00:15:39,440 --> 00:15:41,680 This is a public facing link. I mean, is there anything else 242 00:15:41,680 --> 00:15:44,680 that we, you know, they can do to avoid, you know, falling into 243 00:15:44,680 --> 00:15:51,040 the hands of of these, you know, far right agitators or the FBI? 244 00:15:51,480 --> 00:15:55,320 You know, what can you do when you need to organize a group of 245 00:15:55,320 --> 00:15:57,320 people in a neighborhood fairly quickly? 246 00:15:57,320 --> 00:15:59,880 I mean, I to me it doesn't seem like there's an easy answer. 247 00:16:00,360 --> 00:16:03,680 Yeah, I think that there isn't this inherent problem with your 248 00:16:03,680 --> 00:16:08,000 trying to publicize an event and make people aware of it, but yet 249 00:16:08,000 --> 00:16:11,800 you're trying to keep out those that might be trying to disrupt 250 00:16:11,800 --> 00:16:16,200 it or to, you know, have a negative influence on what 251 00:16:16,200 --> 00:16:19,040 you're trying to do. And so I, I, I don't think that 252 00:16:19,040 --> 00:16:21,200 there is a technological solution that's that's more of 253 00:16:21,200 --> 00:16:24,400 like a social problem and and social problems don't have 254 00:16:24,400 --> 00:16:26,760 technical solutions, right? They have they have social 255 00:16:26,760 --> 00:16:30,960 solutions that that kind of is kind of inherent with the the 256 00:16:30,960 --> 00:16:32,240 way that you're trying to organize that. 257 00:16:32,400 --> 00:16:36,080 That's not what our AI overlords have been telling me, but I'll 258 00:16:36,080 --> 00:16:38,800 take your word for it, Bill. But it seems to, yeah, it seems 259 00:16:38,800 --> 00:16:41,760 to me, I mean, this is just just a hypothesis from me and I'm not 260 00:16:41,760 --> 00:16:44,040 an expert. I'm just one of the hosts of 261 00:16:44,040 --> 00:16:47,080 posting through it. But it seems to me that that 262 00:16:47,080 --> 00:16:50,880 perhaps people should make distinctions publicly, you know, 263 00:16:51,240 --> 00:16:53,760 make distinctions, Hey, this is a public facing group. 264 00:16:53,800 --> 00:16:56,240 And just be very clear about that and just say there are 265 00:16:56,240 --> 00:16:57,600 certain risks involved with that. 266 00:16:57,760 --> 00:17:01,640 Private groups can break off into, you know, their thing that 267 00:17:01,640 --> 00:17:04,640 are that are carefully vetted and public facing, you know, 268 00:17:04,640 --> 00:17:06,400 public facing groups just to make rules. 269 00:17:06,400 --> 00:17:11,680 And wherever you're posting it, be it blue sky or X, God forbid, 270 00:17:11,680 --> 00:17:15,280 or wherever else, just to say like, Hey, just be be a little 271 00:17:15,280 --> 00:17:17,920 careful about this this one. You know this is potentially 272 00:17:17,920 --> 00:17:20,280 that, but instructions will be given here. 273 00:17:20,920 --> 00:17:23,200 Yeah, that makes sense. I mean, yeah, giving those 274 00:17:23,200 --> 00:17:27,240 caveats to a public facing group, I think that, yeah, 275 00:17:27,240 --> 00:17:30,760 people tend to think that, oh, this is signal, so this is 276 00:17:30,760 --> 00:17:36,480 secure and it is in one sense. It's technically secure, but 277 00:17:36,480 --> 00:17:40,120 it's not socially secure. It's going to be posted to 278 00:17:40,120 --> 00:17:42,240 everyone that was added to that group, right. 279 00:17:42,640 --> 00:17:47,240 If you say something in a group that has member of law 280 00:17:47,240 --> 00:17:51,600 enforcement in it, then that message is going to be delivered 281 00:17:51,600 --> 00:17:56,400 to that person. You don't necessarily not 282 00:17:56,400 --> 00:17:59,680 necessarily going to be divulge your identity. 