Mike Waltz Accidentally Reveals App Govt Uses to Archive Signal Messages

Original Article ↗ Hacker News Discussion ↗

What TM SGNL / TeleMessage Is

  • Commenters identify “TM SGNL” as a TeleMessage product: a Signal-like client that adds message archiving for compliance.
  • It’s described as off‑the‑shelf software originally from an Israeli company, later acquired by a U.S. firm (Smarsh).
  • The app appears to mimic the Signal UI while routing copies of messages to archiving backends (e.g., via SMTP to services like Global Relay).

Government Use & Archiving Requirements

  • Many argue it is not just reasonable but necessary that officials’ communications be archived for legal, regulatory, and public-records reasons.
  • U.S. government contracts specifically for TeleMessage licenses (including Signal and WhatsApp archiving) are cited.
  • There’s debate whether this system was in place before the earlier “Hegseth” Signal incident or adopted only afterward.

Security, E2E, and Clones

  • Several note that using a forked/archiving client does not break Signal’s end‑to‑end encryption in transit; it changes what the endpoint does (it forwards/decrypts and uploads).
  • Others view this as defeating the whole point of using Signal, especially when used on ordinary phones vulnerable to compromise.
  • Commenters emphasize that Signal is considered fine for non‑classified government chatter (“meet at the SCIF”), but inappropriate for classified details.

Foreign Vendor & Espionage Concerns

  • Multiple comments are alarmed that an Israeli-origin product is in the loop for U.S. national security communications, given Israel is treated as an ally but also a serious intelligence actor.
  • One commenter points to TeleMessage’s team page and address, claiming many “ex” Israeli intelligence officers are involved and suggesting this could grant extraordinary visibility into U.S. officials’ chats. Others do not verify this but treat it as deeply concerning if true.

Licensing, Legality, and Signal Policy

  • There’s an extended side discussion about whether TeleMessage’s proprietary Signal-like clients comply with Signal’s AGPL license, and how AGPL obligations apply to government or enterprise deployments; status is described as unclear.
  • Commenters critique Signal’s own priorities (e.g., MobileCoin, lack of multi-device on Android tablets, phone-number requirement) and note alternative forks like Molly and Session, though those too draw criticism.
  • Some suggest Signal should itself sell compliant, auditable archiving forks to governments, while others warn this would give governments dangerous leverage over Signal’s funding and direction.

Broader Opsec & Competence Critiques

  • Many comments ridicule the operational security on display: visible chats in front of cameras, adding unintended participants, and using consumer-like apps instead of existing secure channels and SCIFs.
  • There is cynicism that officials are ignoring established classified-communications systems in favor of convenient apps on insecure hardware.