Siri Gets the Blame for a Journalist Being Added to a Top Secret Group Chat
Credit: Bigtunaonline / Shutterstock
Toggle Dark Mode
If you’ve been paying even the slightest attention to US politics, you’ve probably heard about the so-called “Signalgate” scandal. To recap, a group of top White House officials used the Signal messaging app to coordinate plans for a military strike and inadvertently added a journalist to the conversation.
The whole mess began when national security advisor Mike Waltz invited The Atlantic’s editor-in-chief, Jeffrey Goldberg, to a Signal chat. Goldberg at first assumed the whole thing was some hoax or scam until US defense secretary Pete Hegseth posted specific timings for an air strike on Houthi terrorists in Yemen — and those attacks happened as described.
Politics aside, the whole scenario of top-level officials using a consumer-grade messaging app to discuss classified attack plans remains absurdly hilarious — and I write this as someone who has worked under a high-level security clearance in my former career. I’m well familiar with the communication systems these folks should have been using. It should go without saying that a personal iPhone isn’t on that list, but in case there was any doubt, the results of the White House’s investigation demonstrate at least one of the reasons why — and it’s even more ridiculous.
Although Signal prides itself on being a “zero knowledge” end-to-end encrypted messaging app, that only applies to messages while they’re in transit. The endpoints are still vulnerable; if someone has access to one of the smartphones in a Signal conversation, they can read that chat just as easily as the phone’s owner can. So can any spyware running on that phone, and while most normal people aren’t likely to be the targets of mercenary spyware like Pegasus, government officials most certainly are.
The probability of having Pegasus land on your personal iPhone goes up by an order of magnitude when you’re the Secretary of Defense or the Vice President of the United States — both of whom were participants in this Signal chat.
However, that’s not how Jeffrey Goldberg ended up in this top-secret chat. No nefarious hacking or spyware methods were involved here. He was invited to the chat by Mike Waltz. Of course, Waltz didn’t knowingly invite a journalist into the chat; while he admitted it had happened from his iPhone, he told Fox News host Laura Ingraham in an interview that Goldberg’s number had been “sucked” into his phone, describing it as a situation where he “had somebody’s contact that shows their name and then you have somebody else’s number.”
“Of course, I didn’t see this loser in the group. It looked like someone else,” Waltz added. “The person I thought was on there was never on there.”
Ingraham seemed a bit skeptical of that explanation during the interview, but an investigation by White House officials into precisely how Goldberg ended up in the chat has confirmed Waltz’s claims while also explaining how it may have happened.
An exclusive report from The Guardian has shared the results of a “forensic review” by the White House information technology office, which found that Waltz’s iPhone did indeed have Goldberg’s number mistakenly listed under the name of a person who Waltz would have been trying to add to the chat.
The culprit? Siri. Or, more specifically, Siri’s contact suggestions feature, which helpfully offers to add a phone number for what it thinks is a related contact.
According to The Guardian’s sources, described as “three people briefed on the internal investigation,” Jeffrey Goldberg had emailed the Trump campaign in October for comment on a story. Mike Waltz was looped into a conversation thread that also included Brian Hughes, who went on to become the spokesperson for the National Security Council.
Goldberg’s email was forwarded to then Trump spokesperson Brian Hughes, who then copied and pasted the content of the email – including the signature block with Goldberg’s phone number – into a text message that he sent to Waltz, so that he could be briefed on the forthcoming story.
The Guardian
Waltz reportedly never called Goldberg, but because Goldberg’s number appeared in a text message from Brian Hughes, Siri offered to add it to Hughes’ contact card. At least, that’s what forensic investigators believe happened.
While the investigation presumably confirmed that Goldberg’s number was on Hughes’ contact card and in the October text message from Hughes, there would be no logs or any other evidence of how it got there. The idea that it came from a Siri suggestion is an educated supposition, although it’s a very plausible explanation.
According to the White House, the number was erroneously saved during a “contact suggestion update” by Waltz’s iPhone, which one person described as the function where an iPhone algorithm adds a previously unknown number to an existing contact that it detects may be related.
The Guardian
While the phrasing above is deliberately vague, Siri does not automatically update contacts based on these suggestions. Mike Waltz (or someone else using his iPhone) would have had to approve the suggestion. However, that’s also easy to do accidentally if you’re not paying close attention.
From there, it’s not a stretch to assume that Waltz believed he was adding Brian Hughes to the Signal group chat but added Goldberg instead because that was the number on the contact card.
Of course, this demonstrates another good reason why using a personal iPhone for sensitive communications is a bad idea. The Guardian notes that “the White House had authorized the use of Signal, largely because there is no alternative platform to text in real time across different agencies,” according to its sources. However, while previous administrations have used Signal for casual conversations, information security policies make it clear that it shouldn’t be used for extremely sensitive communications, much less classified military operations. There’s a world of difference between “Let’s do lunch” and “Here’s when the F-18s are going to strike.”
Any long-time iPhone user can easily give Mike Waltz the benefit of the doubt for making an honest mistake. It’s 100% understandable for anyone who has ever used an iPhone, and adding Siri to the mix makes such gaffes even more likely. However, these mistakes can’t be made on the secure communication systems that are supposed to be used by high-level government officials as they’re closed systems where it’s impossible to include someone who doesn’t have the necessary security clearance — and Siri isn’t allowed anywhere near them.
The lesson everyday users can take away from Waltz’s mistake is to always double-check who you’re adding to a group chat. While most of us aren’t planning military air strikes on our iPhones, it can be awkward on a more personal level if you spoil someone’s big surprise party by inadvertently including them in the planning chat.
