Yes I’m sure their in house app will be very secure.
Apparently mSzyfr is just matrix. Komunikator mSzyfr - Baza wiedzy - Portal Gov.pl
In a vacuum, it’s not unreasonable to want official communications on an in-house platform with oversight. Although offering security on-par with Signal is a tall order
But, if these statements are genuine, this threat model is all out of whack:
The government stressed that Signal’s encryption itself has not been broken. Instead, attackers are abusing legitimate account-management features through social engineering
…attackers impersonate Signal support personnel or automated security chatbots and send messages warning users about suspicious activity or account compromise. Victims are then tricked into sharing SMS verification codes and Signal PINs, allowing attackers to fully hijack their accounts.
The second technique involves malicious QR codes or links that secretly connect an attacker-controlled device to the victim’s Signal account. Once linked, attackers may gain access to private chats, group conversations, and message histories while remaining largely invisible to the victim
How does an in-house alternative address these attack vectors? I can just as easily pretend to be someone with this new platform. Sounds like a skills/training/opsec awareness issue
Speaking as an America who expects our public officials to comply with legally required recordkeeping I agree with this comment.
Pete Hegseth using Signal, in his capacity as Secretary of Defense, to direct war plans that cannot be audited in the future was a huge f*ck up. Pete can use Signal as much as he wants in his private life but when on the job all government communications must be retained.