The Signal I Was Waiting For
...my kingdom for a STU/STE App...
As I mentioned on X yesterday, one of the hardest disciplines—and one I fail at regularly—is to wait at least 24 hours until forming an opinion with breaking news that seems sexy. When the issue is highly political and being pushed by questionable characters, one should wait even longer. This approach paid off with the Signal issue Jeffrey Goldberg raised in The Atlantic earlier this week.
Depending on the jersey you wear, there was a mad rush to validate one’s priors via assuming the worse, or dismissing the possible…as we usually see in such breaking events.
I had a little fun with it on X, but in the back of my head I remembered the wisdom of holding back as I described at the top of the post. Glad I did.
Before outlining where I stand this Thursday AM, let’s back up a bit.
Years ago, I had a person ask me, “Are you on Signal?” I wasn’t, but knew of the program. So, I loaded it on my iPhone and was able to pick up the conversation with them from there.
After our conversation, I dug around for some more details on it, and then reached out to a Navy cryptologist-type for his opinion. He was very clear with me: “This is legit.” All the endorsement I need.
I’ve been using it since as needed for years. For those who are not familiar with it, it essentially uses the same interface you have with other messaging/texting programs…it just has end-to-end encryption and asks for your pin now and then. The great thing about end-to-end encryption is that your line/transmission path does not have to be secure.
After my first use, a half decade ago or so, I thought, “I bet the National Security Agency has a government-only version of this for use by important people. I see a lot of very senior people using smart phones, and there is no way we would have these people just ride on the back of a civilian app like Signal, regardless of how good it is. Something like a STU/STE-Phone App for a smart phone. It is the 21st Century, after all.”
Well, Tuesday night, CIA Director Ratcliffe let me know my assumption was wrong. You can watch the video below, but the game was up at the 2:16 mark.
“One of the first things that happened after I was confirmed as CIA director, Signal was loaded on to my computer at the CIA, as it is for most CIA officers. One of the things I was briefed on very early Senator, was by the CIA records management folks about the use of Signal as a permissible work use.”
Well, that made a few things clear to me:
No, the government never created its own version of Signal. A stupid and lazy mistake.
Signal was authorized and encouraged to be used even up to the highest level since at least the Biden Administration.
Records Act concerns are covered.
Number 2 and 3 above were the first concerns I had with this outside the initial reports that “classified war plans” were shared.
Was Signal authorized and did it meet records requirements? They were told yes to both, and it appears that using Signal had been accepted use for years, so off they went. So, green light here.
Sorry, once a Navy Information Systems Security Officer (ISSO), always an ISSO.
The second thing that came to mind was a concern with what controls were being made on who you were communicating with. As everyone was told to use the garden variety of Signal, this was a free-play. Eventually, someone was going to make the mistake in adding the wrong people from their contacts list to Signal. This event was only a matter of time. So, yellow light here.
Then the question was what were you discussing over it? What were people told were the upper limits? This is important, as you’d be amazed the level of things I’ve heard discussed over a round of golf in front of Buddha and everyone.
In the larger testimony below both the CIA Director and DNI both confirmed that nothing classified was in the exchange.
They testified in open-session to Congress. If they are lying, which I don’t think they are, they would have larger problems. Technically, there were no classified materials attached to the Signal chat, correct. After their testimony the full exchange was released by Goldberg. Now we get into a flashing red area.
Were there things with classification levels stamped at the top and bottom of documents attached? No. Were things discussed that you would not put in NIPRNET emails but would shift to SIPRNET or higher systems? Does it depend on the definition of what “is” … is?
Again, what is the direction and guidance for official use of Signal? Does one even exist, or are we handing out scissors at a track meet?
Well…we’ll cover more of this down thread.
There are two serious problems here that I see:
Who invited and then fat-fingered Jeffrey Goldberg into the Signal chat. That was most likely an innocent human error, but needs to be answered.
Goldberg, an uncleared person, received 2-hours notice of upcoming strikes.
As covered in his article, Goldberg said he received a request from Waltz to connect on Signal, and then a couple of days he was invited to the chat.
It sounds to me like it was a different “JG” that Waltz wanted. Some have speculated it was supposed to be U.S. Trade Representative Jamieson Greer, but who knows. That one attention to detail fail, on par with talking on a STU/STE on speaker with the door open with the spouses club walking past your door, started all that follows.
