Unless you’ve been completely offline (or not at all interested in American politics), you’ve likely heard about the massive blunder by President Trump’s administration, where top military and intelligence officials accidentally invited a critical journalist into a Signal group chat discussing airstrikes on Yemen’s Houthi rebels that started on March 15.
This all came to light when Jeffrey Goldberg, the journalist in question and editor-in-chief of the left-leaning magazine The Atlantic, published a bombshell report about the security leak last March 24. As Goldberg recounts in his piece, “U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.”
The whole debacle can be summed up as a comedy of errors in two parts. First, top officials discussed classified information using an unapproved communication channel. And second, nobody vetted that everyone with access to the communication channel have the required security clearances.
According to political pundits, either or both of these could possibly be considered criminal acts under the U.S. Espionage Act of 1917 and/or the Federal Records Accountability Act of 2014.
What is Signal?
This comedy—or tragedy, if you stand on the other side of the political aisle—has again put the spotlight on the messaging app Signal.
Long favored by journalists, privacy advocates, and political dissidents, Signal is an alternative to apps like Facebook Messenger, WhatsApp, and Viber. What sets Signal apart is its primary focus on privacy by employing automatic and default end-to-end (E2E) encryption of chats and calls. This means that even employees of Signal itself cannot read messages that pass through its systems, making things like subpoenas against Signal useless.
Signal has implemented numerous safeguards to help ensure their users’ security and privacy. First, all of the software—mobile and desktop clients as well as servers—are open-source, which allows anyone to inspect and verify that the encryption is solid and there are no hidden backdoors that could be exploited by hackers or law enforcement.
Second, Signal is maintained and operated by the non-profit Signal Foundation, which contrasts with practically every other messaging app out there that are under the auspices of commercial entities including Big Tech firms like Apple, Google, and Facebook. This makes it much less likely that the foundation will compromise its security in order to enrich shareholders.
Finally, Signal’s E2E encryption uses the Signal Protocol. This protocol has been extensively analyzed by academics and security researchers and found to be very secure. The Signal Protocol is so good that even Facebook/Meta have adopted it for private chats in their own WhatsApp and Messenger apps while Viber uses a different protocol modeled after it.
OPSEC is hard, for real!
Jeffrey Goldberg being accidentally included in that infamous Houthi group chat is a very good example that simply using Signal (or another E2E encrypted app) is never enough. Setting aside that these officials shouldn’t have used Signal—excellent as it is—in the first place, they shouldn’t have been careless with inviting random unvetted people into a sensitive space.
Their biggest mistake? Failing to follow strict operations security, or OPSEC for short.
Did you know that you are already using OPSEC in your day-to-day life? You practice OPSEC when you choose hard-to-guess passwords that use different types of characters and do not incorporate details from your life like your child’s birthday or your favorite pet’s name. You use OPSEC when your bank sends you one-time passwords (OTPs) and learn to spot phishing emails. And you adopt OPSEC when you choose to use Signal instead of plain unencrypted SMS.
OPSEC is challenging. No system is 100% secure and your security and privacy is only as strong as its weakest link.
What good is using Signal if you inadvertently install a weird app or game in your phone that could actually be a Trojan horse that hackers or criminals can use to gain access into your chats? After all, end-to-end encryption is useless if the end, i.e., your phone, itself is compromised.
A strong OPSEC practitioner is more paranoid than usual—constantly identifying potential vulnerabilities and planning ways to counter or mitigate them. But of course you only implement OPSEC to the extent needed. Using Signal between friends just to decide where to eat for dinner might be overkill. But if you are a U.S. Defense Secretary planning an attack against a foreign adversary? You need a helluva lot more than just a very secure messaging app.
