TeleMessage, a modified Signal clone used by US govt. officials, has been hacked

https://techcrunch.com/2025/05/05/telemessage-a-modified-signal-clone-used-by-us-govt-officials-has-been-hacked/

47•latein•5h ago

Comments

latein•5h ago

TeleMessage came into the spotlight last week after it was reported that former U.S. National Security Adviser Mike Waltz was using TeleMessage’s modified version of Signal. Israel-based TeleMessage, owned by Smarsh, offers its clients a way to archive messages

like_any_other•2h ago

> The hack revealed that the archived chat logs are not end-to-end encrypted between the modded version of Signal that TeleMessage offers and the ultimate location where it stores the messages, 404 Media reported.

Given the emphasis on end-to-end encryption by apps such as Signal, its importance for sensitive government communications, and its rudimentary nature in cryptography (one doesn't need to be an expert to know it's useless to talk about 'security' if it is absent), I struggle to understand how this is a mistake and not a deliberate backdoor.

giancarlostoro•3h ago

I find this app so pointless, you can export your Signal chats yourself. They could have instead invested into Signal directly to ask for an archival piece where all parties agree that the chat will be exported to x folder, in x format, but once that exports done they will be wiped from Signal itself within a week. Some sort of chain of trust thing. Bonus points if you enforce validating keys between people before they can all be in a group chat.

Heck you could even require that exported chats have a password defined by the end-user, so its not just sitting there in plaintext. I wonder how much of this TeleMessage even tried to do, I have a feeling its a hacked up app that does what's advertised on the can, with no emphasis on securely doing so.

titaphraz•2h ago

Would handling governmental data make you a high value target?

makeworld•1h ago

https://www.404media.co/the-signal-clone-the-trump-admin-use...

mdaniel•1h ago

relevant:

Technical analysis of TM SGNL, the unofficial Signal app Trump officials used - https://news.ycombinator.com/item?id=43875476 - May, 2025 (152 comments)

Curl has banned the use of AI-generated submissions via HackerOne

CNCF and Synadia Reach an Agreement on NATS

Ask HN: Why AI code generators are rising?

How to Not Get Poisoned in America

Show HN: Klavis AI – Open-source MCP integration for AI applications

AIOnPulse: AI News Aggregator

Implementing a Struct of Arrays

My Miserable Week in the 'Happiest Country on Earth'

Cline Memory Bank

Temu v0

FastAPI Cloud

Near Space Labs nabs $20M

Ask HN: Is archive.today/is/md/etc. compromised?

Domain Representations

Europe Makes a Pitch to Attract Scientists Shunned by the U.S.

Questions About Learners' Code (QLCs)

Dynamic Malware Analysis of Open Source Packages at Scale

Tech oligarchs are gambling our future on a fantasy

Sweetgreen CEO on Robots, MAHA and Why Salads Are So Expensive

When does PT help with pain?

Big Tech's earnings problem is estimates may be way too high

No Instagram, No Privacy

Trusted Third Parties Are Security Holes (2005)

True random number generators (2013)

Webhook events and payloads

Dimension 126 Contains Twisted Shapes, Mathematicians Prove

Little Bosses Everywhere

How are cyber criminals rolling in 2025?

Europe pledges half billion euros to lure scientists as US battles universities

London's 'spiralling' housing crisis in numbers