A recent incident involving a magazine journalist’s unexpected inclusion in a group chat of U.S. national security officials has sparked significant discourse regarding the handling of sensitive information. Jeffrey Goldberg, Editor-in-Chief of Atlantic, recounted a conversation that transpired on the Signal messaging app just hours before U.S. President Donald Trump authorized airstrikes against Iran-backed Houthi rebels in Yemen. The National Security Council has acknowledged the authenticity of the text chain and is currently investigating how a journalist’s phone number was integrated into this secure communication channel.
What is Signal?
Signal is a versatile application designed for direct messaging, group chats, and voice and video calls. It employs end-to-end encryption, ensuring that only the sender and recipient can access the content of their conversations. This means that messages and calls are scrambled, with the encryption keys held solely by the communicating parties. The open-source nature of Signal’s encryption protocol allows for public scrutiny and modification, a feature that it shares with WhatsApp, another widely used messaging platform.
Unlike some competitors, Signal has encryption enabled by default, providing a layer of security that apps like Telegram do not offer without user intervention. Signal supports group chats accommodating up to 1,000 participants, and it includes a feature that allows messages to be programmed to disappear after a designated time period.
Is it secure?
Signal promotes itself as a leader in privacy, with its president, Meredith Whittaker, asserting on social media that “Signal is the gold standard in private comms.” While experts concur that Signal offers superior security compared to traditional texting methods, it is not impervious to hacking. Government officials have utilized Signal for organizing sensitive discussions, although during the Biden administration, those authorized to use the app on White House-issued devices were advised to do so judiciously. A former national security official, who spoke on the condition of anonymity, indicated that Signal was primarily used to alert individuals to check for classified messages sent via alternative channels.
Additionally, the use of Signal and similar applications raises concerns regarding compliance with open records laws. Without specialized archiving software, messages exchanged on these platforms often evade public information requests. Goldberg’s article noted that certain messages within the discussed chat were set to self-destruct after one week, while others had a four-week lifespan.
Do other government officials use Signal?
Encrypted messaging applications are gaining traction among government officials, as highlighted by a recent review from the Associated Press. Officials at state, local, and federal levels across nearly every state have been found to have accounts on encrypted messaging platforms, with many linked to government-issued cell phones, while others are associated with personal numbers.
Who’s behind Signal?
The origins of Signal trace back over a decade to an entrepreneur known as Moxie Marlinspike, who briefly served as head of product security at Twitter after selling his mobile security startup to the company. Marlinspike combined two existing open-source applications—one for text messaging and another for voice calls—to create Signal. In 2018, the nonprofit Signal Foundation was established to oversee the app’s operations and explore the future of private communication. The foundation operates without advertisers or investors, relying solely on the support of its user base. Among its board members is Brian Acton, co-founder of WhatsApp, who contributed million to the foundation’s establishment.
