If Elon Musk probably has a superpower, it isn’t his engineering or business savvy. It’s probably his rank opportunism. The latest case in point: this week saw a massive outage for Amazon Web Services (AWS) that managed to take many of your favorite websites and services offline. The outage also hampered the workflows of countless online businesses. The impact was fairly universal.
And, ever the opportunist, Musk was quick to leverage the outage to unfairly smear a potential competitor and promote his own, shittier alternative.
Musk, however, took the opportunity to exploit the outage to criticize Signal over at his right wing propaganda and crypto grifter website:
Why would Musk do this? He’s trying to promote his own, shittier encrypted chat software beta, the creatively named X Chat. X Chat is part of Musk’s quest to turn what was once Twitter into an “everything app,” despite the fact he’s shown little real indication he’s innovative enough to actually make X useful for anything outside of sports chat and fighting with racist crypto grifter bots.
While Signal isn’t perfect and certainly has some dependencies on centralized infrastructure, the AWS outage didn’t create any specific risk issues related to encrypted Signal communications. Musk simply saw an opportunity to exploit the outage to market his barely-used beta software. Signal President Meredith Whittaker responded to Musk by noting that Signal was at least transparently open source:
But because every brain fart Elon Musk has somehow warrants its own clickbait news cycle, what’s left of the U.S. press couldn’t help but amplify Musk’s criticism of Signal and parrot his attacks mindlessly:
Much like Trump, Musk’s real skill set has absolutely nothing to do with engineering.
His real skill set revolves rank opportunism (like cozying up to talented engineers and taking singular credit for their work) and exploiting America’s very broken press for attention and marketing. In this case, trying to convince people to migrate from a trusted, open source, secure messaging app to a closed source app run by an erratic white supremacist ideologically aligned with the planet’s shittiest people.
This administration is so comfortable with its power and so self-assured in its actions that it can’t even be bothered to engage in basic operational security. This dates all the way back to Trump’s first term, when the president casually (and unofficially) declassified information by posting it to Twitter, routinely refused to attend national security briefings, and said stuff during interviews that had administration officials scrambling to prepare for inevitably awful outcomes of the president allowing any momentary burst of synapses to be converted immediately into words he can’t seem to prevent himself from uttering out loud.
The second Trump term has somehow managed to convert Trump’s conceited sloppiness into a communicable disease. Not once but twice have ostensible “war plans” been shared with civilians — the first time being an accidental e-vite to a Signal chat room extended to a journalist and the second being former Fox News also-ran Pete Hegseth being so self-involved he just had to share war chats with his immediate family and (checks notes] their lawyer.
ICE has done the same thing, as has the head of the Department of Homeland Security. Kristi Noem’s thirst for self-congratulatory photo ops has seen her expose ICE operations that were still underway because she thought she looked kind of badass boarding a vehicle before the sun came up.
This latest blunder — reported first by Andy Mannix for the Minnesota Star-Tribune — also involves Signal. But that’s not an indictment of Signal, which is still the best option for encrypted communications. End-to-end encryption can do a lot of things. But it can’t prevent you from adding someone you didn’t mean to to a group chat or prevent others in the chat from sharing their messages with others. And it definitely can’t protect you from shoulder surfing, because literally no service exists that can do that. That’s the sort of thing you’re supposed to be aware of when discussing sensitive information. And this government is showing, yet again, that it can’t be bothered to take the sort of protective steps even ordinary office workers are expected to.
Secretary of Defense Pete Hegseth considered sending an elite U.S. Army strike force to Portland, Ore., to quell protests that President Donald Trump has characterized as “lawless mayhem,” according to images of messages provided to the Minnesota Star Tribune.
The messages, casually exchanged last weekend in a crowded, public space, show high-level officials in the Trump administration discussing the deployment of the Army’s 82nd Airborne, an infantry division that has been deployed to combat zones in both world wars, Vietnam and Afghanistan. If the administration were to send in the Army division, it would almost certainly be challenged in court under federal laws limiting how the military can be used domestically.
Ask yourself: does this sound like something Pete Hegseth would consider green-lighting? And then ask yourself this: would another Trump official feel comfortable discussing this while in a “crowded, public space?” I think you have your answers. Here’s the person who’s the latest example of this administration’s inability (or unwillingness) [or both!] to treat their positions with the respect they’re supposed to deserve, much less do the sorts of things people would expect these office-holders to do when being entrusted with that amount of power.
Anthony Salisbury, a deputy to White House top policy adviser Stephen Miller, sent the texts over the private messaging app Signal while traveling in Minnesota and in clear view of others. Troubled by seeing sensitive military planning discussed so openly, a source contacted the Star Tribune and allowed a reporter to review images of the texts.
Salibury’s presence and engagement in these text messages was verified by other photos sent by the Star Tribune’s source. And his presence in Minnesota was verified by White House spokesperson Abigail Jackson, who presented his carelessness as extreme devotion to his duties as, um, Stephen Miller’s deputy whateverthefuck.
“Despite dealing with grief from the loss of a family member, Tony continued his important work on behalf of the American people,” Jackson said in a written statement. “Nothing in these private conversations, that are shamefully being reported on by morally bankrupt reporters, is new or classified information.”
LOL OK. But no one has reported the military (in the form of hard-drinking Petey H.) considered, however briefly, parachuting the 82nd Airborne into allegedly war-torn Portland, Oregon, USA. And we’ll just allow the moral bankruptcy court to declare the winners and losers in cases like these, which always feature gobsmacked Americans being greeted by administration defensiveness every time Trump & Assoc. fuck something up.
Then there’s this statement about the potential Oregon invasion plans witnessed by Citizen Shoulder Surfer, which is even more nonsensical than the White House’s “moral bankruptcy” speculations:
“The Department of War is a planning organization and does not speculate on potential future operations,” Sean Parnell, a Pentagon spokesman, said in a statement.
wat.
So, the planning organization does not discuss plans, even plans that may not even be part of the official plans, because it is a planning organization that actually doesn’t plan anything and just rolls into action with all eventualities included in its load out.
Bullshit, as fucking everyone says. Planning involves discussing plans, which necessarily involves speculation because there’s no other way to discuss future plans. Unless the administration is in possession of a time machine (which is contradicted by the evidence that this administration exists), some speculation must occur before formal plans are, well, formalized.