283 00:17:59,880 --> 00:18:03,520 Your identity might be kept secret, but that message and the 284 00:18:03,520 --> 00:18:06,560 fact that someone posted, you know, a message in that group 285 00:18:06,560 --> 00:18:10,800 saying let's do criminal activity X will will be let out. 286 00:18:10,800 --> 00:18:15,400 And at that point, you know, so it's, so it's important to make 287 00:18:15,400 --> 00:18:19,720 sure that you know the parameters of a group that 288 00:18:19,720 --> 00:18:25,760 you're being added to. So if it's a group that has all 289 00:18:25,760 --> 00:18:29,440 of its members well vetted for, then that's a very different 290 00:18:29,440 --> 00:18:34,800 situation then hey, I just got added to a group of 600 people 291 00:18:34,800 --> 00:18:39,160 that are going to post updates on where they supposedly saw 292 00:18:39,160 --> 00:18:41,400 ICE. Speaking of law enforcement, 293 00:18:41,680 --> 00:18:45,080 this is another question that sort of sticks out with me that 294 00:18:45,200 --> 00:18:49,880 it could be useful to get some clarity on the message is, you 295 00:18:49,880 --> 00:18:53,480 know, you've explained our end to end encrypted, right? 296 00:18:53,480 --> 00:18:57,800 So the likelihood that they set up an antenna and yank it out, 297 00:18:58,200 --> 00:19:02,200 you know, the, the way they might standard text message or 298 00:19:02,200 --> 00:19:05,640 or a phone call or something may be more limited. 299 00:19:05,800 --> 00:19:11,560 But what kind of ways could law enforcement access signal chat 300 00:19:11,560 --> 00:19:15,080 records? Because the bleak of the chat 301 00:19:15,080 --> 00:19:18,680 groups in Minneapolis that I mentioned earlier, Kosh Patel, 302 00:19:18,680 --> 00:19:22,360 the director of the FBI, went on a podcast a couple days later 303 00:19:22,360 --> 00:19:24,720 and was like, I saw those tweets and we're opening an 304 00:19:24,720 --> 00:19:27,840 investigation. I guess I'm curious, just how 305 00:19:27,840 --> 00:19:31,240 much, how much risk are the people in those group chats 306 00:19:31,760 --> 00:19:36,280 actually facing from the FBI at this point? 307 00:19:36,640 --> 00:19:39,840 Like like what can they do? There's a number of ways, and 308 00:19:39,840 --> 00:19:42,400 I'm just going to take the first part of that question, a number 309 00:19:42,400 --> 00:19:47,480 of ways in which your chats can be divulged even if Signal 310 00:19:47,480 --> 00:19:53,920 itself isn't compromised. And one of those instances is 311 00:19:54,000 --> 00:19:59,680 having a piece of spy Ware that has targeted you being installed 312 00:19:59,720 --> 00:20:04,360 on your device, right? So we know of some of these. 313 00:20:04,720 --> 00:20:12,200 Pieces of spyware like Pegasus and other, you know, kind of of 314 00:20:12,200 --> 00:20:16,880 the state, state sponsored malware attacks and they have 315 00:20:17,040 --> 00:20:20,880 specifically targeted human rights defenders, political 316 00:20:20,880 --> 00:20:24,120 opponents, I would say the Pina Nieto regime in Mexico. 317 00:20:24,560 --> 00:20:30,000 There's been Jamal Khashoggi, a journalist that was that was 318 00:20:30,200 --> 00:20:33,680 targeted. And by and large, these are 319 00:20:33,800 --> 00:20:36,840 extremely targeted attacks. And they're not deploying this 320 00:20:37,600 --> 00:20:41,560 to a wide swath of society. Why? 321 00:20:42,240 --> 00:20:47,600 Well, they would love to, but they know that once they start 322 00:20:48,520 --> 00:20:52,960 mass deploying these vulnerabilities that they get 323 00:20:52,960 --> 00:20:57,960 into, that they use to get into people's devices, that there's 324 00:20:57,960 --> 00:21:01,840 some traces, some indicators that that's happened. 325 00:21:02,360 --> 00:21:09,480 And right now, the developers of those pieces of a spy Ware are 326 00:21:09,480 --> 00:21:14,680 in kind of a cat and mouse game with the Apples and Googles of 327 00:21:14,680 --> 00:21:18,440 the world. And that's why when your phone 328 00:21:18,440 --> 00:21:22,040 says you have a security update, it's important to install that 329 00:21:22,040 --> 00:21:24,920 security update because it's going to patch some of those 330 00:21:24,920 --> 00:21:30,600 vulnerabilities that the NSO group uses, for instance, to 331 00:21:30,760 --> 00:21:34,320 bundle into Pegasus malware and compromise your device. 