Last week, National Security Advisor Michael Waltz inadvertently invited a journalist to a Signal chat discussing a planned military strike. Today, a new Washington Post report says that he has also discussed “sensitive military positions and powerful weapons systems relating to an ongoing conflict,” using his personal Gmail account.

Waltz, along with other members of the National Security Council, used Gmail “for highly technical conversations with colleagues at other government agencies,” according to emails the Post saw, with headers showing that others on the emails used their government-issued accounts. Waltz also had “less sensitive, but potentially exploitable information sent to his Gmail,” like his schedule and “other work documents,” some unnamed government officials told the outlet. The Post quotes National Security Council spokesman Brian Hughes saying, “Waltz didn’t and wouldn’t send classified information on an open account,” and that Hughes says he’s “seen no evidence of Waltz using his personal email as described.”

The Post’s report puts the adviser’s communications practices back in the spotlight after Waltz invited The Atlantic editor-in-chief, Jeffrey Goldberg, to a Signal chat about a military strike in Yemen that took place later that day. Attorney General Pam Bondi indicated that the incident probably won’t be criminally investigated in response to questions at a press conference Sunday night, while suggesting that people should be discussing “what was in Hillary Clinton’s home,” seemingly referring to the personal email server scandal that cropped up late in her last Presidential campaign.

Since then, a Wired report detailed how his public Venmo account had revealed “the names of hundreds” of his associates, including journalists and military officers. And like most of us, personal online account info for Waltz and other Trump administration officials has been found in online database leaks, including “several passwords for Waltz’s email address,” writes Spiegel International.

As it flew up toward the International Space Station last summer, the Starliner spacecraft lost four thrusters. A NASA astronaut, Butch Wilmore, had to take manual control of the vehicle. But as Starliner's thrusters failed, Wilmore lost the ability to move the spacecraft in the direction he wanted to go.

He and his fellow astronaut, Suni Williams, knew where they wanted to go. Starliner had flown to within a stone's throw of the space station, a safe harbor, if only they could reach it. But already, the failure of so many thrusters violated the mission's flight rules. In such an instance, they were supposed to turn around and come back to Earth. Approaching the station was deemed too risky for Wilmore and Williams, aboard Starliner, as well as for the astronauts on the $100 billion space station.

But what if it was not safe to come home, either?

"I don't know that we can come back to Earth at that point," Wilmore said in an interview. "I don't know if we can. And matter of fact, I'm thinking we probably can't."

Starliner astronauts meet with the media

On Monday, for the first time since they returned to Earth on a Crew Dragon vehicle two weeks ago, Wilmore and Williams participated in a news conference at Johnson Space Center in Houston. Afterward, they spent hours conducting short, 10-minute interviews with reporters from around the world, describing their mission. I spoke with both of them.

Many of the questions concerned the politically messy end of the mission, in which the Trump White House claimed it had rescued the astronauts after they were stranded by the Biden administration. This was not true, but it is also not a question that active astronauts are going to answer. They have too much respect for the agency and the White House that appoints its leadership. They are trained not to speak out of school. As Wilmore said repeatedly on Monday, "I can't speak to any of that. Nor would I."

So when Ars met with Wilmore at the end of the day—it was his final interview, scheduled for 4:55 to 5:05 pm in a small studio at Johnson Space Center—politics was not on the menu. Instead, I wanted to know the real story, the heretofore untold story of what it was really like to fly Starliner. After all, the problems with the spacecraft's propulsion system precipitated all the other events—the decision to fly Starliner home without crew, the reshuffling of the Crew-9 mission, and their recent return in March after nine months in space.

I have known Wilmore a bit for more than a decade. I was privileged to see his launch on a Soyuz rocket from Kazakhstan in 2014, alongside his family. We both are about to become empty nesters, with daughters who are seniors in high school, soon to go off to college. Perhaps because of this, Wilmore felt comfortable sharing his experiences and anxieties from the flight. We blew through the 10-minute interview slot and ended up talking for nearly half an hour.

It's a hell of a story.

Launch and a cold night

Boeing's Starliner spacecraft faced multiple delays before the vehicle's first crewed mission, carrying NASA astronauts Butch Wilmore and Suni Williams launched on June 5, 2024. These included a faulty valve on the Atlas V rocket's upper stage, and then a helium leak inside Boeing's Starliner spacecraft.