Just because no one but Hegseth and Trump wants to invade a US city with an elite division of the US military doesn’t mean he didn’t think it was a good idea worth discussing with a guy who works for Stephen Miller and who doesn’t have the situational awareness to not participate in this discussion while surrounded by people he doesn’t actually know.
The Trump administration will, of course, shrug this off as nothing more than evidence of the press working to destroy America before Trump can get around to doing that himself. But it’s the other thing: It’s an administration stuffed to brim with under-qualified glory hounds, opportunists, gladhanders, sycophants, conspiracy theorist podcasters, Fox News commentators, and glamour dolls aging their way to irrelevance — all of them failing to do the things that would demonstrate extremely basic levels of professional competence.
If you feel this nation is beset on all sides by the inequities of the selfish and the tyrannies of evil men, you probably should be scared shitless that the clowns are running the circus. Of course, those backing Trump aren’t truly concerned about any of this, not even those running his agencies and/or repeating the lie that the mere existence of foreign people on our soil is an act of war.
Area drunk/The War Room Is Now The Green Room Defense Department head Pete Hegseth is probably the tip of the iceberg, but his DM indiscretions are not solely his own. When a journalist got added to a war plans Signal chatroom, there was cause to be concerned, especially once one was done laughing. When Hegseth was so desperate for personal interaction, he decided to share war plans with his wife and members of his family, there was even more reason to be concerned, especially when the Trump Administration decided to stand by its man, even when that man routinely appeared to be incapable of standing on his own.
America is feeling less like a nation and more like a frat house whose occupants are so self-deluded they think they’re capable of handling anything more than tapping a fresh keg. Perhaps that’s why we’re being subjected to nationwide hazing, which appears to take the form of being shipped off to a foreign maximum security prison for the rest of whatever.
The fun never stops. Top level NATSEC folks are being stupid and not very secure on main, exposing a bunch of stuff to journalists these department heads are fully aware are present. Here’s some more stupidity from a Trump official, which 404Media’s Joseph Cox has the kindness to say was an accidental revelation:
Mike Waltz, who was until Thursday U.S. National Security Advisor, has inadvertently revealed he is using an obscure and unofficial version of Signal that is designed to archive messages, raising questions about what classification of information officials are discussing on the app and how that data is being secured, 404 Media has found.
On Thursday Reuters published a photograph of Waltz checking his mobile phone during a cabinet meeting held by Donald Trump. The screen appears to show messages from various top level government officials, including JD Vance, Tulsi Gabbard, and Marco Rubio.
“Inadvertently” might be true, but “stupidly” is far more accurate. I mean, we all had a good laugh when Kanye West scored an audience with Trump during his last presidential term and revealed his device security habits were just as solid as his personal judgment skills.
For what it’s worth, Waltz is no longer the nation’s national security advisor. Instead, he being turfed to UN Ambassador duty, which pretty much just means running interference for whatever new war-like expansionist plan Trump happens to announce during upcoming press conferences and media appearances.
Don’t breathe a sigh of relief just yet, though. It appears the remarkably under-qualified Marco Rubio will not only be failing to competently run the State Department, but he’ll also be required to collect and collate national security briefings the president will never read.
Say what you will about Signal, but this isn’t a Signal problem. It’s a Hegseth-Trump-Waltz-etc. problem. Signal is secure. But that security means nothing when deployed by extremely stupid people. Former NSC advisor Waltz is stupider than most, not only for logging in while in camera range of journalists, but for using a third-party app that deliberately undermines the privacy protections offered to users by Signal.
The Reuters photo shows Waltz’s phone asking him to input his “TM SGNL” pin. This is not part of Signal’s software. It’s a third-party app that offers functions Signal decidedly does not.
TM SGNL appears to refer to a piece of software from a company called TeleMessage which makes clones of popular messaging apps but adds an archiving capability to each of them. A page on TeleMessage’s website tells users how to install “TM SGNL.” On that page, it describes how the tool can “capture” Signal messages on iOS, Android, and desktop.
Even if others in war plans chatrooms might have taken the precaution of utilizing the auto-delete function, TeleMessage allows users to undercut that privacy/security function. On top of that, it makes it clear top officials using products like these do have the capability of preserving official government communications even while using Signal, which means they shouldn’t be allowed to claim otherwise when responding to lawsuits, public records requests, or public records request lawsuits.
But, of course, using TeleMessage presents its own security issues. It’s certainly not an officially supported offering by Signal, which makes it a target for hackers, and hackers have descended. On Monday it was reported that the app has been hacked:
A hacker has breached and stolen customer data from TeleMessage, an obscure Israeli company that sells modified versions of Signal and other messaging apps to the U.S. government to archive messages, 404 Media has learned. The data stolen by the hacker contains the contents of some direct messages and group chats sent using its Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat. TeleMessage was recently the center of a wave of media coverage after Mike Waltz accidentally revealed he used the tool in a cabinet meeting with President Trump.
The hack shows that an app gathering messages of the highest ranking officials in the government—Waltz’s chats on the app include recipients that appear to be Marco Rubio, Tulsi Gabbard, and JD Vance—contained serious vulnerabilities that allowed a hacker to trivially access the archived chats of some people who used the same tool. The hacker has not obtained the messages of cabinet members, Waltz, and people he spoke to, but the hack shows that the archived chat logs are not end-to-end encrypted between the modified version of the messaging app and the ultimate archive destination controlled by the TeleMessage customer.
So even if you believe that using Signal was safe because of its end-to-end encryption, the fact that they were using TeleMessage basically meant that they put a man-in-the-middle attack into their own Signal chats, making it that much more insecure. So insecure that it was hacked.
In other words, the one single redeeming quality of them using Signal (“well, at least it uses end-to-end encryption”) was done away with via their own actions.
And then, after the hack was revealed, TeleMessage announced that it was… shutting down the service at least for the time being.
TeleMessage, the app that President Donald Trump’s former national security adviser, Mike Waltz, appeared to use to archive his group chats, has suspended all services after hackers claimed to have stolen files from it.
A spokesperson for Smarsh, the company that owns TeleMessage, said Monday that the company “is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation.”
“Out of an abundance of caution, all TeleMessage services have been temporarily suspended,” the spokesperson said.
Normally, if the government is using a system for important classified information sharing it would be thoroughly tested and carefully vetted. Here, it appears that none of that was done. Beyond the texting of war plans to a journalist, outside the texting of war plans to family members, here we have these officials using a sketchy third party app that obliterates the value of end-to-end encryption by mirroring the conversations to an insecure third party Israeli company, who was quickly hacked.
