Former National Security Advisor Mike Waltz was spotted using an archiving app, made by Israeli firm TeleMessage, for Signal messages on the very day he was relieved of his duties, raising eyebrows and sparking security concerns.
Images from a cabinet meeting circulated online showing Waltz using what appeared to be Signal. However, a closer look revealed he was using TeleMessage’s “Signal Capture,” an app designed to archive messages for governments and corporations. A popup on Waltz’s phone screen read “Verify your TM SGNL PIN,” confirming it wasn’t the standard Signal app.
This incident has ignited a debate about data security, especially considering the app’s ties to Israeli intelligence and the potential vulnerabilities introduced by exfiltrating data to external servers.
The White House has not commented on whether it contracted TeleMessage to address record-keeping concerns after a previous incident where sensitive information was shared on an auto-erasing chat.
Freddy Martinez, a surveillance researcher at Lucy Parsons Labs, emphasized the importance of secure government record-keeping. “Just ‘archiving’ them using a shady software vendor is not a real plan,” he stated, highlighting the increased risk of data breaches when using unofficial versions of secure apps.
TeleMessage: Ties to Israeli Intelligence
TeleMessage, founded in 1999, has several employees with backgrounds in Israeli military intelligence. CEO Guy Levit, for instance, headed planning and development for an elite IDF intelligence unit. This connection raises concerns given Israel’s history of espionage in the United States.
The company offers governments and businesses the option to automatically send copies of messages to servers on-site or in the cloud. Security experts warn that this introduces a greater risk of unauthorized access compared to the standard Signal app with its end-to-end encryption.
Vulnerability Concerns
U.S. national security officials’ smartphones are prime targets for spyware. While Signal’s encryption is strong, it’s only as secure as the device itself. TeleMessage’s app, by copying messages to other servers, potentially increases vulnerability.
A Signal spokesperson stated, “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”
Government Contracts
TeleMessage has a history of contracting with the Department of State and Health and Human Services. While the company acknowledges working with US agencies, it would not confirm or deny any contracts with the White House.
This incident underscores the critical need for robust cybersecurity measures and careful selection of secure communication tools, particularly within government.