Signal President Meredith Whittaker warns AI agents embedded in OSes are eroding end-to-end encryption's real-world security, despite its mathematical soundness. With root-like access to messages & data, they bypass E2EE isolation—urgent rethink needed! 🔒🤖❌
https://cyberinsider.com/signal-president-warns-ai-agents-are-making-encryption-irrelevant/
#AI #Privacy #Cybersecurity #Newz #Signal
Post
Replies:
6
From an attack perspective, OS-level AI agents are the best trojan ever, right?
@nemo Ah, this was always a given...
With kernel level access, you can do literally anything.
Stock phones were always vulnerable, as they generally do not allow this kind of access to consumers.
Those with a tad more room to breathe at this point are those who go their hands on some slightly older hardware (pre 2020) that allows for bootloader unlock without any hassle.
Flash a custom ROM, use magisk to give yourself root access, set up your own security, etc.
Then you only need to practically worry about stuff you fetch from the internet.
Although, with root access and various isolation apps, a good firewall... Should be fine.
Or at the very least orders of magnitude better than remaining on your google powered stock device.
@yama Ever tried GapheneOS? 
That one is very cool, from what I've heard. What do you think about it? 🤔 Please tell me :D
@nemo@mas.to @yama@tech.lgbt
Biggest "problem" with Graphene is device-support. If you want other than Google hardware, Graphene is a non-option.
The other remaining problem of GraphineOS is it is vulnerable to the rubber hose exploit. If ICE agents have you in a room with a steel chair and a rubber hose, they may compel you to log in and see there's other user accounts plainly visible, "log into that, please or we'll use the rubber hose again."
Normally, you want secured account usernames hidden. What ICE does not know won't hurt them.
@dianea@lgbtqia.space @nemo@mas.to @yama@tech.lgbt
Back when I was still going into datacenters, some of my customers had "emergency PIN" enabled on their cipher-pads. Adding specific numbers to your base PIN placed the datecenter into lockdown (hostage) mode.
That was 17 years ago. I'm surprised there doesn't seem to be "emergency PIN" implementations for mobile phones that cause the device to brick itself.