And, it appears, the hackers were able to obtain fairly real time messages:
One hacked message was sent to a group chat apparently associated with the crypto firm Galaxy Digital. One message said, “need 7 dems to get to 60.. would be very close” to the “GD Macro” group. Another message said, “Just spoke to a D staffer on the senate side – 2 cosponsors (Alsobrooks and gillibrand) did not sign the opposition letter so they think the bill still has a good chance of passage the senate with 5 more Ds supporting it.”
This means a hacker was able to steal what appears to be active, timely discussion about the efforts behind passing a hugely important and controversial cryptocurrency bill; Saturday, Democratic lawmakers published a letter explaining they would oppose it. Bill cosponsors Maryland Sen. Angela Alsobrooks and New York Sen. Kirsten Gillibrand did not sign that letter.
This is base-level dumb. We expect better from our government officials, even if they’ve decided to be just another yes man trapped in Trump’s orbit. This casual stupidity isn’t limited to the moments captured by visiting journalists. It infects everything in the nation at this point because if there’s anything the Trump Administration values more than cruelty, it’s blind loyalty. And no one anywhere has ever considered those traits to be indicative of intelligence. But, for now, those are the traits that get you closest to the power, so that’s what we’re stuck with.
Remember when government officials discussing sensitive information over unsecured channels was treated as a national crisis worthy of endless investigations? Apparently, those days are over. While Hillary Clinton’s email server spawned years of investigations and Attorney General Pam Bondi is still trying to rehash it, the White House wants us to simply forget about top officials planning potential war crimes over Signal just last week.
The contrast is striking. Clinton’s email server triggered multiple congressional investigations, FBI probes, and years of lawsuits. Yet when it comes to senior officials casually discussing military targeting plans over a consumer messaging app, we’re told there’s nothing more to see here.
And this isn’t just about partisan hypocrisy from the “lock her up” crowd, though that’s certainly on display. This is about national security officials casually planning military operations over a consumer messaging app — operations that may constitute war crimes in their targeting of civilian objects. The only reason we even know about this massive security breach is their stunning incompetence in adding Atlantic journalist Jeffrey Goldberg to their illegal chat group.
Even some top Republicans recognize this deserves serious investigation. But the White House has other plans.
The White House’s response? A dismissive wave of the hand and a “case closed” declaration from press secretary Karoline Leavitt:
“This case has been closed here at the White House as far as we are concerned,” press secretary Karoline Leavitt told reporters on Monday.“There have been steps made to ensure that something like that can obviously never happen again, and we’re moving forward,” she said.
And much of the media seems content to simply parrot this talking point:
Let’s be clear: uncritically reporting the White House’s “nothing to see here” stance isn’t journalism — it’s stenography. The press secretary’s statement isn’t just meaningless, it’s an active attempt to sweep serious actual violations under the rug.
This White House’s strategy is clear: lie, mislead, and deflect until the story dies. We’ve seen it with Bondi’s desperate “but her emails” deflection last week, and we’re seeing it again with this premature “case closed” declaration.
But there are plenty of things in this story that require investigation:
How did multiple senior officials decide it was totally acceptable to plan military operations over a consumer messaging app?
What other sensitive discussions have happened on unsecured channels such as Signal?
Have these conversations been recorded, as required under the Federal Records Act?
Have other illegal commercial chats been scrubbed to see how many outsiders were allowed in to them like Goldberg was?
How did they fuck up so badly to add an external person (incredibly, a reporter) to this illegal chat?
Who approved targeting civilian infrastructure, and what was their legal justification?
What “steps have been made” to prevent this from happening again, and why should we trust them?
The media’s job isn’t to parrot White House talking points — it’s to uncover the truth. And the truth here is explosive: top government officials casually planned what appear to be war crimes over an unsecured channel, and we only know about it because they accidentally included a journalist in their illegal discussions.
If the White House (and Congress) won’t investigate, then the media must. The administration clearly doesn’t care if we know they’re wielding national security laws as political weapons while ignoring actual security breaches. But the public should care deeply about this cynical abuse of power. When national security becomes just another partisan cudgel, we’re not just undermining the rule of law — we’re creating a system where real threats to national security go uninvestigated while manufactured scandals consume years of attention and resources.
This hasn’t been a good week for those who believed that Donald Trump would bring in the “best, most competent” people around. Fresh off the revelation that a bunch of the top cabinet and security officials were accidentally sharing classified info with a journalist using Signal on their private phones (rather than, you know, secure government systems), the hits just keep coming.
Next, it came out that Mike Waltz, Trump’s National Security Advisor and the person who had added the journalist Jeffrey Goldberg to the illegal Signal group chat, had also left his Venmo friends list wide open:
A Venmo account under the name “Michael Waltz,” carrying a profile photo of thenational security adviserand connected to accounts bearing the names of people closely associated with him, wasleft open to the publicuntil Wednesday afternoon. A WIRED analysis shows that the account revealed the names of hundreds of Waltz’s personal and professional associates, including journalists, military officers, lobbyists, and others—information a foreign intelligence service or other actors could exploit for any number of ends, experts say.
Among the accounts linked to “Michael Waltz” are ones that appear to belong to Susie Wiles, the White House chief of staff, and Walker Barrett, astafferon the United States National Security Council. Both were fellow participants in anow-infamous Signal group chatcalled “Houthi PC small group.”
Oopsie.
While this is hardly the first time a politician left their Venmo info exposed, we’re not talking about some random congressman’s late-night pizza orders — this is the National Security Advisor, whose entire job revolves around protecting sensitive information. You’d think having even basic operational security would be, you know, a job requirement.
Hell, you might think that the National Security Advisor, of all people, would have someone on staff whose job includes making sure his digital pants are zipped. But that would require caring about security basics in the first place.
But Waltz’s carelessness isn’t isolated. Last month, it was revealed that Defense Secretary Pete Hegseth left his Venmo exposed as well. And on Thursday, Wired found that many others in the “bomb the Houthis” Signal chat group have been walking around with their digital pants down – more members had left their Venmo info exposed in ways that created massive security risks.
A number of top Trump administration officials—including four who were on anow-infamous Signal group chat—appear to haveVenmo accountsthat have been leaking data, including contacts and in some cases transactions, to the public. Experts say this is a potentially serious counterintelligence problem that could allow foreign intelligence services to gain insight into a target’s social network or even identify individuals who could be paid or coerced to act against them.
