Future Tense

How Did Investigators Read James Wolfe’s Signal Messages?

Former security director of the Senate Intelligence Committee James A. Wolfe was arrested for lying to the FBI.
Former security director of the Senate Intelligence Committee James A. Wolfe was arrested for lying to the FBI. Brendan Smialowski/AFP/Getty Images

On Thursday night, former Senate Intelligence Committee aide James A. Wolfe was arrested for allegedly lying to the FBI during a leak investigation. According to the indictment, Wolfe repeatedly denied providing classified information to four journalists regarding sensitive topics like the Russia investigation. The FBI alleges it found proof that Wolfe in fact used encrypted messaging apps to communicate with the reporters. (Ali Watkins, who covers national security for the New York Times, reportedly had years’ worth of email and phone records seized by the Justice Department.)

Journalists were dismayed to discover that prosecutors were actually able to quote the Signal messages in the indictment. Wolfe allegedly wrote to one reporter, “Good job!” and “I’m glad you got the scoop.” The reporter messaged back, “Thank you. [MALE-1] isn’t pleased, but would deny that the subpoena was served.” Signal is generally regarded as one of the most secure encrypted messaging apps available, and many reporters rely on its services to communicate with confidential sources. So does this indictment proof that Signal isn’t as protected as we all thought?

As SlashGear and others have pointed out, Signal does offer robust end-to-end encryption, which ensures that only the people involved in a chat can see the messages. But it does not automatically delete messages from your devices. It’s unclear how exactly investigators were able to retrieve the messages in this case, but they could have theoretically seized a phone belonging to Wolfe or one of the reporters and simply read the messages on the app.

The best way to safeguard against snoopers is to turn on Signal’s “Disappearing Messages” feature every time you start a new chat, which lets users determine how long messages will be retained in the app after they’ve been sent or received. You can also manually delete all of your chat history. It’s also important to make sure the person you’re communicating with has this setting enabled and isn’t taking pictures of your chats.

This is the second time this week that we’ve learned of a Washington insider attempting to use an encrypted app, only to discover that investigators had found a workaround. On Monday, special counsel Robert Mueller filed court documents accusing former Trump campaign chairman Paul Manafort of using Telegram and WhatsApp to engage in witness tampering. Investigators were able to read backups of the conversations on his iCloud. The people he was trying to securely contact also ended up just handing investigators the messages.