The valve issue, in early May, stood the mission down long enough that Wilmore asked to fly back to Houston for additional time in a flight simulator to keep his skills fresh. Finally, with fine weather, the Starliner Crew Flight Test took off from Cape Canaveral, Florida. It marked the first human launch on the Atlas V rocket, which had a new Centaur upper stage with two engines.

Suni Williams' first night on Starliner was quite cold. Credit: NASA/Helen Arase Vargas

Sunita "Suni" Williams: "Oh man, the launch was awesome. Both of us looked at each other like, 'Wow, this is going just perfectly.' So the ride to space and the orbit insertion burn, all perfect."

Barry "Butch" Wilmore: "In simulations, there's always a deviation. Little deviations in your trajectory. And during the launch on Shuttle STS-129 many years ago, and Soyuz, there's the similar type of deviations that you see in this trajectory. I mean, it's always correcting back. But this ULA Atlas was dead on the center. I mean, it was exactly in the crosshairs, all the way. It was much different than what I'd expected or experienced in the past. It was exhilarating. It was fantastic. Yeah, it really was. The dual-engine Centaur did have a surge. I'm not sure ULA knew about it, but it was obvious to us. We were the first to ride it. Initially we asked, 'Should that be doing that? This surging?' But after a while, it was kind of soothing. And again, we were flying right down the middle."

After Starliner separated from the Atlas V rocket, Williams and Wilmore performed several maneuvering tests and put the vehicle through its paces. Starliner performed exceptionally well during these initial tests on day one.

Wilmore: "The precision, the ability to control to the exact point that I wanted, was great. There was very little, almost imperceptible cross-control. I've never given a handling qualities rating of "one," which was part of a measurement system. To take a qualitative test and make a quantitative assessment. I've never given a one, ever, in any test I've ever done, because nothing's ever deserved a one. Boy, I was tempted in some of the tests we did. I didn't give a one, but it was pretty amazing."

Following these tests, the crew attempted to sleep for several hours ahead of their all-important approach and docking with the International Space Station on the flight's second day. More so even than launch or landing, the most challenging part of this mission, which would stress Starliner's handling capabilities as well as its navigation system, would come as it approached the orbiting laboratory.

Williams: "The night that we spent there in the spacecraft, it was a little chilly. We had traded off some of our clothes to bring up some equipment up to the space station. So I had this small T-shirt thing, long-sleeve T-shirt, and I was like, 'Oh my gosh, I'm cold.' Butch is like, 'I'm cold, too.' So, we ended up actually putting our boots on, and then I put my spacesuit on. And then he's like, maybe I want mine, too. So we both actually got in our spacesuits. It might just be because there were two people in there."

Starliner was designed to fly four people to the International Space Station for six-month stays in orbit. But for this initial test flight, there were just two people, which meant less body heat. Wilmore estimated that it was about 50° Fahrenheit in the cabin.

Wilmore: "It was definitely low 50s, if not cooler. When you're hustling and bustling, and doing things, all the tests we were doing after launch, we didn't notice it until we slowed down. We purposely didn't take sleeping bags. I was just going to bungee myself to the bulkhead. I had a sweatshirt and some sweatpants, and I thought, I'm going to be fine. No, it was frigid. And I even got inside my space suit, put the boots on and everything, gloves, the whole thing. And it was still cold."

Time to dock with the space station

After a few hours of fitful sleep, Wilmore decided to get up and start working to get his blood pumping. He reviewed the flight plan and knew it was going to be a big day. Wilmore had been concerned about the performance of the vehicle's reaction control system thrusters. There are 28 of them. Around the perimeter of Starliner's service module, at the aft of the vehicle, there are four "doghouses" equally spaced around the vehicle.

Each of these doghouses contains seven small thrusters for maneuvering. In each doghouse, two thrusters are aft-facing, two are forward-facing, and three are in different radial directions (see an image of a doghouse, with the cover removed, here). For docking, these thrusters are essential. There had been some problems with their performance during an uncrewed flight test to the space station in May 2022, and Wilmore had been concerned those issues might crop up again.