332 00:21:34,640 --> 00:21:39,440 And likewise, you know, spyware on the one hand is, is something 333 00:21:39,440 --> 00:21:47,560 that's, you know, going to to be a way in which someone's device 334 00:21:47,560 --> 00:21:53,320 gets compromised by a remote hacker, you know, just just by 335 00:21:53,440 --> 00:21:55,760 merit of it being on the Internet. 336 00:21:56,240 --> 00:21:58,440 But there's this other side of it. 337 00:21:59,200 --> 00:22:03,400 If your device is seized, if you're arrested and your device 338 00:22:03,400 --> 00:22:06,920 is taken away from you, then they can take that device and 339 00:22:06,920 --> 00:22:11,360 plug it into a forensic imaging piece of hardware. 340 00:22:11,920 --> 00:22:15,320 You know, the two main vendors of this are magnet forensics 341 00:22:16,040 --> 00:22:23,200 that that produces a piece of hardware called the grey key. 342 00:22:23,720 --> 00:22:29,560 And another vendor is Celebrite who produces a piece of hardware 343 00:22:29,560 --> 00:22:32,160 called the universal forensic extraction device. 344 00:22:32,320 --> 00:22:38,560 And once a cop or whatever plugs your device into one of these 345 00:22:39,040 --> 00:22:42,840 forensic imagers, it'll try different combinations of your 346 00:22:42,840 --> 00:22:46,080 pass of pass phrases just to get into that device. 347 00:22:46,240 --> 00:22:51,080 And then once it's able to crack your device passphrase, then all 348 00:22:51,080 --> 00:22:54,200 bets are off. It can take a whole image of 349 00:22:54,200 --> 00:22:56,280 your disk. It can see the messages that 350 00:22:56,280 --> 00:23:00,880 you've sent. It can see your images and 351 00:23:00,880 --> 00:23:04,680 videos, medical data that's stored on the device, crypto 352 00:23:04,680 --> 00:23:08,360 keys for your Bitcoin or sounds. Bad. 353 00:23:09,120 --> 00:23:12,240 Yeah, yeah. So, you know, that's one of the 354 00:23:12,240 --> 00:23:16,200 reasons why it's important to to kind of practice data 355 00:23:16,200 --> 00:23:23,040 minimalization, that if you are afraid of your, what your phone 356 00:23:23,040 --> 00:23:27,480 actually holds being divulged, then don't bring it to that 357 00:23:27,480 --> 00:23:29,320 protest. Don't bring it into a situation 358 00:23:29,320 --> 00:23:34,680 where you're at risk of getting detained because it could fall 359 00:23:34,680 --> 00:23:37,880 into the wrong hands and have all that data extracted from it. 360 00:23:38,360 --> 00:23:43,840 A follow up again thinking about the leak of Signal chats in 361 00:23:43,840 --> 00:23:45,960 Minneapolis and what happened there. 362 00:23:46,440 --> 00:23:49,760 Let let's assume and I don't know if this is true or not, 363 00:23:50,160 --> 00:23:54,000 that nobody in these Signal chats they have custody of and 364 00:23:54,000 --> 00:23:57,720 made a cop, you know, we're able to crack into a phone and take a 365 00:23:58,120 --> 00:24:02,640 a copy of the disk. They just have, you know, video 366 00:24:02,880 --> 00:24:05,480 of recordings of screenshots inside the Signal app. 367 00:24:05,920 --> 00:24:11,440 You've got usernames, user profile pictures, copies of the 368 00:24:11,440 --> 00:24:16,240 messages. Is there a way the FBI can 369 00:24:16,240 --> 00:24:19,040 figure out who is in these chats? 370 00:24:19,040 --> 00:24:24,280 Like can they subpoena Signal or or will the company give up 371 00:24:24,280 --> 00:24:29,600 those records? So what the FBI or federal law 372 00:24:29,600 --> 00:24:33,480 enforcement or even local law enforcement can do is they can 373 00:24:33,480 --> 00:24:38,600 use traditional police work and, you know, they have a, you know, 374 00:24:38,600 --> 00:24:43,080 leaked document or just a, you know, a copy of someone's signal 375 00:24:43,080 --> 00:24:47,040 username. Then, you know, they might ask 376 00:24:47,040 --> 00:24:51,800 or just might try to corroborate that with, you know, someone 377 00:24:51,800 --> 00:24:55,600 else that has that