I find this app so pointless, you can export your Signal chats yourself. They could have instead invested into Signal directly to ask for an archival piece where all parties agree that the chat will be exported to x folder, in x format, but once that exports done they will be wiped from Signal itself within a week. Some sort of chain of trust thing. Bonus points if you enforce validating keys between people before they can all be in a group chat.
Heck you could even require that exported chats have a password defined by the end-user, so its not just sitting there in plaintext. I wonder how much of this TeleMessage even tried to do, I have a feeling its a hacked up app that does what's advertised on the can, with no emphasis on securely doing so.
TeleMessage came into the spotlight last week after it was reported that former U.S. National Security Adviser Mike Waltz was using TeleMessage’s modified version of Signal. Israel-based TeleMessage, owned by Smarsh, offers its clients a way to archive messages
> The hack revealed that the archived chat logs are not end-to-end encrypted between the modded version of Signal that TeleMessage offers and the ultimate location where it stores the messages, 404 Media reported.
Given the emphasis on end-to-end encryption by apps such as Signal, its importance for sensitive government communications, and its rudimentary nature in cryptography (one doesn't need to be an expert to know it's useless to talk about 'security' if it is absent), I struggle to understand how this is a mistake and not a deliberate backdoor.
I find this app so pointless, you can export your Signal chats yourself. They could have instead invested into Signal directly to ask for an archival piece where all parties agree that the chat will be exported to x folder, in x format, but once that exports done they will be wiped from Signal itself within a week. Some sort of chain of trust thing. Bonus points if you enforce validating keys between people before they can all be in a group chat.
Heck you could even require that exported chats have a password defined by the end-user, so its not just sitting there in plaintext. I wonder how much of this TeleMessage even tried to do, I have a feeling its a hacked up app that does what's advertised on the can, with no emphasis on securely doing so.
https://www.404media.co/the-signal-clone-the-trump-admin-use...
TeleMessage came into the spotlight last week after it was reported that former U.S. National Security Adviser Mike Waltz was using TeleMessage’s modified version of Signal. Israel-based TeleMessage, owned by Smarsh, offers its clients a way to archive messages
> The hack revealed that the archived chat logs are not end-to-end encrypted between the modded version of Signal that TeleMessage offers and the ultimate location where it stores the messages, 404 Media reported.
Given the emphasis on end-to-end encryption by apps such as Signal, its importance for sensitive government communications, and its rudimentary nature in cryptography (one doesn't need to be an expert to know it's useless to talk about 'security' if it is absent), I struggle to understand how this is a mistake and not a deliberate backdoor.
[dead]
relevant:
Technical analysis of TM SGNL, the unofficial Signal app Trump officials used - https://news.ycombinator.com/item?id=43875476 - May, 2025 (152 comments)
Would handling governmental data make you a high value target?