Boeing's Starliner spacecraft is pictured docked to the International Space Station. One of the four doghouses is visible on the service module. Credit: NASA

Wilmore: "Before the flight we had a meeting with a lot of the senior Boeing executives, including the chief engineer. [This was Naveed Hussain, chief engineer for Boeing's Defense, Space, and Security division.] Naveed asked me what is my biggest concern? And I said the thrusters and the valves because we'd had failures on the OFT missions. You don't get the hardware back. (Starliner's service module is jettisoned before the crew capsule returns from orbit). So you're just looking at data and engineering judgment to say, 'OK, it must've been FOD,' (foreign object debris) or whatever the various issues they had. And I said that's what concerns me the most. Because in my mind, I'm thinking, 'If we lost thrusters, we could be in a situation where we're in space and can't control it.' That's what I was thinking. And oh my, what happened? We lost the first thruster."

When vehicles approach the space station, they use two imaginary lines to help guide their approach. These are the R-bar, which is a line connecting the space station to the center of Earth. The "R" stands for radius. Then there is the V-bar, which is the velocity vector of the space station. Due to thruster issues, as Starliner neared the V-bar about 260 meters (850 feet) from the space station, Wilmore had to take manual control of the vehicle.

Wilmore: "As we get closer to the V-bar, we lose our second thruster. So now we're single fault tolerance for the loss of 6DOF control. You understand that?"

Here things get a little more complicated if you've never piloted anything. When Wilmore refers to 6DOF control, he means six degrees or freedom—that is, the six different movements possible in three-dimensional space: forward/back, up/down, left/right, yaw, pitch, and roll. With Starliner's four doghouses and their various thrusters, a pilot is able to control the spacecraft's movement across these six degrees of freedom. But as Starliner got to within a few hundred meters of the station, a second thruster failed. The condition of being "single fault" tolerant means that the vehicle could sustain just one more thruster failure before being at risk of losing full control of Starliner's movement. This would necessitate a mandatory abort of the docking attempt.

Wilmore: "We're single fault tolerant, and I'm thinking, 'Wow, we're supposed to leave the space station.' Because I know the flight rules. I did not know that the flight directors were already in discussions about waiving the flight rule because we've lost two thrusters. We didn't know why. They just dropped."

The heroes in Mission Control

As part of the Commercial Crew program, the two companies providing transportation services for NASA, SpaceX, and Boeing, got to decide who would fly their spacecraft. SpaceX chose to operate its Dragon vehicles out of a control center at the company's headquarters in Hawthorne, California. Boeing chose to contract with NASA's Mission Control at Johnson Space Center in Houston to fly Starliner. So at this point, the vehicle is under the purview of a Flight Director named Ed Van Cise. This was the capstone mission of his 15-year career as a NASA flight director.

Wilmore: "Thankfully, these folks are heroes. And please print this. What do heroes look like? Well, heroes put their tank on and they run into a fiery building and pull people out of it. That's a hero. Heroes also sit in their cubicle for decades studying their systems, and knowing their systems front and back. And when there is no time to assess a situation and go and talk to people and ask, 'What do you think?' they know their system so well they come up with a plan on the fly. That is a hero. And there are several of them in Mission Control."

From the outside, as Starliner approached the space station last June, we knew little of this. By following NASA's webcast of the docking, it was clear there were some thruster issues and that Wilmore had to take manual control. But we did not know that in the final minutes before docking, NASA waived the flight rules about loss of thrusters. According to Wilmore and Williams, the drama was only beginning at this point.

Wilmore: "We acquired the V-bar, and I took over manual control. And then we lose the third thruster. Now, again, they're all in the same direction. And I'm picturing these thrusters that we're losing. We lost two bottom thrusters. You can lose four thrusters, if they're top and bottom, but you still got the two on this side, you can still maneuver. But if you lose thrusters in off-orthogonal, the bottom and the port, and you've only got starboard and top, you can't control that. It's off-axis. So I'm parsing all this out in my mind, because I understand the system. And we lose two of the bottom thrusters. We've lost a port thruster. And now we're zero-fault tolerant. We're already past the point where we were supposed to leave, and now we're zero-fault tolerant and I'm manual control. And, oh my, the control is sluggish. Compared to the first day, it is not the same spacecraft. Am I able to maintain control? I am. But it is not the same."