The officials in question include Dan Katz, chief of staff at the US Treasury; Joe Kent, President Donald Trump’s nominee for director of the National Counterterrorism Center; and Mike Needham, counselor and chief of staff to the secretary of State. All three were participants in the“Houthi PC small group” chatin whichsensitive attack planswere discussed and to which Jeffrey Goldberg, editor in chief of The Atlantic, was accidentally invited. Katz was named in it as a point of contact by Scott Bessent, the Treasury secretary; Kent by Tulsi Gabbard, the director of national intelligence, to whom Kent serves as acting chief of staff; and Needham by Marco Rubio, the secretary of State.
It gets worse.
As if the Venmo exposure wasn’t bad enough, the German newspaper Spiegel dropped another bombshell this week: they found private data — including actual passwords — for these same officials just sitting exposed on the internet. And we’re not talking about old, abandoned accounts.
Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials.
To do so, the reporters used commercial people search engines along with hacked customer data that has been published on the web. Those affected by the leaks include National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard and Secretary of Defense Pete Hegseth.
Now, some might argue that everyone’s data gets leaked eventually. But there’s a world of difference between your average person’s old MySpace password getting exposed and what we’re seeing here. These are our top national security officials, using current credentials that provide access to their most sensitive communications — including, as the Spiegel report notes, their Signal phone numbers:
Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn. They were used to create Dropbox accounts and profiles in apps that track running data. There are also WhatsApp profiles for the respective phone numbers and even Signal accounts in some cases.
This matters a lot. While Signal’s encryption remains secure, foreign adversaries (particularly the Russians) have found a much simpler way in: exploiting Signal’s “linked devices” feature. It’s not a technological hack — it’s old-fashioned social engineering that preys on user carelessness. The feature lets you use Signal on multiple devices (like your phone and computer), but if attackers can trick someone into “linking” a device they control, they can read all of that person’s messages. With the phone numbers and other data now exposed, staging such attacks becomes dramatically easier.
Indeed, just days before the “bomb the Houthis” Signal chat happened, the Defense Department had warned everyone to beware of this kind of attack on those who use Signal.
Whoops.
Spiegel found that both Waltz and Director of National Intelligence Tulsi Gabbard (yes, that’s right — the person in charge of coordinating all US intelligence activities) had active Signal accounts linked to their exposed phone numbers:
Tulsi Gabbard has declined to comment. DER SPIEGEL reporting has demonstrated, though, that privately used and publicly accessible telephone numbers belonging to her and Waltz are, in fact, linked to Signal accounts.
Let’s break this down: The two officials most responsible for America’s intelligence security (1) were using Signal to illegally discuss information that should have been classified, (2) had their phone numbers and other personal data exposed online, including in Waltz’s case, about his social circle, and (3) kept using those same compromised accounts even after being warned about potential attacks.
Seems… not great.
There’s a particular irony in watching an administration that campaigned against the “deep state” bureaucracy and “DEI hires” while promising to bring in only the “best people” install national security officials who can’t figure out basic privacy settings. The “deep state” types, whatever their faults, at least knew how to use secure government communication systems. (And probably knew better than to add journalists to their classified chat groups.)
These aren’t just embarrassing gaffes or fodder for tech journalists. They’re potentially devastating vulnerabilities in our national security apparatus, created by the very people tasked with protecting it. When your National Security Advisor and Director of National Intelligence are ignoring basic security practices that every corporate IT department requires of entry-level employees, something has gone deeply wrong with your hiring practices.
Perhaps we should consider bringing back DEI, since the people in charge sure seemed a lot more competent back then. At the very least, they knew how to lock down their Venmo accounts.
Look, I know you’ve probably already seen yesterday’s absolutely stunning story from Jeffrey Goldberg at The Atlantic. The one where Trump administration officials somehow managed to add a journalist to their Signal group chat while planning out their bombing of the Houthi rebels in Yemen. The one that reads like a plot point rejected from VEEP for being too unrealistic.
But having spent 24 hours watching various hot takes and attempts to minimize just how catastrophically bad this security breach was, we need to talk about why this is even worse than most people realize.
First, just look at the casual way these officials discuss highly classified military operations. This isn’t just a quick “oops wrong number” text – this is an extended conversation about bombing plans happening on an unauthorized platform. And the deeper you read, the worse it gets:
At 8:05 a.m. on Friday, March 14, “Michael Waltz” texted the group: “Team, you should have a statement of conclusions with taskings per the Presidents guidance this morning in your high side inboxes.” (High side, in government parlance, refers to classified computer and communications systems.) “State and DOD, we developed suggested notification lists for regional Allies and partners. Joint Staff is sending this am a more specific sequence of events in the coming days and we will work w DOD to ensure COS, OVP and POTUS are briefed.”
At this point, a fascinating policy discussion commenced. The account labeled “JD Vance” responded at 8:16: “Team, I am out for the day doing an economic event in Michigan. But I think we are making a mistake.” (Vance was indeed in Michigan that day.) The Vance account goes on to state, “3 percent of US trade runs through the suez. 40 percent of European trade does. There is a real risk that the public doesn’t understand this or why it’s necessary. The strongest reason to do this is, as POTUS said, to send a message.”
The Vance account then goes on to make a noteworthy statement, considering that the vice president has not deviated publicly from Trump’s position on virtually any issue. “I am not sure the president is aware how inconsistent this is with his message on Europe right now. There’s a further risk that we see a moderate to severe spike in oil prices. I am willing to support the consensus of the team and keep these concerns to myself. But there is a strong argument for delaying this a month, doing the messaging work on why this matters, seeing where the economy is, etc.”
A person identified in Signal as “Joe Kent” (Trump’s nominee to run the National Counterterrorism Center is named Joe Kent) wrote at 8:22, “There is nothing time sensitive driving the time line. We’ll have the exact same options in a month.”
Then, at 8:26 a.m., a message landed in my Signal app from the user “John Ratcliffe.” The message contained information that might be interpreted as related to actual and current intelligence operations.
At 8:27, a message arrived from the “Pete Hegseth” account. “VP: I understand your concerns – and fully support you raising w/ POTUS. Important considerations, most of which are tough to know how they play out (economy, Ukraine peace, Gaza, etc). I think messaging is going to be tough no matter what – nobody knows who the Houthis are – which is why we would need to stay focused on: 1) Biden failed & 2) Iran funded.”
