RUSH TRANSCRIPT The leak ░░░░░░░░ that group chat dependent ░░░░░░░░ ward employees about a ░░░░░░░░ being detected in the ░░░░░░░░ service and that it ░░░░░░░░ be targeted by hackers ░░░░░░░░ to a memo obtained ░░░░░░░░ NPR our Brian chung ░░░░░░░░ to a security cybersecurity ░░░░░░░░ today to break down ░░░░░░░░ how risky using signal ░░░░░░░░ be Tonight new details ░░░░░░░░ a warning reportedly sent ░░░░░░░░ pentagon employees about the ░░░░░░░░ service signal that it ░░░░░░░░ a major target for ░░░░░░░░ hackers A vulnerability has ░░░░░░░░ identified in the signal ░░░░░░░░ application The email sent ░░░░░░░░ week said according to ░░░░░░░░ and warning employees not ░░░░░░░░ use it even for ░░░░░░░░ I d messages That ░░░░░░░░ just days after the ░░░░░░░░ text exchanges They get ░░░░░░░░ specifics this Is it ░░░░░░░░ it s all classified ░░░░░░░░ planning airstrikes it s ░░░░░░░░ warning security experts like ░░░░░░░░ cloak founder Chris Pearson ░░░░░░░░ all too well using ░░░░░░░░ personal device in consumer ░░░░░░░░ Applications on that device ░░░░░░░░ something that is not ░░░░░░░░ and quite honestly can ░░░░░░░░ undermined the security of ░░░░░░░░ country signal as a ░░░░░░░░ app that increase The ░░░░░░░░ end to end so ░░░░░░░░ s for more secure ░░░░░░░░ a normal text but ░░░░░░░░ the user opens a ░░░░░░░░ email or a message ░░░░░░░░ a bad actor it ░░░░░░░░ open the door to ░░░░░░░░ anything on the phone ░░░░░░░░ you are actually sent ░░░░░░░░ phishing email Link or ░░░░░░░░ fishing you our code ░░░░░░░░ a user actually clicks ░░░░░░░░ that end it renders ░░░░░░░░ software to run on ░░░░░░░░ Device you can then ░░░░░░░░ multiple devices to that ░░░░░░░░ including your criminal device ░░░░░░░░ that account So whatever ░░░░░░░░ actual user sees then ░░░░░░░░ as an adversary also ░░░░░░░░ the Trump Administration has ░░░░░░░░ any classified Information was ░░░░░░░░ on signal The use ░░░░░░░░ signal for state secrets ░░░░░░░░ sidestep the normal protocol ░░░░░░░░ him Modeling classified material ░░░░░░░░ is supposed to be ░░░░░░░░ in person in a ░░░░░░░░ compartmentalized information facility approved ░░░░░░░░ the office of the ░░░░░░░░ of national intelligence also ░░░░░░░░ as a skiff If ░░░░░░░░ sensitive document doesn t ░░░░░░░░ to be transmitted electronically ░░░░░░░░ government has a set ░░░░░░░░ secure systems where they ░░░░░░░░ be sent Signal is ░░░░░░░░ among them in there ░░░░░░░░ evidence of adversaries trying ░░░░░░░░ hack into American systems ░░░░░░░░ last year the bite ░░░░░░░░ born Chinese hackers had ░░░░░░░░ data from millions of ░░░░░░░░ after compromising at least ░░░░░░░░ different telecom companies In ░░░░░░░░ statement signal says there ░░░░░░░░ no problem with it ░░░░░░░░ core technology and said ░░░░░░░░ pentagon morning has nothing ░░░░░░░░ do with the key ░░░░░░░░ careless incompetent but as ░░░░░░░░ cabinet officials face tough ░░░░░░░░ This dish respect for ░░░░░░░░ intelligence agencies a warning ░░░░░░░░ experts who deal with ░░░░░░░░ hacks every day but ░░░░░░░░ re talking about here ░░░░░░░░ hardening the human user ░░░░░░░░ is really at the ░░░░░░░░ of this problem Here ░░░░░░░░ I joins us now ░░░░░░░░ serious o brien I ░░░░░░░░ in a we will ░░░░░░░░ transparent here alive journalist ░░░░░░░░ You signal especially one ░░░░░░░░ our tech with sources ░░░░░░░░ m sure use it ░░░░░░░░ so How do you ░░░░░░░░ yourself even more if ░░░░░░░░ re an app like ░░░░░░░░ because I think a ░░░░░░░░ of people Obviously after ░░░░░░░░ story have a false ░░░░░░░░ of confidence in the ░░░░░░░░ yeah Well as our ░░░░░░░░ Chris kind of suggested ░░░░░░░░ user error and some ░░░░░░░░ can expose you just ░░░░░░░░ serious threat So signal ░░░░░░░░ these codes in here ░░░░░░░░ this is a queue ░░░░░░░░ code that you can ░░░░░░░░ to scan That way ░░░░░░░░ don t need to ░░░░░░░░ use specific phone numbers ░░░░░░░░ can get It can ░░░░░░░░ that way I could ░░░░░░░░ up a contact that ░░░░░░░░ but if you re ░░░░░░░░ for an actor and ░░░░░░░░ the warning was that ░░░░░░░░ hackers could potentially use ░░░░░░░░ codes like this one ░░░░░░░░ a malware linked associated ░░░░░░░░ s that when you ░░░░░░░░ to scanner using your ░░░░░░░░ app then you allow ░░░░░░░░ foreign adversary to get ░░░░░░░░ your phone It s ░░░░░░░░ necessarily a vulnerability with ░░░░░░░░ itself Again they get ░░░░░░░░ keys because they re ░░░░░░░░ to exploit how you ░░░░░░░░ a mistake by basically ░░░░░░░░ up a bad Link ░░░░░░░░ no different than a ░░░░░░░░ email or phishing Link ░░░░░░░░ you So many people ░░░░░░░░ contacts That way to ░░░░░░░░ s really good to ░░░░░░░░ very careful our pride ░░░░░░░░ we thank you our ░░░░░░░░ s,