Signal president warns AI agents are making encryption irrelevant:
Signal Foundation president Meredith Whittaker said artificial intelligence agents embedded within operating systems are eroding the practical security guarantees of end-to-end encryption (E2EE).
The remarks were made during an interview with Bloomberg at the World Economic Forum in Davos. While encryption remains mathematically sound, Whittaker argued that its real-world protections are increasingly bypassed by the privileged position AI systems occupy inside modern user environments.
Whittaker, a veteran researcher who spent more than a decade at Google, pointed to a fundamental shift in the threat model where AI agents integrated into core operating systems are being granted expansive access to user data, undermining the assumptions that secure messaging platforms like Signal are built on. To function as advertised, these agents must be able to read messages, access credentials, and interact across applications, collapsing the isolation that E2EE relies on.
This concern is not theoretical. A recent investigation by cybersecurity researcher Jamieson O'Reilly uncovered exposed deployments of Clawdbot, an open-source AI agent framework, that were directly linked to encrypted messaging platforms such as Signal. In one particularly serious case, an operator had configured Signal device-linking credentials inside a publicly accessible control panel. As a result, anyone who discovered the interface could pair a new device to the account and read private messages in plaintext, effectively nullifying Signal's encryption.
[...] During the interview, she described how AI agents are marketed as helpful assistants but require sweeping permissions to work. As Whittaker explained, these systems are pitched as tools that can coordinate events or communicate on a user's behalf, but to do so they must access calendars, browsers, payment methods, and private messaging apps like Signal, placing decrypted messages directly within reach of the operating system.
(Score: 5, Insightful) by Unixnut on Saturday January 31, @12:51PM (14 children)
This threat is not just from "AI Agents". Frankly I feel the horse has bolted the stable roughly when people accepted that they would not have root access on their own communications device. Every single smartphone be it Android or Apple you are just a user, not an admin.
Sure you have some rights to install/remove apps, and it prompts you about whether you want to share your information with certain apps, but you don't know what it does behind the scenes, you can't be certain there is no backdoor, or rootkit in there, you can't even check yourself. For all you know there may be a secret remote root user account that can be logged into at will without your knowledge.
This is why a minority of people jail-break/root their phones, because they are aware of the above. Even then unless you install a known clean OS copy like LineageOS you still have to audit the OS to make sure there is nothing untoward happening, which can be tricky because some things are just binary blobs (even with LineageOS).
Fact of the matter is we already can't trust the endpoints of encryption for one of the most ubiquitous communications devices on earth, Signal (and all encrypted apps) are only as secure as the system they run on. If they run on a compromised system, then you've already lost.
Not to mention that lets face it, virtually nobody cares. Everyone is happy with their smart devices. The best smartphone I ever had was the Nokia N900. It happened to be a Debian Linux computer that was also a phone. Full root access, plain Linux system and I had the apt repos for software.
The Nokia came out in 2009, and now its 2026 and nothing similar has ever been successfully brought to market. The closest was the Planet Computers "Gemini" (and I eagerly bought one), but that ended up being an all round major disappointment.
So all I can really say is that as the masses are happy with using their spy-devices for all their sensitive data, then we are in a losing battle for security. There is no incentive for a security communications device to ever be offered to the masses (no doubt governments and corporates prefer it that way to boot).
(Score: 4, Insightful) by pdfernhout on Saturday January 31, @02:15PM (3 children)
On the issue of encryption and security, maybe time to trot out this essay I wrote in 2015:
"Why Encryption Use Is Problematical When Advocating For Social Change"
https://pdfernhout.net/why-encryption-use-is-problematical-when-advocating-for-social-change.html [pdfernhout.net]
"I believe decentralized knowledge sharing is important, especially for disaster preparedness. I also believe encryption is important in practice, the same way as many people have locks on their doors. Such things do affect a balance between state power and individual power, which is important in a democracy, and they also make it harder for vandals and criminals to operate. So, a project like Briar that supports decentralized communications and encryption is important for those and other reasons. Still, as my father (a machinist among other things) used to say, "Locks only keep honest people honest." Here is a partial list of all the ways a tool like Briar can fail when being used by activists engaged in controversial political actions. ...
In general, a system intended to ensure private communications is only as secure as its weakest link. If any of these levels is compromised (hardware, firmware, OS, application, algorithm theory, algorithm implementation, user error, user loyalty, etc.) then your communications are compromised. ..."
I had a Nokia N800 (which is a tablet, not a phone though) and indeed Maemo was a great Debian-based GNU/Linux OS!