The Hegseth message goes on to state, “Waiting a few weeks or a month does not fundamentally change the calculus. 2 immediate risks on waiting: 1) this leaks, and we look indecisive; 2) Israel takes an action first – or Gaza cease fire falls apart – and we don’t get to start this on our own terms. We can manage both. We are prepared to execute, and if I had final go or no go vote, I believe we should. This [is] not about the Houthis. I see it as two things: 1) Restoring Freedom of Navigation, a core national interest; and 2) Reestablish deterrence, which Biden cratered. But, we can easily pause. And if we do, I will do all we can to enforce 100% OPSEC”—operations security. “I welcome other thoughts.”
100% OPSEC indeed. Remember, this is the Secretary of Defense (who we all knew was unqualified for the job) literally promising perfect operational security while inadvertently sharing war plans with a journalist over a non-governmental communications system.
And remember — this is just what Goldberg was comfortable sharing publicly. He notes that some messages were too sensitive to publish, containing operational details that “could conceivably have been used to harm American military and intelligence personnel.” Think about that for a moment: these top officials were casually texting information so sensitive that even after the fact, a journalist felt publishing it would endanger lives.
This isn’t just incompetence — though it certainly demonstrates how the rank amateurs Trump put into power are catastrophically unqualified for their jobs. This is criminal negligence with national security implications.
Under 18 USC 793, “gross negligence” in handling defense information carries up to ten years in prison. And this case goes way beyond mere negligence — they deliberately chose to conduct classified military planning on an unauthorized platform, then accidentally broadcast it to a journalist. That’s before we even get to the numerous other laws likely violated here.
While some members of Congress, including a few Republicans, are appropriately alarmed by this breach, the GOP leadership is desperately trying to minimize it. Take Rep. Don Bacon, an Armed Services Committee member and former Air Force brigadier general, who actually told Axios: “I’ve accidentally sent the wrong person a text. We all have.”
This kind of false equivalence is both dangerous and stupid. This wasn’t a misdirected happy birthday text, you dipshit. This was classified military planning conducted over a third-party messaging app. Yes, Signal’s encryption is excellent — but that’s completely beside the point. There’s a reason the government has specific secured communications systems, SCIFs, and strict protocols for handling classified information.
Even more concerning than Bacon’s clueless response is House Speaker Mike Johnson’s attempt to downplay this massive security breach: “They’re gonna track that down and make sure that doesn’t happen again…. Clearly, I think the administration has acknowledged it was a mistake and they’ll tighten up.”
This wasn’t some minor technical slip-up that just needs a policy reminder. This was top officials deliberately choosing to conduct classified military planning on unauthorized systems. The fact that they accidentally included a journalist just exposed what they were doing — but the underlying violation was using Signal in the first place.
And here’s what should really keep you up at night: we only know about this because they happened to add a journalist who went public about this single chat. How many other sensitive conversations are happening on Signal or other unauthorized platforms? How many other “accidental” additions might have gone unnoticed? How many foreign intelligence services are already exploiting this administration’s casual approach to operational security?
Let’s put this in perspective: this is the same Trump team that turned “but her emails” into a movement over Hillary Clinton’s private email server. We were critical of Clinton’s server too — it was a legitimately bad security practice. But what we’re seeing here makes Clinton’s server look like amateur hour.
Clinton used a private server for mostly unclassified State Department business, with a handful of retroactively classified emails found in the mix. These guys are literally planning military strikes over Signal, complete with operational details so sensitive that journalists won’t even publish them. And they’re doing it specifically to dodge both security protocols and federal records laws.
The private server versus Signal distinction matters too. Clinton’s setup, while improper, was at least a dedicated system. These officials are just using a consumer app, making it virtually impossible to properly archive communications as required by law. They’re not just mishandling classified info — they’re deliberately choosing tools that help them hide their tracks.
And, yes, pretty much all of the officials in the chat are on record screaming about supposed security failures during Democratic administrations. CNN put together an incredible supercut of a bunch of these dipshits screaming about security breaches from Democrats:
CNN put together a collection of clips of various Trump officials who were on the signal chat criticizing Hillary Clinton’s email server
Though, my favorite may be this tweet from Director of National Intelligence Tulsi Gabbard (a member of the group chat) from just ten days ago saying “any unauthorized release of classified information is a violation of the law and will be treated as such.”
Huh, maybe someone should get on responding to this lawbreaking that you were a part of then.
And then there’s Donald Trump’s telling response to this security nightmare. After first trying to dismiss the story by attacking The Atlantic (“a magazine that is going out of business”), Trump pivots to what he thinks is the only relevant point: “Well, it couldn’t have been very effective, because the attack was very effective.”
Think about that for a moment. The man who led “lock her up” chants over Clinton’s email server — who insisted the mere existence of a private server was disqualifying regardless of any actual harm — is now arguing that leaking classified military plans is fine as long as the operation still succeeded.
This is the same Trump who once claimed Clinton’s email practices were “bigger than Watergate.” The same Trump who said anyone mishandling classified information should be disqualified from public service. Now he’s shrugging off his own officials literally texting war plans to random journalists because hey, the bombing worked out okay in the end.
Some Trump defenders are trying to minimize this by claiming the published excerpts only show policy debate among senior officials. But Goldberg’s reporting makes clear just how dangerous this breach was:
At 11:44 a.m., the account labeled “Pete Hegseth” posted in Signal a “TEAM UPDATE.” I will not quote from this update, or from certain other subsequent texts.The information contained in them, if they had been read by an adversary of the United States, could conceivably have been used to harm American military and intelligence personnel, particularly in the broader Middle East, Central Command’s area of responsibility. What I will say, in order to illustrate the shocking recklessness of this Signal conversation, is that theHegseth post contained operational details of forthcoming strikes on Yemen, including information about targets, weapons the U.S. would be deploying, and attack sequencing.
Let that sink in. These weren’t just policy discussions — these were detailed military plans so sensitive that publishing them could endanger American lives. And they were being casually shared on Signal, where any “accidental” addition could have accessed them.
Remember Benghazi? Republicans spent years investigating Obama administration officials over that attack. They held endless hearings, demanded countless documents, and threw around accusations of criminal negligence and security failures. Now imagine if they’d discovered Obama officials were planning military operations over WhatsApp and accidentally adding journalists to the chat.