At this point in the interview, Wilmore went into some wonderful detail.

Wilmore: "And this is the part I'm sure you haven't heard. We lost the fourth thruster. Now we've lost 6DOF control. We can't maneuver forward. I still have control, supposedly, on all the other axes. But I'm thinking, the F-18 is a fly-by-wire. You put control into the stick, and the throttle, and it sends the signal to the computer. The computer goes, 'Ok, he wants to do that, let's throw that out aileron a bit. Let's throw that stabilizer a bit. Let's pull the rudder there.' And it's going to maintain balanced flight. I have not even had a reason to think, how does Starliner do this, to maintain a balance?"

This is a very precarious situation we’re in

Essentially, Wilmore could fully control Starliner any longer. But simply abandoning the docking attempt was not a palatable solution. Just as the thrusters were needed to control the vehicle during the docking process, they were also necessary to position Starliner for its deorbit burn and reentry to Earth's atmosphere. So Wilmore had to contemplate whether it was riskier to approach the space station or try to fly back to Earth. Williams was worrying about the same thing.

Williams: "There was a lot of unsaid communication, like, 'Hey, this is a very precarious situation we're in.' I think both of us overwhelmingly felt like it would be really nice to dock to that space station that's right in front of us. We knew that they [Mission Control] were working really hard to be able to keep communication with us, and then be able to send commands. We were both thinking, what if we lose communication with the ground? So NORDO Con Ops (this means flying a vehicle without a radio), and we didn't talk about it too much, but we already had synced in our mind that we should go to the space station. This is our place that we need to probably go to, to have a conversation because we don't know exactly what is happening, why the thrusters are falling off, and what the solution would be."

Wilmore: "I don't know that we can come back to Earth at that point. I don't know if we can. And matter of fact, I'm thinking we probably can't. So there we are, loss of 6DOF control, four aft thrusters down, and I'm visualizing orbital mechanics. The space station is nose down. So we're not exactly level with the station, but below it. If you're below the station, you're moving faster. That's orbital mechanics. It's going to make you move away from the station. So I'm doing all of this in my mind. I don't know what control I have. What if I lose another thruster? What if we lose comm? What am I going to do?"

One of the other challenges at this point, in addition to holding his position relative to the space station, was keeping Starliner's nose pointed directly at the orbital laboratory.

Williams: "Starliner is based on a vision system that looks at the space station and uses the space station as a frame of reference. So if we had started to fall off and lose that, which there's a plus or minus that we can have; we didn't lose the station ever, but we did start to deviate a little bit. I think both of us were getting a bit nervous then because the system would've automatically aborted us."

After Starliner lost four of its 28 reaction control system thrusters, Van Cise and this team in Houston decided the best chance for success was resetting the failed thrusters. This is, effectively, a fancy way of turning off your computer and rebooting it to try to fix the problem. But it meant Wilmore had to go hands-off from Starliner's controls.

Imagine that. You're drifting away from the space station, trying to maintain your position. The station is your only real lifeline because if you lose the ability to dock, the chance of coming back in one piece is quite low. And now you're being told to take your hands off the controls.

Wilmore: "That was not easy to do. I have lived rendezvous orbital dynamics going back decades. [Wilmore is one of only two active NASA astronauts who has experience piloting the space shuttle.] Ray Bigonesse is our rendezvous officer. What a motivated individual. Primarily him, but me as well, we worked to develop this manual rendezvous capability over the years. He's a volunteer fireman, and he said, 'Hey, I'm coming off shift at 5:30 Saturday morning; will you meet me in the sim?' So we'd meet on Saturdays. We never got to the point of saying lose four thrusters. Who would've thought that, in the same direction? But we're in there training, doing things, playing around. That was the preparation."

All of this training meant Wilmore felt like he was in the best position to fly Starliner, and he did not relish the thought of giving up control. But finally, when he thought the spacecraft was temporarily stable enough, Wilmore called down to Mission Control, "Hands off." Almost immediately, flight controllers sent a signal to override Starliner's flight computer and fire the thrusters that had been turned off. Two of the four thrusters came back online.

