On March 24, 2025, The Atlantic's editor-in-chief Jeffrey Goldberg found himself unexpectedly added to a Signal group by National Security Advisor Mike Waltz. The group included Vice President JD Vance, Defense Secretary Pete Hegseth, and other senior officials — and they were actively discussing the timing, targets, and weapons for imminent airstrikes on Houthi forces in Yemen. Dubbed "Signalgate," the incident triggered a global conversation about encrypted messaging and government security practices.
1. Signalgate: What Happened
The central irony: Signal's encryption worked perfectly. The leak was entirely the result of human error.
- March 11: Waltz creates a Signal group to coordinate the Yemen airstrike operation
- March 11–15: Officials share sensitive operational details including F-18 sortie times and target coordinates
- March 15: Airstrikes execute. Goldberg, still in the group, realizes the messages described a real operation
- March 24: The Atlantic publishes the story, shocking the US political establishment
Investigation revealed Waltz had the wrong contact saved — a name similar to a colleague mapped to Goldberg's account instead. The incident led to congressional hearings and raised serious legal and security questions about using commercial apps for classified discussions.
2. How Signal's Encryption Works
Signal uses the open-source Signal Protocol — also adopted by WhatsApp and iMessage — built around the Double Ratchet algorithm:
- Forward Secrecy: Every message uses a different encryption key. Even if today's private key is compromised, past messages remain unreadable
- End-to-End Encryption: Messages are encrypted before leaving your device; servers only ever see ciphertext
- Per-message key derivation: Decrypting one message provides no leverage to decrypt others
Traditional messaging (SMS, most email) stores messages in plaintext or reversibly encrypted form on provider servers — accessible via court order. With E2EE, even a government subpoena to the service provider returns only encrypted gibberish.
3. Messaging App Security Comparison
| App | E2EE | On by default | Metadata protection | Open-source audit |
|---|---|---|---|---|
| Signal | ✅ Yes | ✅ Yes | ✅ Best in class | ✅ Yes |
| ✅ Yes | ✅ Yes | ❌ Meta collects metadata | ❌ Partial | |
| iMessage | ✅ Apple-to-Apple | ✅ Yes | ❌ iCloud backup risk | ❌ No |
| Telegram | ⚠️ Secret Chats only | ❌ No | ❌ No | ⚠️ Partial |
| SMS | ❌ No | ❌ No | ❌ No | ❌ No |
Important: Telegram's regular groups and channels have NO end-to-end encryption. Messages are stored on Telegram's servers and can be accessed by Telegram. Only "Secret Chats" enable E2EE — and they don't support groups.
4. What Signalgate Reveals Beyond the Headlines
Encryption can't fix human error
Signal's cryptography is world-class. The problem was never the technology — it was adding the wrong person to the group. The strongest encryption in the world can't help if the recipient is wrong.
Commercial apps vs. classified infrastructure
The US government maintains SCIFs (Sensitive Compartmented Information Facilities) and SIPRNet for classified communications. Using commercial Signal for classified discussions was itself a violation of security protocols — regardless of Signal's technical strength.
Metadata exposure
Even E2EE can't hide metadata — who communicated with whom, when, how often, and for how long. Signal minimizes metadata collection better than competitors, but can't eliminate it entirely.
Auto-delete and records law tension
The group had auto-delete enabled, which improves privacy but may violate the Federal Records Act, which requires preservation of official government communications.
5. How to Use Secure Messaging Correctly
Signal best practices
- ✅ Enable disappearing messages (set based on sensitivity — 1 week to 1 month)
- ✅ Enable Screen Security (blocks screenshots, hides content in app switcher)
- ✅ Periodically verify "Safety Numbers" with important contacts to detect man-in-the-middle attacks
- ✅ Double-check who you're adding — the definitive lesson of Signalgate
Choosing the right tool
- High-privacy needs: Signal first — full E2EE + minimal metadata collection
- Everyday communication: WhatsApp's E2EE is acceptable; be aware Meta collects metadata
- Don't discuss sensitive topics in Telegram's regular groups — they're not E2EE
- Assume anything sent via SMS could be read by a third party
6. The Encryption Backdoor Debate
Signalgate landed in the middle of an ongoing policy battle. The same administration whose officials relied on Signal's encryption was simultaneously pushing legislation that could weaken it:
- UK passed amendments to the Investigatory Powers Act in 2024, requiring companies like Apple to provide access to user data — leading Apple to suspend some encrypted features for UK users
- The EU's "Chat Control" proposal would require scanning encrypted message content, still contested as of 2026
- Cryptography experts broadly agree: backdoors for law enforcement cannot technically be restricted to "good actors" — the same vulnerability is exploitable by foreign intelligence and criminal hackers
Summary
- Signalgate was human error, not a failure of Signal's encryption — this distinction matters
- Signal Protocol's Double Ratchet provides forward secrecy and is among the strongest encryption available in commercial messaging
- Telegram's regular groups have no E2EE — don't confuse it with Signal
- E2EE protects message content; it cannot protect against adding the wrong person or metadata analysis
- The global debate over encryption backdoors will shape the future of secure communications for years to come