In any functioning administration, this would be a career-ending scandal. Multiple officials would be fired. Security protocols would be completely overhauled. Criminal investigations would be launched. Instead, we’re watching Republicans try to wave this away as a simple mistake — just an errant text, no big deal since the bombing worked out fine.
This isn’t just covering up incompetence anymore. This is actively endangering national security by normalizing absolutely reckless handling of classified military operations. Anyone claiming otherwise is either lying or has completely abandoned any pretense of caring about operational security when their team is in charge.
I’m going to go out on a limb here and make a fairly wild suggestion: if you spend years calling yourself a “free speech absolutist” while decrying “government censorship,” maybe one of your first moves after taking over the government shouldn’t be demanding prison sentences for journalists who report things you don’t like.
But that’s just me.
At this point, the gap between Elon Musk’s free speech rhetoric and his actual behavior has become almost comically wide. He has sued and silenced critics over and over again. Just recently there was a report about how Tesla regularly sues customers and journalists in China if they’re critical of his cars.
Zhang Yazhou was sitting in the passenger seat of her Tesla Model 3 when she said she heard her father’s panicked voice: The brakes do not work. Approaching a red light, her father swerved around two cars before plowing into a sport utility vehicle and a sedan, and crashing into a large concrete barrier.
Stunned, Zhang gazed at the deflating airbag in front of her. She could never have imagined what was to come: Tesla Inc sued her for defamation for complaining publicly about the vehicles brakes — and won. A Chinese court ordered Zhang to pay more than US$23,000 in damages and publicly apologize to the US$1.1 trillion company.
Zhang is not the only one to find herself in the crosshairs of Tesla, which is led by Elon Musk, among the richest men in the world and a self-described “free speech absolutist.” Over the past four years, Tesla has sued at least six car owners in China who had sudden vehicle malfunctions, quality complaints or accidents they claimed were caused by mechanical failures.
And it’s not just China. In the US, Musk has developed what you might call a “comprehensive litigation strategy” against speech he doesn’t like. That’s a polite way of saying he files lawsuits, threatens critics, and generally tries to make life difficult for anyone who says mean things about him or his companies.
But this weekend, Musk outdid himself with two tweets, posted just hours apart, that perfectly encapsulate his free speech hypocrisy — while simultaneously highlighting his near total lack of self-awareness. First, responding to some nonsense that isn’t even worth explaining, Musk pointed out that one of the first things Hitler did upon gaining power was to “apply aggressive censorship.”
Then, less than six hours later, after CBS’ 60 Minutes posted an interview with a former (Republican) administrator of USAID calling out Elon’s “utter nonsense” claims about fraud at USAID, Elon declared that people at 60 Minutes “deserve a long prison sentence” for reporting on things in a manner he disapproves of.
Again, let’s be explicit here: this is Elon Musk, a federal government employee with unprecedented power and tremendous influence over the entire federal government at this moment, saying that journalists should be thrown in prison for a long time, because he doesn’t like their reporting. This isn’t just Musk being thin-skinned — it’s a billionaire currently running much of our government, trying to weaponize state power against the press, just because they called out how his claims about USAID were nonsense.
It is difficult to think of a more obvious First Amendment violation than that. The framers literally wrote the First Amendment to prevent exactly this kind of government intimidation of the press. Though they probably didn’t anticipate a scenario where a tech CEO would be effectively running the government while simultaneously controlling the one of the world’s largest social media platforms. But even ignoring the legal side, it shows how inherently censorial Musk is, and how he’s willing to abuse his power to create threats against and chilling effects on journalists.
The irony of Musk decrying Hitler’s censorship while simultaneously threatening journalists with imprisonment would be amusing if it weren’t so dangerous. His complete lack of self-awareness would be comical if he didn’t wield such significant power over both government operations and global communications platforms.
The sequence here is almost too perfect: First, Musk warns about Hitler’s censorship tactics. Then, he threatens to jail journalists for critical reporting. Finally, using his control of a global communications platform, he starts blocking tools that journalists and government employees use to communicate securely. He is what he claims he’s fighting against.
Elon Musk is no free speech absolutist. The pattern is clear: Musk’s version of “free speech” has always been about amplifying voices he agrees with while systematically suppressing those he doesn’t. His platform encourages certain forms of controversial speech – particularly those targeting marginalized groups – while actively working to silence legitimate criticism and reporting.
And, hell, just as I was finishing this article, ExTwitter provided yet another example of Musk’s censorial impulses: (once again, as this seems to happen pretty regularly) blocking links to an internet service Musk doesn’t like. The platform is now blocking links to Signal, according to Matt Binder, and confirmed by many users.
Elon Musk’s social media platform, X, is currently banning links to “Signal.me,” a URL used by the encrypted messaging service Signal. The “Signal.me” domain is specifically used by the service so that users can send out a quick link to directly contact them through the messaging app.
X, formerly Twitter, is blocking users from posting a “Signal.me” link through DM, public post, or even in their profile page. When trying to post a Signal link, users receive a variety of different “message failed” prompts depending on what version of the X platform they use (i.e. X for web, X for iPhone, etc.)
And for posts that already had a Signal link, well, ExTwitter tells you it’s unsafe:
The timing here requires a bit of unpacking. Government employees have apparently been using Signal to tell journalists about how Musk’s DOGE crew is wreaking havoc across federal agencies. Now, if you’re running both the government and a major communications platform, and you discover people are using an encrypted messaging app to leak stories about your… let’s call it “innovative approach to federal management,” you have some options:
You could address the underlying concerns about your management
You could try to stop the leaks through normal government channels
You could declare the messaging platform itself “unsafe” and block it entirely on your social network
Musk, naturally, appears to have gone with option 3. Because when you control both the government apparatus AND the means of communication, why choose just one form of censorship?
It’s the kind of move that would make those 20th century censors he was just criticizing say “now that’s efficiency!” Though they might suggest he also throw in some book burning for good measure. But hey, there’s always tomorrow’s DOGE directive for that.
In an indictment against Defend the Atlanta Forest activists in Georgia, state prosecutors are citing use of encrypted communications to fearmonger. Alleging the defendants—which include journalists and lawyers, in addition to activists—in the indictment were responsible for a number of crimes related to the Stop Cop City campaign, the state Attorney General’s prosecutors cast suspicion on the defendants’ use of Signal, Telegram, Tor, and other everyday data-protecting technologies.