By contrast, my first Android Tablet (Samsung Galaxy Tab 10.1) was the first computer I ever bought that I felt like was someone else's computer I was just allowed to use. That was n part because of how opaque Android was, how basic Unix-ish tools were missing, and also the risks of using new apps not vetted by a community which has a lot of system-wide permissions. Beautiful screen though, sigh. I started it up a couple months ago and it still runs, and I still don't trust it (especially now with a web browser that is about fifteen years out-of-date). I thought about installing some new flavor of Linux on it, but there were no current distributions available for it I could find.
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 4, Insightful) by pdfernhout on Saturday January 31, @02:17PM (2 children)
I should add the takeaway message from that essay:
"If you want to build a mass movement, at some point, you need to engage people. In practice, for social psychology reasons, engaging people is very difficult, if not impossible, to do completely anonymously in an untraceable way.
People have historically built mass movements without computers or the internet. It's not clear if the internet really makes this easier for activists or instead just for the status quo who wants to monitor them.
If you work in public, you don't have to fear loss of secure communications because you never structure you movement to rely on them. If you rely on "secure" communications, then you may set yourself up to fail when such communications are compromised. If your point is to build a mass movement, then where should your focus be? ..."
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 4, Interesting) by JoeMerchant on Saturday January 31, @08:42PM (1 child)
> If you rely on "secure" communications
If you keep secrets, odds are that your public image would suffer if those secrets were released.
Whenever, wherever, however possible, a primary goal of every organization / operation should be: reduce the number of things we even remotely want to keep secret, whenever, however possible, continuously, until there are no more secrets worth keeping.
1942, secrets were a hugely important tool in many endeavors.
2042? secrets are going to be damn near impossible to keep.
🌻🌻🌻🌻 [google.com]
(Score: 1, Interesting) by Anonymous Coward on Sunday February 01, @02:56AM
> If you keep secrets, odds are that your public image would suffer if those secrets were released.
Really? Did anyone take a hit after idiot US Cabinet members included a journalist on their war planning cc list? It wasn't even a year ago, https://www.pbs.org/newshour/show/top-trump-officials-accidentally-texted-u-s-war-plans-to-journalist-jeffrey-goldberg [pbs.org]
(Score: 2, Interesting) by Anonymous Coward on Saturday January 31, @03:11PM
Despite being an EE, hardware, software, sys-admin, etc., I got into smartphones a bit late and quite naive. I've had a few, only changed due to phone carriers keep changing technologies and deprecating my phone. I've connected USB, transferred files, changed some things, used adb, shell, etc. Naively thought I had pretty much full access, or could get it easily. Frankly with the older phones I don't think it was an issue.
A few years ago got a Samsung S10e. Needed a phone due to carrier deprecation of some type, someone had it for sale cheap, so I bought it. I do very little on a cell phone- some web browsing, nothing critical / personal / financial, almost no apps. But I'm increasingly aware there are processes running that can't be stopped. Things like "Recommended Apps" that are obviously spyware, others that a websearch says are built-in spyware. Process control apps can't stop these apps. ChatGPT tells me it's pretty much impossible to get control or any kind of root access on this phone. Sigh. So it's time to shop for yet another phone.
Ideally I would love it if the storage device (/dev/sda) was fully removable so I could mount it somewhere else and have total access.
Otherwise I'm phone shopping and the minimum requirement is that I can "root" it. Fully Linux phone would be ideal.
(Score: 1, Insightful) by Anonymous Coward on Sunday February 01, @06:40AM
You don't have to wonder if there is such a backdoor. They don't even try to hide it anymore. Most companies building internet-connected consumer electronics products today (which is almost everything nowadays) reserve the ability to push whatever software updates they'd like onto them whenever they feel like it and don't even pretend to give you the option to choose no. This includes the major smartphone and tablet brands. And they have the gall to claim these backdoors are for your "security".
"A new ass fucking is available. Would you like me to fuck you in the ass right now? If not, that's OK: I permit you to choose any convenient time within the next 72 hours and I will come and fuck you in the ass then."
(Score: 2) by Bentonite on Sunday February 01, @07:02AM (7 children)
Every last demon rectangle is backdoored by design.
There isn't a technical need for a backdoor, but every manufacturer always goes and implements at least one.
The Replicant developers found one of the backdoors in the Samsung Galaxy's where the mobile chipset has arbitrary read-write to the filesystem; https://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor [replicant.us]
LineageOS uses a huge amount of proprietary software, not a small amount.
Anything low-level library that is cellular or call related is proprietary software and is therefore backdoored, meaning even the root user can't do anything about the backdoors other than removing all the mobile chipset software if possible (but then it no longer works as a mobile).