Wilmore: "Now we're back to single-fault tolerant. But then we lose a fifth jet. What if we'd have lost that fifth jet while those other four were still down? I have no idea what would've happened. I attribute to the providence of the Lord getting those two jets back before that fifth one failed. So we're down to zero-fault tolerant again. I can still maintain control. Again, sluggish. Not only was the control different on the visual, what inputs and what it looked like, but we could hear it. The valve opening and closing. When a thruster would fire, it was like a machine gun."

We’re probably not flying home in Starliner

Mission Control decided that it wanted to try to recover the failed thrusters again. After Wilmore took his hands off the controls, this process recovered all but one of them. At that point, the vehicle could be flown autonomously, as it was intended to be. When asked to give up control of the vehicle for its final approach to the station, Wilmore said he was apprehensive about doing so. He was concerned that if the system went into automation mode, it may not have been possible to get it back in manual mode. After all that had happened, he wanted to make sure he could take control of Starliner again.

Butch Wilmore and Suni Williams landed in a Crew Dragon spacecraft in March. Dolphins were among their greeters. Credit: NASA

Wilmore: "I was very apprehensive. In earlier sims, I had even told the flight directors, 'If we get in a situation where I got to give it back to auto, I may not.' And they understood. Because if I've got a mode that's working, I don't want to give it up. But because we got those jets back, I thought, 'OK, we're only down one.' All this is going through my mind in real time. And I gave it back. And of course, we docked."

Williams: "I was super happy. If you remember from the video, when we came into the space station, I did this little happy dance. One, of course, just because I love being in space and am happy to be on the space station and [with] great friends up there. Two, just really happy that Starliner docked to the space station. My feeling at that point in time was like, 'Oh, phew, let's just take a breather and try to understand what happened.'"

"There are really great people on our team. Our team is huge. The commercial crew program, NASA and Boeing engineers, were all working hard to try to understand, to try to decide what we might need to do to get us to come back in that spacecraft. At that point, we also knew it was going to take a little while. Everything in this business takes a little while, like you know, because you want to cross the T's and dot the I's and make sure. I think the decision at the end of the summer was the right decision. We didn't have all the T's crossed; we didn't have all the I's dotted. So do we take that risk where we don't need to?"

Wilmore added that he felt pretty confident, in the aftermath of docking to the space station, that Starliner probably would not be their ride home.

Wilmore: "I was thinking, we might not come home in the spacecraft. We might not. And one of the first phone calls I made was to Vincent LaCourt, the ISS flight director, who was one of the ones that made the call about waiving the flight rule. I said, 'OK, what about this spacecraft, is it our safe haven?'"

It was unlikely to happen, but if some catastrophic space station emergency occurred while Wilmore and Williams were in orbit, what were they supposed to do? Should they retreat to Starliner for an emergency departure, or cram into one of the other vehicles on station, for which they did not have seats or spacesuits? LaCourt said they should use Starliner as a safe haven for the time being. Therein followed a long series of meetings and discussions about Starliner's suitability for flying crew back to Earth. Publicly, NASA and Boeing expressed confidence in Starliner's safe return with crew. But Williams and Wilmore, who had just made that harrowing ride, felt differently.

Wilmore: "I was very skeptical, just because of what we'd experienced. I just didn't see that we could make it. I was hopeful that we could, but it would've been really tough to get there, to where we could say, 'Yeah, we can come back.'"

So they did not.

Read full article

Comments

One of the most common questions I get asked by aspiring (and current) cybersecurity professionals is what my odd niche of the universe in critical infrastructure incident response is really like, day to day. So let me give a brief overview of what my work life is like.

The first thing one needs to understand is the nature of DFIR consulting work as a whole. DFIR is an acronym for “Digital Forensics and Incident Response”. This means that we do two discrete roles in one job – technical forensic analysis of potentially compromised computers, and corporate crisis management. DFIR professionals must be excellent, seasoned analysts of disk, memory, network packet, and log data, and great computer detectives. We must also be able to triage crisis situations and deal with the human elements of a breach or hack. The combination of those two challenging skill sets is why DFIR is generally not considered an entry level cybersecurity role. Most DFIR professionals spend some time in some sort of security analyst or threat hunting role prior to making the move.