“Indeed, communication among the Defend the Atlanta Forest members is often cloaked in secrecy using sophisticated technology aimed at preventing law enforcement from viewing their communication and preventing recovery of the information” the indictment reads. “Members often use the dark web via Tor, use end-to-end encrypted messaging app Signal or Telegram.”
The secure messaging app Signal is used by tens of millions of people, and has hundreds of millions of global downloads. In 2021, users moved to the nonprofit-run private messenger en masse as concerns were raised about the data-hungry business models of big tech. In January of that year, former world’s richest man Elon Musk tweeted simply “Use Signal.” And world-famous NSA whistle-blower Edward Snowden tweeted in 2016 what in information security circles would become a meme and truism: “Use Tor. Use Signal.”
Despite what the bombastic language would have readers believe, installing and using Signal and Tor is not an initiation rite into a dark cult of lawbreaking. The “sophisticated technology” being used here are apps that are free, popular, openly distributed, and widely accessible by anyone with an internet connection. Going further, the indictment ascribes the intentions of those using the apps as simply to obstruct law enforcement surveillance. Taking this assertion at face value, any judge or reporter reading the indictment is led to believe everyone using the app simply wants to evade the police. The fact that these apps make it harder for law enforcement to access communications is exactly because the encryption protocol protects messages from everyone not intended to receive them—including the users’ ISP, local network hackers, or the Signal nonprofit itself.
Elsewhere, the indictment hones in on the use of anti-surveillance techniques to further its tenuous attempts to malign the defendants: “Most ‘Forest Defenders’ are aware that they are preparing to break the law, and this is demonstrated by premeditation of attacks.” Among a laundry list of other techniques, the preparation is supposedly marked by “using technology avoidance devices such as Faraday bags and burner phones.” Stoking fears around the use of anti-surveillance technologies sets a dangerous precedent for all people who simply don’t want to be tracked wherever they go. In protest situations, carrying a prepaid disposable phone can be a powerful defense against being persecuted for participating in first-amendment protected activities. Vilifying such activities as the acts of wrongdoers would befit totalitarian societies, not ones in which speech is allegedly a universal right.
To be clear, prosecutors have apparently not sought to use court orders to compel either the defendants or the companies named to enter passwords or otherwise open devices or apps. But vilifying the defendants’ use of common sense encryption is a dangerous step in cases that the Dekalb County District Attorney has already dropped out of, citing “different prosecutorial philosophies.”
Using messengers which protect user communications, browsers which protect user anonymity, and employing anti-surveillance techniques when out and about are all useful strategies in a range of situations. Whether you’re looking into a sensitive medical condition, visiting a reproductive health clinic with the option of terminating a pregnancy, protecting trade secrets from a competitor, wish to avoid stalkers or abusive domestic partners, protecting attorney-client exchanges, or simply want to keep your communications, browsing, and location history private, these techniques can come in handy. It is their very effectiveness which has led to the widespread adoption of privacy-protective technologies and techniques. When state prosecutors spread fear around the use of these powerful techniques, this sets us down a dangerous path where citizens are more vulnerable and at risk.
Pretty much everyone who isn’t a UK legislator backing the Online Safety Bill has come out against it. The proposal would give the UK government much more direct control of internet communications. Supposedly aimed at limiting the spread of child sexual abuse material (CSAM), the proposal would do the opposite of its moniker by making everyone less safe when interacting with others via internet services.
While proponents continue to offer up nonsensical defenses of a bill that would compromise encryption, if not actually outlaw it, people who actually know what they’re talking about have been pointing out the flawed logic of UK regulators, if not promising to exit the UK market entirely if the bill is passed.
As the bill heads for another round of votes, entities that actually want to ensure online safety continue to speak up against. The group of critics includes Apple, which knows from first hand experience the negative side effects created by demanding broken encryption and/or client-side scanning.
[I]n a statement Apple said: “End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats.
“It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk.
“Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all.”
Also speaking up (again), but probably not being heard (again), are encrypted communication services WhatsApp and Signal — both of which have promised to stop offering their services in the UK if the Online Safety bill becomes law. Here are the statements given to the Evening Standard by WhatsApp, Element, and Signal:
“If the Online Safety Bill does not amend the vague language that currently opens the door for mass surveillance and the nullification of end-to-end encryption, then it will not only create a significant vulnerability that will be exploited by hackers, hostile nation states, and those wishing to do harm, but effectively salt the earth for any tech development in London and the UK at large,” Meredith Whittaker, president of not-for-profit secure messaging app Signal told The Standard.
[…]
“No-one, including WhatsApp, should have the power to read your personal messages,” Will Cathcart, head of WhatsApp at Meta told The Standard.
[…]
Element chief executive and chief of technology Matthew Hodgson told The Standard, “The Online Safety Bill is effectively giving the Government the remit to put a CCTV camera in everybody’s bedrooms, and the way people use their WhatsApp today is pretty personal — people use messaging apps more than they communicate with people in person.”
The Evening Standard also takes time to note some hypocrisy contained in the bill. Whatever burdens are placed on encrypted services won’t affect the legislators pushing this bill. They’ll still be free from snooping, even if none of their constituents are.
The Online Safety Bill concerns only online messages sent by UK citizens and residents, but not anything sent on messaging apps by law enforcement, the public sector, or emergency responders.
This is handy, given that The Standard understands that up to half of Government communications are still being sent over consumer apps like WhatsApp.
The UK government continues to insist — despite all the evidence it has provided to the contrary — that it’s not interested in breaking encryption, installing backdoors, or otherwise undermining users’ privacy and security. But its protestations are inept and absolutely not backed by any of the wording in the bill, which contains mandates that would absolutely do the things the bill’s defenders insist it won’t.
The opposition to the bill has gone from cacophonous to deafening in recent days. As Natasha Lomas reports for TechCrunch, a group of 68 security researchers have offered up their group opposition to the Online Safety Bill in a letter [PDF] that briefly, but incisively, points out the flaws in the legislation.
Here’s that letter’s take on client-side scanning — just one of several problematic mandates:
A popular deus ex machina is the idea to scan content on everybody’s devices before it is encrypted in transit. This would amount to placing a mandatory, always-on automatic wiretap in every device to scan for prohibited content. This idea of a “police officer in your pocket” has the immediate technological problem that it must both be able to accurately detect and reveal the targeted content and not detect and reveal content that is not targeted, even assuming a precise agreement on what ought to be targeted.
