"It’s not often that a piece of FBI advice triggers a Snopes fact check. But the agency’s urgent message this month to Americans, often summarized as “stop texting,” surprised many consumers.

The warning from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) highlighted vulnerabilities in text messaging systems that millions of Americans use every day.

The U.S. believes hackers affiliated with China’s government, dubbed Salt Typhoon, are waging a “broad and significant cyber-espionage campaign” to infiltrate commercial telecoms and steal users’ data — and in isolated cases, to record phone calls, a senior FBI official who spoke to reporters on condition of anonymity said during a Dec. 3 briefing call.

The new guidance may have surprised consumers — but not security experts.

“People have been talking about things like this for years in the computer security community,” Jason Hong, a professor at Carnegie Mellon University’s School of Computer Science, told NPR. “You should not rely on these kinds of unencrypted communications because of this exact reason: There could be snoopers in lots of infrastructure.”"

https://www.npr.org/2024/12/17/nx-s1-5223490/text-messaging-security-fbi-chinese-hackers-security-encryption

#USA #FBI #SaltTyphoon #CyberSecurity #China #StateHacking

    • Techranger@infosec.pub
      link
      fedilink
      arrow-up
      1
      ·
      6 days ago

      It’s better than SMS, but relies on proprietary code implemented by multiple telcos. In my opinion, Signal is usually the best choice for most people. It works for messaging as well as calls. I would trust it over any of the other mainstream choices because it’s open source and is run by a non-profit devoted to protecting privacy.