Demon rectangles are not ubiquitous - different kinds use incompatible proprietary SIP+RTP variants and different proprietary LTE profiles, or 5G profiles - meaning merely making calls and sending SMS's and MMS's is pretty unreliable in practice.
Debian is a GNU system - which is why it's called Debian GNU/Linux.
Linux will never be a system, as it's only a kernel.
Free software and therefore possible secure communication software is now readily available and totally free software OS's down the the BIOS are also available (GNU/Linux-libre + GNUboot).
Too bad people don't use that, as it's inconvenient in the short term.
(Score: 2) by Unixnut on Sunday February 01, @10:08AM (6 children)
Not that I disagree with any of your points, but could you point me towards a handheld device in the approximate style and size of the old Nokia N810, or at a stretch the Planet computers Gemini (which itself is approximately the size of the Psion series 5 [wikipedia.org], similar to the old Palmtop PC [wikipedia.org] format) that is readily available with free software and libre bios?
I have been waiting a long time for such a thing, no luck so far. The closest I've got is my thinkpad X201, which is supported by coreboot/libreboot, but its getting hard to find new batteries for the thing, and its nowhere near as portable as a smartphone. Definitely not something I carry around with myself all the time just in case I need it.
(Score: 2) by The Vocal Minority on Sunday February 01, @01:07PM (2 children)
Have you looked at the Pinephone or Librem phone (Librem 5). These sound like they might be what you are looking for but I'm not sure how usable they are (or will ever be).
(Score: 3, Informative) by Bentonite on Sunday February 01, @02:09PM (1 child)
Both the pinephone and the Librem phone have a proprietary bootloader and the pinephone Wi-Fi+bluetooth card doesn't work without proprietary software (the proprietary Wi-Fi software is unreliable garbage that often needs a full power reset before it "works", so you best not even bother and use usb 1000BASE-T with the provided adapter for practical reasons alone).
There is a free program available as the userspace for the pinephone mobile chipset, but the signalling software is all proprietary.
The pinephone uses a quite power hungry and slow Allwinner SoC (seemingly designed for cheap Android TV's, where power isn't a problem) and the modem is very power hungry too (the free software userspace can slightly mitigate that problem, as that downclocks the processor), so the battery doesn't last very long.
There is the pinephone keyboard, with a built-in extended battery, but it's defective - the number keys don't type properly (a modification apparently fixes it) and it can just stop working.
Also, it seems that garbage proprietary software in the pinephone usb controller can sometimes cause the usb controller to self destruct merely from plugging in a usb device with the keyboard installed.
All of those problems could probably be avoided if the proprietary software was replaced with free software - but Pine64 won't do it - it's up to the customers to do it.
Provided you don't use a terrible proprietary GNU/Linux distro that goes and breaks audio in an update and proceed to update, the pinephone does in fact do calls (audio quality and loudness is an annoyance) and SMS's and MMS's (selecting the images is very slow).
Most DE's are so bloated that they work poorly on the pinephone - while xfce4 works best, that's designed for a mouse and keyboard, so there's only really Phosh, which is designed for a touchscreen and isn't so excessively bloated to be too slow to be usable.
The Replicant developers also wanted to port Replicant to the pinephone, which would be more convenient (as Android software is designed to work on a touchscreen, Replicant runs acceptably fast on devices slower than the Pinephone and it would allow installing an image and getting working calls and texts and sms's without further configuration), but it seems development has stalled; https://lists.osuosl.org/pipermail/replicant/2024-March/004181.html [osuosl.org]
(Score: 2) by The Vocal Minority on Monday February 02, @03:51AM
I've got an older version of the Pinephone. WiFi has never been a problem nor the USB connection. Phone functions have never worked properly, particularly MMS, due to idiosyncrasies in the way that mobile networks are typically configured in my country. There are a few of distros for it that work quite well with the touch screen, some use Phosh others don't. The Ubuntu based one seems the best IMHO (can't remember what it's called now). Power use/time between charging is a big problem.
(Score: 2) by Bentonite on Sunday February 01, @01:49PM (2 children)
That simply does not exist - the only portable handheld device with a free software bootloader and OS I'm aware of was the GTA04; https://redmine.replicant.us/projects/replicant/wiki/GTA04 [replicant.us]
Too bad you can't get them anymore, it's touchscreen only and the GSM chipset contains a malicious circuit (GSM has also been shut down in many countries).
To get something that specific, you'll need to handcraft your own out of a SBC that works with only free software and also find a suitable display (if only SBC's followed a standard and made that as simple as slotting everything into a custom case).
