The Trump Administration discussed a secret military operation on Signal, inadvertently adding Jeffrey Goldberg, the editor-in-chief of The Atlantic, to the thread. Until the bombs started dropping in Yemen, Goldberg couldn’t believe what he was reading.
Even if Goldberg hadn’t been included in the chat, it remains a terrible idea to discuss matters of national security via any app, no matter how secure it is considered. This point, while likely to ruffle some feathers in the political arena, should also serve as a stark reminder that nothing you do online is truly anonymous.
Here’s what you should consider before confiding your secrets to technology:
You are more interesting than you think.
It’s a common misconception that regular citizens like you and me are of no interest to hackers. However, a threat actor could exploit your device to gain access to your employer. By exploiting the data on your phone, a hacker could steal your identity and potentially cripple the entire organization.
Don’t blindly trust what technology companies tell you.
Encrypted chat apps Signal and WhatsApp are publicly debating which one is more secure. Meredith Whittaker, the president of Signal, appears to be particularly annoyed by WhatsApp’s Will Cathcart, who suggests there are hardly any differences between WhatsApp and Signal.
While Signal is generally considered a more trustworthy choice by the security community — and it’s worth noting that WhatsApp is owned by Meta — I still recommend exercising caution when using either app.
Recall how in 2021, Proton, another security-focused company, provided the IP address of a French activist to law enforcement due to legal obligations. Many remain upset about this incident, but it also serves as a reminder, as Proton’s Andy Yen noted, that “the Internet is generally not anonymous.”
Governments are increasingly asking for a backdoor.
The “good guys,” meaning law enforcement, want to have a key to your communication just in case it can be instrumental in some criminal case. Governments have long argued that end-to-end encrypted communication is an obstacle when trying to solve high-profile human trafficking, drug trafficking, and child exploitation cases, among others.
In some countries, the “good guys” might actually succeed in having those backdoors installed. While such amendments are theoretically intended to target only criminals, they set a very dangerous precedent. This is because governments often view protesters, dissidents, and political opponents as threats to national security or even sovereignty, effectively treating them as criminals.
Your phone might get stolen.
Are you the only one who knows your phone’s passcode? Is it a random sequence of numbers or something more meaningful, like someone’s birthday? Imagine what would happen if Goldberg’s phone were stolen. While it’s not child’s play to unlock it, it can be cracked through brute force.
Even though Signal offers encryption, the recent leak of military plans emphasizes the need for caution, even on trusted platforms. It’s crucial for every user, including government officials, to double-check contact identities, use additional layers like two-factor authentication, and be mindful of what’s shared. No tool is foolproof, and the failure to implement proper security measures shows that awareness and caution are just as important as the technology in use.
By Jurgita Lapienytė
—————————-
Jurgita Lapienytė is the Editor-in-Chief at Cybernews, where she leads a team of journalists and security experts dedicated to uncovering cyber threats through research, testing, and data-driven reporting. With a career spanning over 15 years, she has reported on major global events, including the 2008 financial crisis and the 2015 Paris terror attacks, and has driven transparency through investigative journalism. A passionate advocate for cybersecurity awareness and women in tech, Jurgita has interviewed leading cybersecurity figures and amplifies underrepresented voices in the industry. Recognized as the Cybersecurity Journalist of the Year and featured in Top Cyber News Magazine’s 40 Under 40 in Cybersecurity, she is a thought leader shaping the conversation around cybersecurity.