We’ve all invited the wrong person when building group chats and invites. By myself and others, I can think of a half-dozen events over the years, but nothing more serious than cat pictures were exchanged. Of course, if the government made its own Signal equivalent, safeguards would have been in place to prevent Goldberg’s number being added—if properly designed—but we are expecting too much of the bureaucracy, I guess. A proper interface would mitigate this risk. Our bloated and distracted bureaucracy never made the effort, and here we are.
Early on in this kerfuffle, we did not have all of the chat exchange, but now we have the full, unredacted exchange. Let’s dive in and see the full picture:
Well, we now know it was National Security Advisor Waltz or his staff who made the human error of the initial invitation to connect on Signal and then join the group to Goldberg…but bad on everyone on the chat. I don’t know about you, but when I find myself in a group chat on Signal or anywhere else, I check who is on it. If I can’t tell who someone is, I ask, usually DM’n the person who started it. Just good communications hygiene, but it is a best practice, not a requirement.
Nothing classified there but…if you are going to play at this level, full names please.
What’s next?
Here was the first opportunity for everyone to get your “GREEN NET” vs. “RED NET” straight. From Waltz, “…in your high side inboxes.” BZ to Waltz. He knew this was encrypted, but not approved for highly classified material. No classified attachments, thank goodness.
Considering all that follows, that is where the rest of the conversation should have taken place. Yes, I can sea-lawyer that “no classified information was exchanged”, but only if I am very generous due to one point we’ll get to in a bit.
First some good things.
A little “creative friction” pushback from the VP. OK. Good staff officer 101 going on here from him, Kent, and Ratcliffe...but…still: this is Signal with people on the net who should not be. Not quite but perhaps BEADWINDOW 02.
I know Ratcliffe mentioned the CIA team told him he was good-to-go for Signal, but I will repeat myself here and in other places on this post out of frustration: is there any guidance on specific limitations in what is or is not authorized on Signal?
Again, Goldberg in the chat is the problem here. A nod of respect for him not putting this out early. This is the big takeaway here…we need a better way to let our leaders coordinate in a modern manner with modern time expectations.
Nothing in the above about Europe we have not discussed here and on the Midrats Podcast for two decades. I’m still cringing the lack of INFOSEC sanitation…but here we are.
That said, good on Waltz for the correction and reminder that the USA with its Navy is the indispensable nation. Not bad for an Army guy.
I’m a bit embarrassed for Europe here, but they know this, and they have been told this to their face in open source SEPCOR. Nothing shocking. At this point, the old staff officer in me is begging someone, anyone, to say—let’s take this to the high-side…but maybe this is normal practice the last half-decade? IDK, but it all makes me itchy.
The next, for me, is when things clearly went over the line. Well-meaning, fair-minded, apolitical people are well within reason stating the below timeline was best not put on Signal before the strike unless there is guidance stating Signal is OK for this. If not, this was a mistake. While I understand the position of, “Never admit a mistake that makes your enemies happy”, I think here there is no problems saying, “Yeah, this was not the best practice here. Won’t happen again.” That is pretty much what the CINC said, so benchmark that and move on.
Hey, I was BEADWINDOW’d once during Desert Storm when up on RED saying what should have been on GREEN. My bust, but I learned. Never happened again in two decades.
I’m sorry SECDEF Hegseth, but we were not clean on OPSEC. You didn’t know that at the time, but that is the whole lesson we all need to learn. Thank goodness Goldberg thought he was being punked and kept this info to himself.
Chief Pentagon Spokesman Sean Parnell did say:
Yeah, this is true Sean…but we did give times. Yes, Goldberg turned his knob to 11 in places, but this isn’t a hoax. It was contained in real time and only revealed after the event, but it’s not nothing.
Not great, not terrible
The senior editor of The Atlantic was on the chat with knowledge of the strike two hours before time-on-target. This could have been VERY ugly…but, like or hate Goldberg, you have to at least give him credit for sitting on it. I do.
I know I am repeating myself, but I can’t help it. At some point is has to be clear that the principals here all were briefed that Signal was OK for communications in such circumstances. Were they so briefed, or has the permanent INFOSEC nomenklatura just not done their job? Did they do their job but were ignored? We don’t know, but we should. That would have been a good question for Congress to ask, but there was too much grandstanding in the time they had.