Too bad all of the SBC's that currently work fully with free software are quite power hungry and have limited performance, but at least with a custom design, you can just include enough battery to compensate; https://www.fsf.org/resources/hw/single-board-computers [fsf.org]
I am hoping that Lattice releases an exponentially faster and bigger FGPA, or some other company does and that FGPA is reverse engineered and programmable with free software - allowing a free hardware design of a SBC that doesn't suck, where the SoC design runs on the FGPA.
Unfortunately, that computer requires a proprietary BIOS, as the CPU won't init without proprietary ME software.
In my experience, a GNUbooted X200 works fine as a phone and a GNUbooted X200 Tablet is more convenient (as you can fold the screen open to show things)
Batteries aren't hard to find - although you have to look a bit and pay more than you want to get a decent battery (many batteries seem to use terrible cells despite a premium price).
A mobile doesn't really have much practical use - it's not going to save you from most situations - only you can and a mobile just also allows people to bother you when you're away.
I carry around a GNUbooted X200 Tablet and many other things - sometimes even 2-3 GNUbooted ThinkPads at a time - but such weight training only makes me stronger.
(Score: 2) by Unixnut on Thursday February 05, @01:49PM (1 child)
I agree the situation is dire for open HW, as I mentioned earlier, people don't care. The reverse engineered BIOS and "open computing" of the early IBM clones was more of a happy accident. I am sure given a choice the government and corporates would never have given us that much freedom, but I think governments in particular did not realise quite how powerful and liberating it is to have your own computation ability.
I would love something in the format of my old Nokia N810, that had a keyboard that was the right size for me to be able to thumb type fast, screen was legible without straining my eyes too much and it was the size of a modern smartphone (if a good 1cm thick). However it is now long in the tooth and the HW is too slow, meaning its only usable nowadays as a SSH terminal.
I have to admit I have been thinking about doing this. I have an old Jornada 720 that looks thick enough to be able to accomodate SBC's and my own circuits and batteries, but its still fully working and effectively historic HW at this point, so might be better for me to just sell it as is. Also its keyboard is a bit small, primarily because they tried to fit a full keyboard in miniature. While it is nice to have mini F-Keys I'd rather they sacrificed them for larger normal keys for typing.
Alternatively I have a spare X201 laptop minus motherboard, which may be a better fit for a project. It is just difficult to find the time for such a project, especially integrating the keyboard (which is the nicest thing about these old Thinkpads).
Yes unfortunately. Made worse by the fact that I stupidly updated the BIOS and Embedded controller to the latest versions on Lenovos site. The moment I did that the machine started having problems. The fan keeps oscillating instead of keeping constant speed, the laptop overheats and cuts out (120°C), and sometimes refuses to properly shutdown or go to sleep at random times.
It worked perfectly on the older Bios, but I see no way to revert, so I am thinking of installing Coreboot on it (I believe they have a semi-free version that works on the X201), in the hope that the embedded controller is not the thing controlling the fan speed. If nothing else having an open bios and the ability to remove the HW whitelist will be nice. Just need to buy good HW for flashing the bios chip.
Oh nice, I have an old X41 convertible tablet that I used to use years ago. It was a nice form factor, but the hinge was prone to wearing out (which is what happened with mine). You say you have the X200 tablet? How is the hinge?
I have had a horrible time finding batteries. I've bought three "brand new" batteries in the last few years, one medium price which turns out to have cells so crap it barely lasts 20 mins. One "premium priced" one that lasts around 1h30, and the third time I bought a battery they sent me the wrong battery. Turns out they no longer have the X201 batteries in stock.
So at this point I am still using the OEM battery, that despite being 8+ Years old, still runs for 2h30m (back when new it could go a good 6-8 hours). At this point I'm wondering if it is would be better to rip apart the other batteries and just buy good quality replacement cells.
I think the problem now is that the laptop is so old that the premium batteries for sale are probably "new old stock" that have been sitting somewhere for 5+ years, and the "average new" batteries are being churned out by bargain-basement companies with the cheapest cells they can find.
If you have a good source of batteries for these old Thinkpad's (that's in Europe ideally) do let me know.
(Score: 2) by Bentonite on Friday February 06, @02:39AM
There is a unfinished proprietary version of coreboot available for the X201; https://www.ott.net/installing-coreboot/ [ott.net]
The EC controls the fanspeed, although it is possible to set the speed with fan control software like thinkfan.
The EC may or may not decide to continue oscillating the fan when you set a constant speed.
