The authoritative guide to ensuring science and technology make life on Earth better, not worse.
By Rachel Nuwer | April 4, 2025
The contents of Signal chats are only stored on users’ phones and not on the cloud for backup, which are not encrypted by default. Photo by appshunter.io on Unsplash
Almost immediately after news broke that US government officials had inadvertently shared war plans with a journalist last week, misinformation began to fly. Much of it had to do with the inner workings of Signal—the encrypted messaging app that officials were using to discuss military strikes in Yemen in a chat group to which US national security advisor Mike Waltz inadvertently added The Atlantic’s editor-in-chief, Jeffrey Goldberg.
At first, Waltz suggested that Goldberg could have added himself to the chat, which is not possible. He also speculated, falsely, that some other technical glitch in Signal could have caused Goldberg’s number to be “sucked into this group.”
The mainstream media also contributed to misunderstandings about the snafu now known as Signalgate. An NPR headline, for example, stated that members of the Pentagon had recently been warned in a memo about a “Signal vulnerability”—falsely implying that the app’s core technology had been compromised. In fact, the memo was about phishing attempts, a common cybercrime unrelated to Signalgate. The Signal account on the social media platform Bluesky addressed this concern in a post: “Phishing isn’t new, and it’s not a flaw in our encryption or any of Signal’s underlying technology. Phishing attacks are a constant threat for popular apps and websites.”
Much of the public discourse around the Signal fiasco stems from a fundamental misunderstanding of how encryption works. It has also contributed to further confusion and ill-informed speculation. To push back against the misinformation, we spoke with several encryption experts about how these technologies actually work.
Encryption 101. Encrypted messaging is different from regular texting. Simply put, if you send a text on your iPhone or android, the service provider has access to your message. This is not the case for encrypted messaging apps like Signal. Texts sent through Signal are only accessible on users’ devices, full stop.
Signal famously uses what’s known as the “Signal protocol,” an open source algorithm that some other encrypted apps have also adopted. The company made its code open-source in part because it wanted others to verify it, and indeed, it has been “extremely well vetted by the cryptography community,” said Julia Len, a computer scientist at the University of North Carolina at Chapel Hill.
“The general consensus is that the Signal protocol is the state of the art,” added Thomas Ristenpart, a computer scientist at Cornell University.
Signal’s encryption works by giving users unique cryptographic keys generated by the protocol. When a user sends a message, the protocol encrypts it into an unreadable cipher that can only be decrypted by the recipient’s phone, which uses a corresponding private key. These secret keys are stored directly on users’ devices, and as an extra level of security, the encryption keys generated by users’ private keys constantly change. No one at Signal has access to them, and unlike some other apps that require users to opt into encryption, Signal by default always applies this method.
As with other apps, servers—the central connection points through which apps communicate—act as conduits for data sent from one Signal user to another. However, unlike most other apps, Signal does not store any message data on its servers. This means that the company cannot be subpoenaed by courts, lawyers, or government agencies to provide users’ chats, because the company literally has no way to access them. The only information Signal does have access to is the date and time a user first registers and the last date they connected to the app.
Signal avoids some of the privacy pitfalls of other encrypted apps as well. WhatsApp, for example, also uses encrypted messaging based on the Signal protocol. But chats that users store on the cloud for backup are not encrypted by default, leaving them accessible to subpoenas, company employees, or hackers. WhatsApp users can choose to encrypt their cloud backups, but many people do not know to take this extra step.
The contents of Signal chats, on the other hand, are only stored on users’ phones. “One thing that’s annoying for people who use Signal is that if you switch phones, it’s sometimes hard to get your message history to transfer correctly,” said Mona Wang, a doctoral student in computer science at Princeton University.
But this is evidence, she added, of just how secure the app is.
By invite only. The only ways to join a group chat on Signal is to be invited by someone who is already in the group, or to use a scannable QR code that a group member generated to give new members access.
The groups themselves are unsearchable and completely inaccessible to anyone who doesn’t have access to one of the participating members’ phones. “It would not be possible for even the chief technology officer of Signal to add someone to a group,” Wang said.
The one way that someone could be added to a Signal group uninvited is if a member’s device was compromised—for instance, their phone was lost or stolen and the new owner managed to unlock it. Or because someone close enough to the person to know their phone’s passcode surreptitiously messed with their chats.
Border agents have also been known to seize phones and threaten arrest if the owner does not unlock the device. At a hostile border crossing, the only surefire way to keep encrypted data safe is to delete it or not have the device with you in the first place. This threat is why many people reacted with alarm when media outlets reported that Steve Witkoff, the United States envoy to Ukraine and the Middle East, had been in Russia when he was added to the Signal chat. The White House later denied that Witkoff had his personal device or government-issued phone with him in Russia, an assertion supported by Witkoff’s failure to respond in the Signal chat until he returned to the United States.
User error. Signal is an excellent option for those who are concerned about corporate spying or general government surveillance, Wang said. What it is not ideal for are people who could be the subjects of sophisticated, targeted surveillance. This includes high-level officials of the sort caught discussing war plans on Signal. In this case it’s not Signal that’s the problem, Wang said, but the chance that its users’ devices will be compromised by malware.
Hacker-for-hire firms specialize in finding vulnerabilities in phone operating systems and then developing malware to exploit those holes. All it takes for one of those programs to be installed on a target’s phone is to trick the person into clicking a link that contains the malware. Such programs “target taking over control of the end point devices, then from there being able to access the actual application after the messages have been decrypted,” Ristenpart said.
Many of those who specialize in targeted malware attacks are very good at what they do, Wang said. Pegasus, a spyware suite developed by NSO Group, an Israeli cyber intelligence firm, for example, has been found on the phones of high-profile journalists, activists, and even Jeff Bezos. So simply being vigilant about not clicking links isn’t necessarily a solution.
High-profile users also share another vulnerability common to every Signal user: basic human mistakes that no amount of technology can ever completely prevent. In the case of the Signal war chat, Wang said, the mistake was almost certainly caused by “just fat fingering the wrong name.”
There was a second point of failure, too. When someone is added to a group chat, Signal indicates as much to the entire group. After Waltz committed the first human error of adding Goldberg to the chat, everyone else present also committed the error of not noticing that a new member that shouldn’t be there had joined. “Those visual indications were there,” Len said. “So aside from making those bolder, or informing government officials about better ways to communicate securely, I’m not sure what else could have been done differently to prevent this.”
The Bulletin elevates expert voices above the noise. But as an independent nonprofit organization, our operations depend on the support of readers like you. Help us continue to deliver quality journalism that holds leaders accountable. Your support of our work at any level is important. In return, we promise our coverage will be understandable, influential, vigilant, solution-oriented, and fair-minded. Together we can make a difference.
Keywords: SIGNAL, encryption, end-to-end encryption, messaging apps, signalgate, war plans
Topics: Disruptive Technologies