7d ago

Swedish Army Requires Signal for calls & messages

cornucopia.se Försvarsmakten inför krav på Signal för samtal och meddelanden – Cornucopia?

by Lars Wilderang, 2025-02-11

Translation from the Swedish Origin

In a new instruction for fully encrypted applications, the Swedish Armed Forces have introduced a mandatory requirement that the Signal app be used for messages and calls with counterparts both within and outside the Armed Forces, provided they also use Signal.

The instruction FM2025-61:1, specifies that Signal should be used to defend against interception of calls and messages via the telephone network and to make phone number spoofing more difficult.

It states, among other things:

“The intelligence threat to the Armed Forces is high, and interception of phone calls and messages is a known tactic used by hostile actors. […] Use a fully encrypted application for all calls and messages to counterparts both within and outside the Armed Forces who are capable of using such an application. Designated application: The Armed Forces use Signal as the fully encrypted application.”

The choice of Signal is also justified:

“The main reason for selecting Signal is that the application has widespread use among government agencies, industry, partners, allies, and other societal actors. Contributing factors include that Signal has undergone several independent external security reviews, with significant findings addressed. The security of Signal is therefore assumed to be sufficient to complicate the interception of calls and messages.

Signal is free and open-source software, which means no investments or licensing costs for the Armed Forces.”

Signal supports both audio and video calls, group chats, direct messages, and group calls, as well as a simple, event-based social media feature.

The app is available for iPhone, iPad, Android, and at least desktop operating systems like MacOS, Windows, and Linux.

Since Signal can be used for phone calls, the instruction is essentially an order for the Armed Forces to stop using regular telephony and instead make calls via the Signal app whenever possible (e.g., not to various companies and agencies that don’t have Signal), and no SMS or other inferior messaging services should be used.

Note that classified security-protected information should not be sent via Signal; this is about regular communication, including confidential data that is not classified as security-sensitive, as stated in the instruction. The same applies to files.

The instruction is a public document and not classified.

Signal is already used by many government agencies, including the Government Offices of Sweden and the Ministry for Foreign Affairs. However, the EU, through the so-called Chat Control (2.0), aims to ban the app, and the Swedish government is also mulling a potential ban, even though the Armed Forces now consider Signal a requirement for all phone calls and direct messaging where possible.

Furthermore, it should be noted that all individuals, including family and relationships, should already use Signal for all phone-to-phone communication to ensure privacy, security, verified, and authentic communication. For example, spoofing a phone number is trivial, particularly for foreign powers with a state-run telecom operator, which can, with just a few clicks, reroute all mobile calls to your phone through a foreign country’s network or even to a phone under the control of a foreign intelligence service. There is zero security in how a phone call is routed or identified via caller ID. For instance, if a foreign power knows the phone number of the Swedish Chief of Defence’s mobile, all calls to that number could be rerouted through a Russian telecom operator. This cannot happen via Signal, which cannot be intercepted.

Signal is, by the way, blocked in a number of countries with questionable views on democracy, such as Qatar (Doha), which can be discovered when trying to change flights there. This might serve as a wake-

https://cornucopia.se/2025/02/forsvarsmakten-infor-krav-pa-signal-for-samtal-och-meddelanden/

13 comments

I am actually a bit confused here...
This seems like something Försvarsmakten should be able to set up their own Matrix infrastructure to use.
Was that never considered?
Why make yourself dependant on a foreign company's servers at all?
- That and be dependent on an external server to create accounts. Last time I checked, French cops used a custom Matrix server for their private communications. A friend of mine is a cop and they have professional phones with custom Android ROMs and Matrix is pre-installed. I don't understand why other countries would rely on Signal (even if I like it and stuff).
  
  Signal is a fine way to get this done quickly but yeah I don't fucking understand why state actors are so fucking reluctant to run their own IT infrastructure.
  JFC you are a god damn country... set up a data center, fund some FOSS for what you need... hire some monkeys to run it for you.
  I am wondering if mega corp lobby is obstructing this. Generally when common sense solutions are not being implemented it is because there is some parasite obstructing it.
  
  Running and hosting your own it infrastructure with your own people is considered anti-competetive in sweden so thats not happening. Instead we're paying external consultants hundreds of dollars per hour for doing anything it-related because that is more competitive and therefore automatically somehow.
  Better off using a working service instead than that bullshit, let's just hope the servers stay up in a crisis...
  
  Running and hosting your own it infrastructure with your own people is considered anti-competetive in sweden so thats not happening.
  You are right... Just hire microshit, an honest foreign mega corp
  
  Yeah, I don't buy the argument that Försvarsmakten makes that they should use signal because most people already have it.
  Ok, this is for unclassified comms over phone, but to me it seems dumb to use the same app I use to talk with my friends about last night's party to talk with my unit about (unclassified) military stuff.
  Försvarsmakten could easily spin up a distributed Matrix instance, and order all personel to use that for military stuff.
  I hope that this is just a stopgap order while they get a properly secured self-hosted solution.
  
  Ok, this is for unclassified comms over phone, but to me it seems dumb to use the same app I use to talk with my friends about last night's party to talk with my unit about (unclassified) military stuff.
  Spool up a military-only network, and when anyone sees that network is in use, they know it is military traffic. When everything is on the "last night's party" network, they can't tell the difference.
- They explained why in the OP
  The main reason for selecting Signal is that the application has widespread use among government agencies, industry, partners, allies, and other societal actors. Contributing factors include that Signal has undergone several independent external security reviews, with significant findings addressed. The security of Signal is therefore assumed to be sufficient to complicate the interception of calls and messages.