The BIOS could be downgraded by external flashing (but I don't think it's the BIOS), but the EC may refuse to downgrade.
The rp2040 with a SOIC-16 chip (assuming that X201 has a SOIC-16 chip) is decent flashing hardware.
Note the X200 and maybe the X201 needs a flasher with at least 12mA drive strength to work (many usb flashers and micro-controller flashers don't).
I haven't tried the rp2040 on a SOIC-16 clip, but it should work.
As linked on the ott, the absolutely Raspberry Pi's do work as a flasher (if you must, don't buy a new one, get a used one).
The hinge is perfectly fine, as it looks like the last user didn't slam it around.
It seems the lubricant drying out is the cause of ThinkPad hinges getting stiff and well you take them out and oil them with sewing machine oil, working it through with a vise and pliers (it seems if you oil too much, the hinges become floppy, but in my experience you just stop oiling as soon as you can feel with the pliers that the hinge is no longer excessively tight).
It seems the X200 and X201 use the same batteries and it seems the X201 is less popular, which would explain why little specifically "X201" batteries have been made and the only specific X201 batteries available have been sitting on a shelf for 5+ years.
I bought a crappy polymer battery for the X200t, but it still lasts 3h25min in mostly idle, which is fine for my use case (maybe if I installed laptop-mode-tools, it would last longer).
As soon as you remove the cells that power the battery controller, the battery controller will commit suicide.
I guess it is technically possible to externally power the battery controller with a via a soldered on external voltage and current limited supply (so the power never gets cut), then carefully remove the cells, then spot-weld new ones on, then remove the external supply, but that is incredibly difficult due to how tight the plastic case is on (opening it damages it badly) and the difficulty of removing and carrying out spot welds, without causing shorts (the battery controller will kill itself if it detects a short, or cells that are too out of balance).
The only feasible way it could be done is if you had a SMBUS programmer and the battery controller software, as after replacing the cells you could then re-program the volatile memory with the control software and calibrate it with the new batteries too - but that is typically both completely undocumented and unavailable.
It'll probably be somehow easier to develop a custom SMBUS battery controller, although that'll be a real pain in the neck, as you'll also need to implement the digital handcuff protocol the EC expects - unless you patch the EC to remove the battery whitelist).
I bought X200 batteries from a local supplier that guaranteed that you get a quality battery, which imported unbranded Chinese batteries that last 3h30min+ unoptimised.
(Score: 1, Informative) by Anonymous Coward on Saturday January 31, @03:03PM
At the end of this Davos panel discussion (about 38:30), Meredith Whittaker pretty much rants about AI agents incorporated into operating systems. The whole panel discussion on ethics is good, but catch her 10 minute rant if you haven't time for the whole thing:
https://www.weforum.org/meetings/world-economic-forum-annual-meeting-2026/sessions/town-hall-dilemmas-around-ethics-in-ai/ [weforum.org]
(Score: 3, Interesting) by JoeMerchant on Saturday January 31, @08:37PM (1 child)
For the past 10 years, we have had a "network protocol based" record transmission system developed and waiting to deploy - our customers all have various customizations of the protocol and while it's "industry standard" it's also a horrible mess to setup on initial delivery due to the heterogeneous environments out there.
Finally, as predicted 15 years ago, we're starting to get customers who won't buy our products because we don't have a way to electronically transmit these records (as opposed to printing or exporting on USB stick as we have done for 20+ years). So, the transmission system was de-mothballed and developed for about 1 man year, all told - ready to ship about 6 months ago, if we'd ever get a final go ahead from a customer.
So, the first customer demanding electronic record transfer finally bought- and instead of using the network protocol based system, they're using our HDMI out to do a screen capture - like they have developed for other systems. (ever hear of NIH? Not Invented Here syndrome? Its evil twin: TIIHSWUIA This Is Invented Here So We Use It Always is actually even more powerful / influential.)
These records are "sensitive" and every time we do a risk of leakage analysis I point out that a well placed camera can just look over the operator's shoulder and see everything. Well - now our first "secure electronic transmission system" in practice, uses screen shots.
🌻🌻🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Sunday February 01, @02:50AM
> Well - now our first "secure electronic transmission system" in practice, uses screen shots.
This is one of the points Meredith Whittaker makes--PI agents integrated with the OS will take screen shots of running programs and get their input (by something like OCR) that way. In her rant, she claims that if/when this is released, Signal can no longer insure security, and she will shut it down. Yes, it's worth listening to the rant--link to Davos conference above.
(Score: 5, Informative) by Rosco P. Coltrane on Saturday January 31, @08:55PM
don't use "agentic" OSes.