Read and weep. It is just Security Theatre.
Remember, Security is Hard, and no one wants to do it properly, because that requires effort and is inconvenient.
The #Defense Dept inspector general’s office said Thurs that it will scrutinize top #Trump admin officials’ use of #Signal, an unclassified messaging app to coordinate a highly sensitive #military operation last month in Yemen, complying with a request from #Republicans & #Democrats in #Congress.
#Trump #NationalSecurity #OpSec #SignalGate
https://www.washingtonpost.com/national-security/2025/04/03/trump-signal-chat-inspector-general/
My god, I just realized one of the simplest opsec things you can do (something I've been doing for years and don't even think about anymore) is set your browsers to open links in private/secure instances AS A DEFAULT.
If it needs to be opened in a window that you want to keep open or bookmark, you can always manually copy and paste it.
It makes no sense to be using a secure shared tool like cryptpad, if you're just gonna open it where you're logged in as you.
Remember the #SocialEngineering motto:
If there are people, there are security holes.
OPSEC Disaster at the Top: How Michael Waltz Just Compromised U.S. National Security—AGAIN! 
While the Trump administration lectures about digital security, National Security Adviser Michael Waltz has been using Gmail to coordinate military operations and sharing after-action strike reports in Signal group chats that accidentally included a journalist.
Let’s be clear:
・Personal Gmail was used to discuss weapons systems & troop movements
・Israeli surveillance was exposed—jeopardizing a key intelligence partnership
・Sensitive coordination went through Signal, not JWICS
・Waltz, who attacked Hillary Clinton for email practices, is now guilty of worse
This is not a technical mistake. It’s a policy failure, a hypocritical breach, and a serious threat to U.S. operational integrity.
If you lead in national security, you do not get to bypass your own secure systems. And you certainly don’t blame “legacy contacts” when you get caught.
Accountability isn’t partisan. It’s essential.
“Unless you are using #GPG, email is not end-to-end encrypted, & the contents of a message can be intercepted & read at many points, including on Google’s email servers,” said Eva Galperin, director of #cybersecurity at the Electronic Frontier Foundation.
#NationalSecurity experts have expressed alarm over the #Trump admin’s denial that the leaked #Signal chat contained #classified information.
Data #security experts have expressed alarm that US #NationalSecurity professionals are not…[just]…using the govt’s suite of secure encrypted systems for work communications such as JWICS, the Joint Worldwide Intelligence Communications System.
Most concerning, however, is the use of personal email, which is widely acknowledged to be susceptible to hacking, spearfishing & other types of digital compromise.
Is GCHQ using Signal too?
Bssic Opsec just ignored. This should have never happened.
The use of personal email, even for unclassified materials, is risky given the premium value foreign #intelligence services place on the communications & schedules of senior govt ofcls, such as the #NationalSecurity adviser, experts say.
…Waltz has also created & hosted other #Signal chats w/Cabinet members on sensitive topics, including on #Somalia & #Russia’s war in #Ukraine, said a senior #Trump admin official.
#MikeWaltz has had less sensitive, but potentially exploitable information sent to his #Gmail, such as his schedule & other work documents, said ofcls, who, like others, spoke on the condition of anonymity to describe what they viewed as problematic handling of information. The ofcls said Waltz would sometimes copy & paste from his schedule into #Signal to coordinate meetings & discussions.
A snr #MikeWaltz aide used the commercial email service for highly technical conversations w/colleagues at other govt agencies involving sensitive #military positions & powerful #weapons systems relating to an ongoing conflict, acc/to emails reviewed by WaPo. While the #NSC official used his #Gmail account, his interagency colleagues used govt-issued accounts, headers from the email correspondence show.
The use of #Gmail, a FAR LESS secure method of communication than the encrypted messaging app #Signal [which isn’t secure enough for these kinds of comms either], is the latest example of questionable #security practices by top #NationalSecurity ofcls already under fire for the mistaken inclusion of a journalist in a group chat about high-level planning for #military ops in Yemen.
Members of #Trump’s #NationalSecurity Council #NSC, including WH #NationalSecurity adviser #MikeWaltz, have conducted govt business over personal #Gmail accounts, acc/to documents reviewed by WaPo & interviews with three #US officials.
There are some saying that movie theatres are dead.
But the Security Theatre is still alive.
And the admission is free. /s
https://www.theverge.com/news/640422/google-gmail-email-encryption-enterprise-beta
Unsurprisingly, it keeps getting worse
#MikeWaltz & staff used #Gmail for government communications
#Trump’s #NationalSecurity adviser is trying to manage his way out of a crisis. But new revelations about his team’s operational security are piling up.
#Signalgate #Signal #OpSec #military #idiocracy #kakistocracy
https://www.washingtonpost.com/national-security/2025/04/01/waltz-national-security-council-signal-gmail/
The Trump Administration's astonishing security lapse may be much greater than anybody realizes... Putting Signalgate in context of Salt Typhoon.
#Espionage #Infosec #OpSec #Signal
https://www.spytalk.co/p/cia-ops-veteran-calls-signal-scandal
The NSC should issue a flipphone to Waltz.
You know, for security reasons.
