Minutes before the United States launched a deadly missile campaign in Yemen that reportedly killed 53 people and wounded 89, including multiple children, on March 15, the Atlantic’s Editor-in-Chief Jeffrey Goldberg was sitting in his car in a grocery store parking lot waiting for the attack.
The story is now well-known and well-memed: Days before the missile barrage, Goldberg was added to a Signal group chat called “Houthi PC small group” after President Donald Trump’s national security advisor, Michael Waltz, invited him to connect on the encrypted message application. The editor was included in the discussion inadvertently, a spokesperson for the National Security Council acknowledged to the Atlantic.
It’s whiskeyleaks, not signalgate. The problem was the users in question couldn’t put together a Duplo set without help with a toddler. Signal is great in terms of opsec if you’re not an idiot.
The illegality of self-destructing messages in this sort of discussion is an adjacent but separate matter, but it is still (supposed to be) very illegal.
But I guess it’s ok because the DUI hire is “doing his best”.
Tbf, Signal, and most modern chat clients with multi-device syncing are not great for opsec.
When it comes to privacy from mass surveillance or using your metadata to mine demographic preferences who you are talking to etc Signal sits at the top of generally available chat clients.
But it’s geared for the convenience and privacy of the average user not military security.
Eg: when it comes to group chats you just have to get one of the members of the chat to fall for a device syncing link, for then the whole group chat future messages to become available to the attacker. What’s more, no admin or other user of the chat gets to have approval or visibility privileges or notification of a new synced device for that chat or any info about the status of each of the devices on that chat.