knows a person and there and they know 378 00:24:55,600 --> 00:24:57,480 that their signal name is XY or Z. 379 00:24:57,800 --> 00:25:04,360 The power of subpoena only goes so far in that what Signal 380 00:25:04,480 --> 00:25:06,560 doesn't have, they can't give over. 381 00:25:07,040 --> 00:25:11,720 And just as there's data minimization when it comes to us 382 00:25:11,720 --> 00:25:17,360 protecting our own devices, Signal employs data minimization 383 00:25:17,800 --> 00:25:22,080 in that they don't retain records longer than they have to 384 00:25:22,080 --> 00:25:24,320 just to make that communication possible. 385 00:25:24,920 --> 00:25:28,800 And So what they, what we've seen and you can go to 386 00:25:28,800 --> 00:25:32,320 signal.org/bigbrother to kind of see some of these law 387 00:25:32,320 --> 00:25:37,960 enforcement requests is that they have access to, for 388 00:25:37,960 --> 00:25:41,840 instance, when an account was created and what the last time 389 00:25:41,840 --> 00:25:45,440 that account was logged into. But they don't really have 390 00:25:45,720 --> 00:25:48,360 information beyond that because they don't retain it. 391 00:25:48,360 --> 00:25:51,120 They throw it out, they don't keep it in the first place. 392 00:25:51,320 --> 00:25:56,760 They employ strict data minimization in order to ward 393 00:25:56,760 --> 00:26:02,240 off the possibility that their users will become vulnerable to, 394 00:26:02,560 --> 00:26:05,680 you know, law enforcement requests or requests or even 395 00:26:05,680 --> 00:26:07,880 hacks. You know, if their servers are 396 00:26:07,880 --> 00:26:13,280 hacked, then a remote hacker could get access to who is who 397 00:26:13,280 --> 00:26:18,000 and any records that they have. So they try to make sure that 398 00:26:18,000 --> 00:26:21,640 that doesn't happen by simply not having those requests, those 399 00:26:21,920 --> 00:26:24,680 that data to give over. My last question for you, Bill, 400 00:26:25,840 --> 00:26:28,000 do you listen to techno? What kind of music do you like? 401 00:26:28,400 --> 00:26:29,920 We listen to a lot of techno around here. 402 00:26:29,920 --> 00:26:34,480 Thanks to Mike. Does Kraut rock count? 403 00:26:34,480 --> 00:26:37,040 Yes, Techno. Okay, yes, now we're here. 404 00:26:37,040 --> 00:26:38,920 Are you listening to? Can you fuck with? 405 00:26:39,080 --> 00:26:40,160 Can I love? Can I love? 406 00:26:40,200 --> 00:26:42,360 Can All right okay, now we got 3. 407 00:26:43,160 --> 00:26:44,720 Okay, yeah. Yeah. 408 00:26:44,920 --> 00:26:46,440 Yeah, yeah, OK. It was great. 409 00:26:46,600 --> 00:26:49,640 Faust, you. Fucking I need my vitamin C and 410 00:26:49,640 --> 00:26:55,480 Faust and yeah, I yeah, like Tangerine Dream. 411 00:26:55,800 --> 00:26:57,760 Wow, yeah, okay, okay, I get down with. 412 00:26:57,760 --> 00:26:59,280 That cuts. Deep cuts. 413 00:26:59,440 --> 00:27:01,960 Well, I love Tangerine Dream. We got we got a real 1 here 414 00:27:01,960 --> 00:27:04,120 folks. Yeah, absolutely. 415 00:27:04,120 --> 00:27:08,760 We should get make sure he gets the make sure he gets the free 416 00:27:09,120 --> 00:27:12,160 premium subscription that comes with being a guest because we do 417 00:27:12,160 --> 00:27:14,520 album Rex at the end of our of those episodes. 418 00:27:15,120 --> 00:27:18,000 Bill, thank you so much for for coming and and hopefully this 419 00:27:18,000 --> 00:27:23,120 has been a valuable service to our listeners, particularly, you 420 00:27:23,120 --> 00:27:25,720 know, as the summer months start approaching, we're getting into 421 00:27:25,720 --> 00:27:27,400 the spring summer. Is there going to be a lot of 422 00:27:27,400 --> 00:27:30,400 people on the streets and. My pleasure. 423 00:27:30,720 --> 00:27:34,320 I hope everybody is is, I hope everybody is, you know, watching 424 00:27:34,320 --> 00:27:36,640 out for themselves and, and, and listening to this and thinking 425 00:27:36,640 --> 00:27:40,080 about how they can protect themselves with signal.