Trump team’s war plans leak—Signal secure messaging, previously favored by billionaires, spies and overseas dissidents, is now in the news thanks to Trump’s national security team using the commercially available app to discuss military strikes on the Houthis in Yemen.
Sadly, they also mistakenly added a prominent journalist to their group chat.
That journalist later wrote a sensationalist piece about how he was included in classified discussion of “secret war plans” to be used against Iran-backed Houthi terrorists in Yemen. The secretary of Defense and leaders of the U.S. Intelligence Community (IC) deny any war plans or classified information was included in the weeks-long encrypted chat. (RELATED: Full Transcript Of Secret Messages On US Strikes Released)
The CIA Director even stated that members of his agency are allowed to use Signal, though it isn’t an officially approved platform for exchanging classified information or intelligence. As far as we know, no one has broken the app’s encryption, yet.
But I know enemies such as China, Russia, Iran and North Korea are trying.
Still, the Democrats, media and even some Republicans are apoplectic. Hence “Signalgate,” the latest inside-the-Washington-bubble political “crisis.”
I wrote about the Houthi “war plans” leak in depth in an earlier piece but want to focus now on why Signal has become the go-to app for government officials, and military leaders in the U.S.
As I tell everyone I know (even those who don’t discuss sensitive matters, like me), using the default texting app on your phone is like yelling out a window. Pretty much anyone nearby can hear you. So, even if you don’t need encrypted messaging for security reasons, you should use one for everyday privacy.
After experimenting with various commercially available secure messaging apps such as Wickr and Telegram, and to a lesser extent WhatsApp after it began fully encrypting its chats, I settled on Signal a few years back.
Because of its proven end-to-end encryption, open-source code (it can be tested by anyone for vulnerabilities, making it even stronger), self-destruction timer options for messages and Signal’s limits on accessing user data, it has been my primary messaging tool since then.
It is one of the best platforms to prevent shady third parties from accessing private messages, as well as keeping the companies behind the apps, or the government itself, from collecting user data. (RELATED: DOGE Won’t Leak Government Data – The Bureaucracy Already Did)
These are also the same reasons Elon Musk chose to use the app and recommend it on Twitter in 2021. His two-word tweeted endorsement, “Use Signal,” was partly credited for a download surge in the days after the Jan. 6 Capitol riot.
Ukrainian troops are also using Signal for tactical purposes in the field to avoid Russian interception.
And increasingly, Signal has become the app of choice for many in the government and Donald Trump’s administration hoping to avoid leaks trying to stay off the radar.
The app has become especially popular among ex-government workers fired by Musk’s DOGE.
“I’m not sure there is any government worker right now who isn’t talking to their colleagues on Signal,” one user said.
The Washington Post reports:
These new government users have corresponded with a jolt in the popularity of Signal, which is operated by a nonprofit. The app has been downloaded more than 2.7 million times in the United States so far this year, a 36 percent increase from the same period in 2024, according to estimates from market intelligence firm Sensor Tower.
Some federal workers admit they don’t know exactly what they’re afraid of—but they are. “It’s exhausting and I don’t know if I’m being paranoid,” said one NASA employee.
Still, while extremely effective, and increasingly popular among those in the know, Signal isn’t a perfect tool. Even if its encryption is not likely to be broken, its security can be circumvented in other ways.
WaPo explains:
Signal, like Meta’s WhatsApp, scrambles the content of all messages and calls. This process, called end-to-end encryption, prevents anyone — including hackers, law enforcement or Signal itself — from accessing what is written or said in the app. While Signal’s end-to-end encryption prevents interference, the messages are still visible at both ends, so that any phone compromised by hack or cyberattack could expose the messages. Spyware tools, such as Pegasus, can be installed without the phone owner knowing and send messages and screenshots back from the phone to the tools’ operators, avoiding Signal’s style of encryption altogether.
And the Russians have been targeting Signal since at least the start of the Ukraine war. Google recently warned the Signal Foundation that maintains communications app about Russia’s use of a new QR code phishing technique.
This tactic allows them to take advantage of a Signal feature that allows users to join a Signal group by scanning a QR code from their phone thereby circumventing the encryption.
As Wired reported:
By sending phishing messages to victims, often over Signal itself, both hacker groups have spoofed those group invites in the form of QR codes that instead hide javascript commands that link the victim’s phone to a new device—in this case, one in the hands of an eavesdropper who can then read every message the target sends or receives.
“It looks exactly like a group invite, and everything would function exactly like that, except when you scan it, it links the device out,” says Dan Black, a Google cyberespionage researcher and former NATO analyst. “It instantly pairs your device with theirs. And all your messages are now, in real time, being delivered over to the threat actor while you’re receiving them.”
Thankfully, in February, Signal rolled out an update for iOS and Android to counter the technique.
Wired explains:
The new safeguard warns users when they link a new device and checks with them again at a randomized interval a few hours after that device is added to confirm that they still want to share all messages with it. Signal now also requires a form of authentication such as entering a passcode or using FaceID or TouchID on iOS to add a new linked device.
Both Google and Signal emphasized that the phishing technique Google has seen in use in Ukraine doesn’t suggest that Signal’s encryption is broken or that the app’s messages can otherwise be eavesdropped in transit. Instead, the trick essentially combines two legitimate features—QR-code group invites and QR-code device linking that pairs a smartphone with a laptop—invisibly swapping one with the other to deceive users. “Phishing is a big problem on the internet, and it’s never nice to hear that someone has fallen victim to one of these attacks,” Lund says. “But we’re trying to do our best to keep users safe, and we think these recent improvements will really help.”
The opinions expressed in this article are those of the author and do not necessarily reflect the positions of American Liberty News.
READ NEXT: Bizarre Police Report Filed Against Dem’s New Leader [VIDEO]
Update Signal:
Vet users
Vet platform update
Or rerun same ahead
Let’s go back to the reporter who was invited to attend this “secure” conference. When he first signed on, and discovered it was “secret”, why, as a “loyal American Citizen” did he not SPEAK UP AND SIGN OFF!??? NO, instead, he kept quiet and spied on what he later calls a “war plans meeting”, then decrying the Administration’s lack of security.
I think he should be referred to as a Domestic SPY, possibly even a FOREIGN TERRORIST SUPPORTER for continuing to silently participate in a call, one he CLEARLY NEW HE SHOULD NOT HAVE BEEN INCLUDED IN, and then he PUBLISHES IT FOR ANYONE TO READ!
Where’s the push back for his choosing to continue to listen? For his publishing the information? For him not being a patriotic American and speaking up and saying “hey guys, I don’t think you intended for me to be in this conversation. I’m going to hang up now” and “better recheck your security on invitations with future calls”.
When do we restart holding people responsible/accountable for their actions? For their choices they make?
V/r
Charles Truthan, D.O.
Gee, “signal” appears to be the same type of chat app as let’s say whatsapp?
If that’s the best the US government can do? Seriously? Then I guess Trump and anybody else using substandard technology in the US government is responsible.
I’m 68 years old, I know more about technology chats etcetera than apparently these younger fresher political people do.
What makes it worse there are security officers. No excuse. Somebody’s head has to roll on this one. I don’t care who it is but Trump needs to do the right thing and somebody has to go. Cut your losses Trump before it gets worse.