House Bans WhatsApp on Congressional Staff Devices Over Security Concerns (axios.com) 23
The U.S. House chief administrative officer has banned WhatsApp from congressional staffers' government devices citing data vulnerability concerns. The cybersecurity office deemed the messaging app "high-risk" due to lack of transparency in data protection, absence of stored data encryption, and potential security risks, according to an email obtained by Axios.
Staff cannot download or keep WhatsApp on any House device, including mobile, desktop, or web browser versions.
Staff cannot download or keep WhatsApp on any House device, including mobile, desktop, or web browser versions.
But (Score:5, Insightful)
Re: (Score:3)
Yes, it has those features, but if I were them I'd compile it myself to prevent supply-chain attacks.
At least to verify the hash-- reproducible builds are valuable.
Can't do that with WhatsApp.
Re: (Score:2)
If they're going to use Signal, they could at least make contributions towards Signal's development (financial, not code).
Re: (Score:2)
Yes, it has those features, but if I were them I'd compile it myself to prevent supply-chain attacks.
Signal was one of the apps which was okay for installation on non-classified government phones. That means they've supposed to have done at least some basic checks that it isn't malware. I believe that they also use/recommend/require a custom app which is deliberately "less"/differently secure in that it records the conversations for compliance with presidential records acts. That's all part of the reason why Hesgeth got away with having used it after declaring that pre-information that an attack was going
Re: (Score:3)
Re: (Score:3)
The courts blinked and allowed the administration to do as it pleases.
Re: (Score:3)
Re:But (Score:4, Insightful)
I don't know about the House, but Truth Social is the only acceptable app for the executive branch, obviously!
Re: (Score:3)
Signal works great but isnt idiot proof. Sadly, this administration seems to need idiot proof.
This administration's bungling does point to a security flaw in the government using any commercial chat app in that anyone with the app can be accidentally invited which allows a rout into our government's secure communications by both reporters and adversarial governments though. But then if they used the communication channels provided for by our government they wouldnt be able to get around the Federal Records
Re: But (Score:2)
Security is only as good as the weakest link, which is always a software problem.
Re: But (Score:2)
Re: But (Score:2)
Your right: I meant to write "isn't" always". The omission of the "not" makes a big difference. I was thinking that top secret operation information was recently leaked precisely because of human incompetence.
Re: (Score:3)
It's impossible to make anything idiot proof, because idiots are so ingenious.
Re: (Score:2)
Re:But (Score:4, Insightful)
It is as long as you use the complimentary Whitehouse wifi provided by Starlink. https://www.washingtonpost.com... [washingtonpost.com]
And now a thought experiment for the fans of this administration.
If Biden had installed wifi in the Whitehouse and it was paid for by George Soros, would you feel any different?
Re: (Score:2)
Yes, Signal is still OK because it's used to inform the press about near-future US Government actions.
Great this will improve Signal's usage (Score:3)
Jul 09, 2024: WhatsApp Security Issues (Score:2)
New Report Exposes Security Issues With WhatsApp Apps [forbes.com]
AIM (Score:2)
Right back to AIM, no doubt.
Let's hear it for Hegseth! (Score:1)
For not texting the Iran bombing schedule to a journalist this time around.
Damn, the bar sure is low in this administration.