CISA recommended Signal for encrypted end-to-end communications for "highly targeted individuals."

https://www.cisa.gov/sites/default/files/2024-12/guidance-mo...

The best part is that, in trying to comply with this guidance, the government chose Telemessage to provide the message archiving required by the Federal Records Act.

The only problem is that Telemessage was wildly insecure and was transmitting/storing message archives without any encryption.

Recommendations to the private sector don't condone violating security and retention laws for people working in the public sector.

Military personnel are currently only allowed to use Signal for mobile communications within their unit. Classified information is a different story, though.

I don't think I agree with the following from this guide:

> Do not use a personal virtual private network (VPN). Personal VPNs simply shift residual risks from your internet service provider (ISP) to the VPN provider, often increasing the attack surface. Many free and commercial VPN providers have questionable security and privacy policies. However, if your organization requires a VPN client to access its data, that is a different use case.

What do you disagree with?

> Personal VPNs simply shift residual risks from your internet service provider (ISP) to the VPN provider, often increasing the attack surface.

That's true. A VPN service replaces the ISP as the Internet gateway with the VPN's systems. By adding a component, you increase the attack surface.

> Many free and commercial VPN providers have questionable security and privacy policies.

Certainly true.

> if your organization requires a VPN client to access its data, that is a different use case.

Also true: That's not a VPN service; you are (probably) connecting to your organization's systems.

There may be better VPN services - Mullvad has a good reputation around here - but we really don't know. Successful VPN services would be a magnet for state-level and other attackers, which is what the document may be concerned with.

Come on, man. We're talking about classified information, not general OPSEC advice. I worked in a SCIF. Literally every piece of equipment, down to each ethernet cable, has a sticker with its authorized classification level. This system exists for a reason, like making it impossible to accidently leak information to an uncleared contact in your personal phone. What Hegseth did (and is doing?) is illegal. It doesn't even matter what app is used.

That's not even the point, though. Those smart-but-not-techy people are not going to grow GDP at the pace that Satya Nadella needs them to in order to keep his KPIs going up and to the right, and he's getting pissed.

That's the problem.

"Quick, guys, find something useful" coming from a CEO who's bet his company on an idea should be a market top signal, right?

And no, I'm not saying the technology is bad. The business isn't going swimmingly, though.

That would be harmful to their self esteem.

The empire has vassals, not allies.

The empire is doing everything it can to alienate its vassals into indipendent cities-states with their own alliances

Sounds like a cartoon world.

Realpolitik dictates that you don't start conflicts with all of your vassals for literally no reason

Satisfied?

You nailed it

It's old thinking that has been proven wrong multiple times... by America.

I think America is proving that?

The honor system is a remnant of a high-trust society. Living in a place where you can generally trust your neighbors is neat.

OpenAI is in no way "commercially successful."

You can't say they are "in no way" commercially successful when they have around one BILLION monthly users. That's just disingenuous.

I've recently noticed on TikTok a big trend of food scientists, and chemists that basically just aggressively "debunk" anyone saying any sort of preservative or processed food ingredient is bad for you, and they always fall back on "proven safe for human consumption" which is just like circular reasoning that the FDA is perfect, righteous, and good.

There is of course a lot of kooky beliefs out there about food. But it seems like there is a very intentional social media campaign to associate ANY claim that the stuff in our food is not in our best interest with the kooks that believe the only safe thing to eat is raw goat balls or whatever.

For books anyway, I found The Hundred-Year Lie to be incredibly in depth, but there's a lot of chemistry so it's verrry dense.

That's not enough: you should also read the critics and opponents of what you think is true. That is, if you're truly trying to figure out reality and not just seeking psychological security.

Remember, the test of a true intellectual is that they can convincingly defend a position they find abhorrent.

“He who knows only his own side of the case knows little of that. His reasons may be good, and no one may have been able to refute them. But if he is equally unable to refute the reasons on the opposite side, if he does not so much as know what they are, he has no ground for preferring either opinion... Nor is it enough that he should hear the opinions of adversaries from his own teachers, presented as they state them, and accompanied by what they offer as refutations. He must be able to hear them from persons who actually believe them...he must know them in their most plausible and persuasive form.”

― John Stuart Mill, On Liberty

Or you just read a scientific paper. It's called a review and it goes over several studies and uses statistics to determine probability of claims. For example,

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8227014/ https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9776645/

I try to discourage people from using the internet. I work in infosec.

OK, fed.