The US Government's Signal Situation Just Got Worse

If you're looking to send personal messages securely, Signal is a great option. If you're a government official discussing classified information? Not so much.

So is the case with Trump administration officials: Last month, we learned that highly sensitive war plans were being discussed in Signal group chats, after Jeffrey Goldberg, editor-in-chief of The Atlantic, was accidentally added to the conversation by then-U.S. National Security Advisor Mike Waltz. (Trump has since fired Waltz—and then nominated him to be U.N. ambassador.)

'Signalgate' continues

There are many reasons why the administration's "Signal strategy" is problematic, but the issues didn't end there. On Thursday, Reuters posted a photograph of Mike Waltz during a cabinet meeting at the White House. While there are plenty of important people in the photograph to pay attention to, 404 Media zeroed in on Waltz—specifically, his iPhone. The outlet spotted that Waltz had what appeared to be a thread opened with officials like Tulsi Gabbard (Director of National Intelligence), Marco Rubio (Secretary of State), and JD Vance (Vice President), with the PIN verification message that Signal will routinely send to users to keep their credentials fresh in their minds.

However, 404 Media spotted that this wasn't Signal's usual PIN verification pop-up: The message says "TM SGNL PIN," which is the PIN verification screen for TeleMessage, a Signal "clone" that advertises itself as a way to archive your Signal messages. While the app claims it does not break Signal's secure messaging system to archive messages, 404 Media reports that the service as advertised has many security vulnerabilities.

It didn't take long for those vulnerabilities to manifest in disaster, either. On Sunday, 404 Media reported a hacker broke into TeleMessage's networks and stole customer data. While the hacker didn't take everything, they did obtain some DMs and group chats, in addition to data of modified versions of other chat apps, like WhatsApp, Telegram, and WeChat, all in about 15 to 20 minutes of hacking. 404 Media says the hacker did not access Waltz' chats or the conversations of any cabinet members, but they did access government officials' names and contact information, credentials to log into TeleMessage's backend panel (the tool that lets TeleMessage admins manage the service), as well as information that points to which agencies might use TeleMessage.

Some of the stolen messages appeared to show a discussion about an ongoing effort to whip up votes in support of a cryptocurrency bill. One text read, "Just spoke to a D staffer on the senate side - 2 cosponsors (Alsobrooks and gillibrand) did not sign the opposition letter so they think the bill still has a good chance of passage the senate with 5 more Ds supporting it.” The hack didn't expose classified information, but it did reveal political conversations that the senders likely never intended to be printed in the press.

Why is TeleMessage insecure?

To understand why TeleMessage is not a secure service—and why it is unbelievable that a government agency would rely on it for classified conversations—you need to understand what makes Signal secure.

Signal chats are end-to-end encrypted. That means when you talk to someone over the app, only you and the recipient can access the conversation. When you send a message, that text is encrypted in transit, and decrypted when it reaches the other user's device. If someone were to intercept the message in transit, it would look like a scramble of code—only the devices of the people in the chat can decrypt the message and return it to a readable form.

Because of this setup, not even Signal can access your messages. No authority can compel Signal to release your messages, since the company itself doesn't have access to the only thing that can decrypt the messages: your device. Even if someone hacked Signal's database, they'd be out of luck.

TeleMessage, on the other hand, breaks that security chain. In order to archive those messages, TeleMessage must first intercept them as plain-text and store them. While the company says that they do so while maintaining security, the fact that this hacker was able to obtain DMs proves end-to-end encryption is broken. The stolen information was taken from data captured for "debugging purposes," an unintended leak of decrypted data in TeleMessage's security chain. It doesn't matter if the service stores all messages in an encrypted archive: The company handles decrypted data in insecure ways, which leaves it open for hackers to access.

Even before the hack, 404 Media was skeptical of the service's security, since they advertised archiving these "end-to-end encrypted" messages in Gmail, a platform that is infamously not end-to-end encrypted. (Though TeleMessage said the Gmail aspect was just for a "demo.") The outlet also highlights how Signal does not guarantee the privacy and security of unofficial versions of their app.

Signal is great for personal use—not classified information

Signal—and other end-to-end encrypted services like it—are great for personal security. Your messages cannot be accessed by anyone without physical access to the trusted devices involved, which goes a long way toward protecting your digital privacy.

But encryption isn't the only security concern here. There are still plenty of vulnerabilities and weak points when it comes to digital communication of any kind—end-to-end encryption included.

Hackers know that these messages can only be decrypted by the devices involved. So, a great way to break that security is to hack the devices themselves. Hackers use malware like "Pegasus" to silently stow away onto a target's device and access sensitive data—encrypted data included.

Hackers routinely target high-profile individuals with this type of malware, so much so that Apple issues a regular warning to affected users. Waltz is no exception: In the view of Mike Casey, the former director of National Counterintelligence and Center, there's a "zero percent chance that someone hasn’t tried to install Pegasus or some other spyware on [Mike Waltz's] phone...he is one of the top five, probably, most targeted people in the world for espionage.”

Of course, that's just the concern with your own personal device. You also have to worry about the other end of the conversation. If you're chatting with someone over an encrypted chat app, and their phone is compromised, it doesn't matter how secure you are: Your messages are vulnerable. They don't even need to be hacked: They could leave their phone unlocked for anyone to pick up and access. And if you're talking in group chats—like Trump administration officials have been—the security implications only multiply.

There is risk involved in all digital communication: It's up to you to decide what risk level the data you're transferring is worth. For most personal conversations, you're probably just fine sticking with an encrypted service like Signal. If you're discussing details that could put lives at risk, however, it might be best to keep it in the SCIF.