So... individuals at the Vatican are generally aware that encryption is necessary for security, and that emails and texts are the equivalent of postcards (everywhere, not just there) and are willing to do the extra effort involved in using Signal.
Simultaneously, the Vatican website remains about as secure as an apple pie in a firehouse kitchen.
I am not sure what you mean. As a previous post from The Pillar showed senior members of the Curia have engaged in spying and using information gained from exploiting poor security is the norm. Just because the Vatican has poor security in general does not mean that Vatican officials do not have good security themselves or don’t use the poor security to their advantage. Here is a link to the above mentioned article: https://www.pillarcatholic.com/p/is-the-vatican-a-den-of-spies
The conspiracies may not be outlandish or involve a massive cabal but the conspiracies are pretty rampant and doing quite well it seems.
Fair. I see your point, and I didn't communicate well and should be corrected. In my mind, I was meaning grand conspiracies spanning centuries, ala Dan Brown, etc.
Next up, can we get a password-protected, subscribers-only explainer of how the staff of The Pillar manage to keep their own confidential communications with Vatican sources secure despite the Swiss cheese nature of the Vatican's "security" protocols? 😉
I vaguely remember reading about coded communications on the Radio Vaticana shortwave service between the Holy See and the nunciatures and other legations. I also thought that I read that the shortwave service was being ended, some years ago, but apparently it was not (there is, online, a schedule through this month anyway). Jeffrey Goldberg et al don't strike me as SW aficionados. :)
A suggested professional perspective — Security doesn't have to be to protect secrecy; it can be to protect integrity. If you keep a ledger that is beyond repute, it can protect you. Perhaps an analogy would be a dash camera with high acceptance by the public and experts (courts). Imagine, because it is lent, and you want to expand on your works or mercy, and you upload ALL your inane driving videos to give account you aren't cussing at people (even if they deserve it) – no secrets, high integrity.
If, as it so happens, you are falsely accused of something, this is recorded to a high integrity open ledger (in this case happens to be in video format), it will protect you. The vatican, being targeted quite a bit, could benefit from this type of security thinking.
I propose the above to demonstrate there is a virtuous higher way to look at secure communications mandates, protocols and privacy protections and the difficult burden the place on organizations. Certainly there _IS_ personal information in church files about persons that is personal (birthdates, names, annulments, marriages, sensitive moments in life). It _should_ be obvious this should be protected and subject to GDPR and CCPA merely as a best practice.
If little ol' me was of any influence, I'd propose a unified technology vision to include ideas like this (at the minimum for USCCB) to standardize for ease of use and minimize cost and resources. Of course the root problem isn't technology. It's unity. If the bishops could address that, really everything else would be much easier. Maybe even make a few saints along the way.
When I worked for my diocese, we called the MOC (who is now a bishop, btw) “The Vault.” Information went in but rarely came out. For example, I was headed to a parish to meet with some folks, and I told him before I went where I’d be that day. When I arrived, EVERYONE said how glad they were he had been named their pastor! I didn’t know of this, since pastor assignments were very hush hush until all were announced at once. I acted stupid (because I was) and tried to evade responding. I guess he didn’t tell me I might run into that because I had “no need to know.” After all, he was The Vault.
What protects “The Steubenville Secret”?
• the 1961 Vienna Convention on Diplomatic Relations (for the US Papal Nuncio)?
• Diocese of Columbus, Ohio secret archive?
https://youtu.be/AJUr-TzfBK8
The only Steubenville Secret I am aware of, is the DiCarlo’s pizza recipe.
So... individuals at the Vatican are generally aware that encryption is necessary for security, and that emails and texts are the equivalent of postcards (everywhere, not just there) and are willing to do the extra effort involved in using Signal.
Simultaneously, the Vatican website remains about as secure as an apple pie in a firehouse kitchen.
Although, Signal is free, and securing websites isn't.
Typical Pillar…give me an Explainer I didn’t ask for but boy howdy did I need it.
Note: this is the greatest refutation to including the vatican in conspiracies ever. I think this is we all need it.
I am not sure what you mean. As a previous post from The Pillar showed senior members of the Curia have engaged in spying and using information gained from exploiting poor security is the norm. Just because the Vatican has poor security in general does not mean that Vatican officials do not have good security themselves or don’t use the poor security to their advantage. Here is a link to the above mentioned article: https://www.pillarcatholic.com/p/is-the-vatican-a-den-of-spies
The conspiracies may not be outlandish or involve a massive cabal but the conspiracies are pretty rampant and doing quite well it seems.
Fair. I see your point, and I didn't communicate well and should be corrected. In my mind, I was meaning grand conspiracies spanning centuries, ala Dan Brown, etc.
Ahhh…yes, that makes sense. This does take the wind out of the sails for those kind of conspiracies.
Next up, can we get a password-protected, subscribers-only explainer of how the staff of The Pillar manage to keep their own confidential communications with Vatican sources secure despite the Swiss cheese nature of the Vatican's "security" protocols? 😉
From what we have learned about Vatican’s financial competence, I suspect the bar is not high in their cybersecurity….
I'm just waiting for JD or Ed to be accidentally added to a Vatican group chat on Signal. :)
One can only dream!
A+ for the cover photo
I vaguely remember reading about coded communications on the Radio Vaticana shortwave service between the Holy See and the nunciatures and other legations. I also thought that I read that the shortwave service was being ended, some years ago, but apparently it was not (there is, online, a schedule through this month anyway). Jeffrey Goldberg et al don't strike me as SW aficionados. :)
A suggested professional perspective — Security doesn't have to be to protect secrecy; it can be to protect integrity. If you keep a ledger that is beyond repute, it can protect you. Perhaps an analogy would be a dash camera with high acceptance by the public and experts (courts). Imagine, because it is lent, and you want to expand on your works or mercy, and you upload ALL your inane driving videos to give account you aren't cussing at people (even if they deserve it) – no secrets, high integrity.
If, as it so happens, you are falsely accused of something, this is recorded to a high integrity open ledger (in this case happens to be in video format), it will protect you. The vatican, being targeted quite a bit, could benefit from this type of security thinking.
I propose the above to demonstrate there is a virtuous higher way to look at secure communications mandates, protocols and privacy protections and the difficult burden the place on organizations. Certainly there _IS_ personal information in church files about persons that is personal (birthdates, names, annulments, marriages, sensitive moments in life). It _should_ be obvious this should be protected and subject to GDPR and CCPA merely as a best practice.
If little ol' me was of any influence, I'd propose a unified technology vision to include ideas like this (at the minimum for USCCB) to standardize for ease of use and minimize cost and resources. Of course the root problem isn't technology. It's unity. If the bishops could address that, really everything else would be much easier. Maybe even make a few saints along the way.
JD, blink twice if you got added to a secret group chat where Cdl. Parolin and others were discussing plans for a new Crusade.
:) ;)
When I worked for my diocese, we called the MOC (who is now a bishop, btw) “The Vault.” Information went in but rarely came out. For example, I was headed to a parish to meet with some folks, and I told him before I went where I’d be that day. When I arrived, EVERYONE said how glad they were he had been named their pastor! I didn’t know of this, since pastor assignments were very hush hush until all were announced at once. I acted stupid (because I was) and tried to evade responding. I guess he didn’t tell me I might run into that because I had “no need to know.” After all, he was The Vault.