The most optimistic take I can form is that thanks to Goldberg’s restraint, this is simply a no-harm to the nation own-goal that has a good result. The good result is that bad guys were sent to the afterlife. The bad part is that it is clear that our government is too lazy to have an option besides Signal for senior leaders to communicate with each other in a modern way.
This as an embarrassing moment, but, but an opportunity to learn a lesson and correct it so we don’t get unlucky in the future.
This isn’t like a single individual was trying to reach a Russian oligarch on the sly or anything. This is like being told you are in a closed session but no one realized that sitting in one of the chairs against the wall, being nice and quiet, was one of the kids from a field trip to the HQ who got lost and took a seat in the back.
Some claims made early on by Goldberg have been shown to have been over the top, but that is a minor error. Goldberg has been around, but you can tell he doesn’t know much of how things work. That’s OK, even people who have spent decades as operators don’t understand everything. Goldberg claimed that the CIA director revealed a field agent’s ID in the chat. Well, now, as outlined in this clip: it was Ratcliffe’s Chief of Staff’s name.
Still amazed that no one demanded, “Hey, who is “JG”, and “S M”? I think that “TG” it Tulsi Gabbard and “MAR” is Marco Antonio Rubio, but could you confirm?”
Why are there double entries? Two phones? Who knows…but again, the whole thing just seems loose and sloppy. 19 members is not a “Small Group.” Five or so is a “Small Group.”
In the end, we got lucky. This didn’t get leaked in real-time. Thank you, Mr. Goldberg. If it were, it would at best be even more embarrassing, at worse, something else.
I do have a final nit to pick. As a former Operational Planner—and a pedant—I would like to take an issue with the use of the term, “War Plans.”
We don’t have “War Plans.” We have Operational Plans (OPLANS). They are HUGE files, usually shared as PDFs with equally HUGE PPT slide-decks that go with them. These are highly classified.
When this first broke, I thought we were in a situation where someone attacked at TS-SCI PDF or PPT slide-deck to a Signal chat, or other non-high-side medium.
That would be a big deal, but all that happened here is that senior officials were using a phone app that was loaded on their phone by their people, and were told it was approved for appropriate use.
Perhaps now we can get a government approved and firewalled secure communications app with the same functionality and end-to-end security of Signal, but doesn’t let someone in a hurry accidentally fat-finger people who should not be in conversations.
We don’t have to reinvent the wheel. This is not new territory. The only person in this group older than me is John Ratcliffe. These are all digital natives. I am sure in their private life they have patterns like I do. I will talk with (almost) everyone in normal chat. Some people there and on Signal, others only on Signal. Some on regular chat and WhatsApp, others only on WhatsApp. It all depends on context and content. We can do this.
Have we seen a great moment in national security statecraft? No.
Do we have an opportunity to tighten up how our leaders communicate? Yes.
Should anyone lose their job over this? That is the CINC’s call, and I think he’s made it.
We all like to protest against a no-defect command climate, so … perhaps everyone is getting a mulligan here because, in the end, nothing leaked early.
As for me, I’m ready to move on. I hope we don’t throw the baby out with the bathwater and ban Signal use, that is counterproductive. Hopefully there is some action being taken to get a bespoke communications app appropriate to the people and their position.
For everyone else: in your personal and professional life, practice good communications hygiene. Don’t be a walking tempest hazard.
Great info. There are some other plausible theories, e.g.,: "Let me summarize for those new to these performances: (1) The CIA tech team organized the Signal App operation (directory manipulation). That’s how Goldberg got in. (2) Jeffrey Goldberg held the story until the day before the scheduled SSCI hearing. (3) The SSCI uses the hearing to attack the Trump officials at the top of the critical silos.
Why? The CIA group doesn’t like the Trump Ukraine and Trump Russia policy." --@thelastrefuge2
" one of the hardest disciplines...is to wait at least 24 hours until forming an opinion with breaking news that seems sexy"
Bingo! one of my FB friends who is left of center asked me why I hadn't posted on FB anything about the Signal controversy while posting other items "trashing the Democrats" As I explained I had been on vacation (and attending my son's wedding) when the story broke. I told him I would post something once I had gathered information about it. and like you it has been well worth the wait as i've gathered numerous pieces such as this one which are providing me with a fuller view of the situation.
Keep up the good work Sal