[…]
We note that in the event of the Online Safety Bill passing and an Ofcom order being issued, several international communication providers indicated that they will refuse to comply with such an order to compromise the security and privacy of their customers and would leave the UK market. This would leave UK residents in a vulnerable situation, having to adopt compromised and weak solutions for online interactions.
That’s actually the smaller (and shorter) of the two open letters issued in the past few days by security researchers. The second letter [PDF] contains seven pages of signatories from all over the world, as well as a more in-depth critique of the extremely flawed proposal.
The letter notes the issues scanning for CSAM using hashes already poses: namely, that hashes can be altered to avoid detection and that false positives still happen frequently. Now, take these existing problems, scale them to the nth degree, and throw some AI into the mix. This is what’s awaiting UK residents if the bill passes with the client-side scanning/encryption-breaking mandates in place:
At the scale at which private communications are exchanged online, even scanning the messages exchanged in the EU on just one app provider would mean generating millions of errors every day. That means that when scanning billions of images, videos, texts and audio messages per day, the number of false positives will be in the hundreds of millions. It further seems likely that many of these false positives will themselves be deeply private, likely intimate, and entirely legal imagery sent between consenting adults.
This cannot be improved through innovation: ‘false positives’ (content that is wrongly flagged as being unlawful material) are a statistical certainty when it comes to AI. False positives are also an inevitability when it comes to the use of detection technologies — even for known CSAM material.
Not only will the government be able to sift through all of this, if anything gets flagged, it will also get to sift through all of these personal messages even when the AI is wrong about what it thought it had observed. Narrowly targeted scanning only in situations where some evidence already exists that CSAM is being distributed could limit the collateral damage, but nothing in the bill or in supporters’ statements indicate the government is interested in any process that doesn’t give it the opportunity to collect it all.
Then there’s the mission creep, which is always present when a government expands its surveillance powers.
Even if such a CSS system could be conceived, there is an extremely high risk that it will be abused. We expect that there will be substantial pressure on policymakers to extend the scope, first to detect terrorist recruitment, then other criminal activity, then dissident speech. For instance, it would be sufficient for less democratic governments to extend the database of hash values that typically correspond to known CSAM content (as explained above) with hash values of content critical of the regime. As the hash values give no information on the content itself, it would be impossible for outsiders to detect this abuse. The CSS infrastructure could then be used to report all users with this content immediately to these governments.
Even if the UK government would never do this (and no one believes it wouldn’t), a Western nation with “liberal” values (as in enshrined human rights, etc.) passing this sort of law would embolden far less liberal nations to expand their domestic surveillance programs under the pretense of making the internet safer and/or detecting CSAM.
Whether or not all of this opposition will make a difference remains to be seen. So far, the steady stream of criticism and promises to exit the market haven’t managed to alter the bill’s mandates in any significant manner. Maybe the EU’s recent abandonment of encryption-breaking mandates in its internet-targeting legislation following months of criticism will force UK lawmakers to rethink their demands. Then again, this is the same government that decided it didn’t want to be part of any club that would accept it and Brexited its way into the wrong side of history.
If anyone can call a government’s bluff, it’s Signal. It’s a nonprofit, which means it doesn’t need to make a bunch of shareholders happy by capitulating to ridiculous government demands in order to retain market share.
Governments really can’t threaten Signal. It doesn’t collect or retain user information, so it can’t hand this data over no matter how much or how hard government agencies demand it.
When governments start threatening to undermine or criminalize encryption, the encrypted messaging service is more than willing to walk away from those markets, rather than weaken/remove encryption just so it can keep serving users in these countries. While that doesn’t do much good for Signal users in countries where encryption is being eyed for vivisection, it does protect the rest of its users everywhere else in the world. Once encryption is undermined — no matter where it takes place — it threatens the security and privacy of every user.
The government of India has been steadily increasing its direct control of the internet, including social media and messaging services. To achieve this control, the Indian government needs to backdoor or ban encryption. In response to this threat, Signal has promised to exit the market, rather than produce a weaker (or unencrypted) version of its service for the Indian market, which is one of the world’s largest.
The UK government is now receiving the same declaration from Signal the Indian government did when it started directly threatening encryption. The UK government has been trying to undermine encryption for years, with each passing year bringing with it new proposals and new levels of desperation from legislators.
Asked if the Online Safety Bill could jeopardise their ability to offer a service in the UK, [Signal president Meredith Whittaker] told the BBC: “It could, and we would absolutely 100% walk rather than ever undermine the trust that people place in us to provide a truly private means of communication.
“We have never weakened our privacy promises, and we never would.”
The UK government, however, continues to live in denial. It claims its proposed changes to the Online Safety Bill would not “ban end-to-end encryption.” That may be so but the proposal is intended to weaken end-to-end encryption by either compelling encryption-breaking by providers or creating backdoors for law enforcement access. As usual, the government claims this is for the children.
“The Online Safety Bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety – especially the safety of children online.
“It is not a choice between privacy or child safety – we can and we must have both.”
Except that it is. And the choice isn’t about privacy, it’s about security. You can either have a secure system or you can have this fairy tale lots of government officials believe: something that allows cops in but keeps bad guys out.
[Whittaker] added: “Encryption is either protecting everyone or it is broken for everyone.”
She said the Online Safety Bill “embodied” a variant of this magical thinking.
And the government knows this. Last year, its own Information Commissioner’s Office issued its own report on the government’s encryption war, coming down firmly on side of strong, uncompromised encryption… for the children.
“E2EE [end-to-end encryption] serves an important role both in safeguarding our privacy and online safety,” said Stephen Bonner, the ICO’s executive director for innovation and technology. “It strengthens children’s online safety by not allowing criminals and abusers to send them harmful content or access their pictures or location.”
If you want to protect children, the last thing you should do is weaken the encryption that protects their connections and communications. That’s the point the ICO made. But the other parts of the government seem to think they know best and are ignoring this advice to press forward with efforts intended to weaken or backdoor encryption.
If the UK government won’t listen to the UK government, maybe it will listen to the UK government? Plenty of its employees like to use encrypted services featuring self-destructing messages (including Signal), presumably to keep their communications out of the hands of public records requesters. Will these legislators and officials be willing to work against their own interests by chasing Signal out of the country with anti-encryption mandates? Or will they decide to safeguard their own interests (and the some of the public’s interests too, albeit inadvertently) by shutting down these proposals before the become law?