My job adds even more complexity to both halves of DFIR. Instead of working in a standard enterprise environment filled with laptops, PCs, and servers, I deal with process environments. OT environments have real life impacts on life and safety. They include the stack of digital technologies which operate water, gas, electricity, manufacturing, agriculture and transportation systems. When they fail, the consequences can be loss of life and real physical damage or contamination. Very serious, real-life stuff – and adversaries are figuring that out fast.

What that means for the digital forensics side of things is that my cases involve sometimes very strange and very old computing equipment. Legacy is prevalent in OT. I must be able to figure out forensics on computers from the 80s or 90s. I also must be able to work with low level systems like PLCs and embedded computers. I still must create timelines of modern attacks, with corroborated and court-admissible evidence. There’s little EDR, and a lot of our forensics work is quite manual. I have a soldering iron in my bag to deal with non-standard connectors.

The crisis management side of things is challenging, too. I’m dealing with real life / safety scenarios. Sometimes a customer will go out of business if their process isn’t up and running in a few hours. Sometimes there’s a risk of millions of dollars of equipment damage. Tensions and anger are understandably high. I often must act as a “marriage counselor” between teams. Some of the environments I go to are very remote, and somewhat unsafe. I carry an array of PPE. I must take industrial safety courses.

At an organization that provides retainers for multitudes of organization sizes and verticals, my day-to-day varies a lot. Sometimes there are a lot of calls, and we are frantically busy with 24-hour notice deployments to anywhere. Sometimes we have less cases ongoing, and we can work on some preparatory work for customers or research and training. Call load varies a lot based on adversary campaigns, new intel and exploits, and increasing maturity in organizations to be able to detect ongoing compromises. We respond to all sorts of cases, from insider, to commodity, to state. We must be super flexible, and we are often on the road with only a few hours’ notice. It’s definitely a stressful job.

That’s a small peek into my day-to-day life in OT DFIR. If you want to get into this space, the number one thing you must get great at beyond traditional DFIR is your knowledge of holistic industrial processes, and their hazards and mitigations. Industrial processes are not one device, and industrial cyberattacks are not one enterprise exploit. You must spend time really understanding systems-of-systems, and be ready for challenging, stressful, old school work.

It’s needed, though. Adversaries are learning the value of building attack capabilities to reach out and touch industrial systems for both espionage and sabotage, and it bodes poorly for the future.

Hope this helps, and see some of you this week at Cyphercon Milwaukee! It will be my last US conference indefinitely.

debug-gym

New paper and code from Microsoft Research that experiments with giving LLMs access to the Python debugger. They found that the best models could indeed improve their results by running pdb as a tool.

They saw the best results overall from Claude 3.7 Sonnet against SWE-bench Lite, where it scored 37.2% in rewrite mode without a debugger, 48.4% with their debugger tool and 52.1% with debug(5) - a mechanism where the pdb tool is made available only after the 5th rewrite attempt.

Their code is available on GitHub. I found this implementation of the pdb tool, and tracked down the main system and user prompt in agents/debug_agent.py:

System prompt:

Your goal is to debug a Python program to make sure it can pass a set of test functions. You have access to the pdb debugger tools, you can use them to investigate the code, set breakpoints, and print necessary values to identify the bugs. Once you have gained enough information, propose a rewriting patch to fix the bugs. Avoid rewriting the entire code, focus on the bugs only.

User prompt (which they call an "action prompt"):

Based on the instruction, the current code, the last execution output, and the history information, continue your debugging process using pdb commands or to propose a patch using rewrite command. Output a single command, nothing else. Do not repeat your previous commands unless they can provide more information. You must be concise and avoid overthinking.

Via Import AI

Tags: prompt-engineering, llms, python, generative-ai, llm-tool-use, ai, microsoft, claude

My advice about using AI is simple: use AI as an assistant, not an expert, and use it judiciously. Some people will object, “but AI can be wrong!” Yes, and so can the internet in general, but no one now recommends avoiding online resources because they can be wrong. They recommend taking it all with a grain of salt and being careful. That’s what you should do with AI help as well.

— Ned Batchelder, Horseless intelligence

Tags: ai, ned-batchelder

Recently, the editor in chief of The Atlantic found himself in a group chat on Signal, in which president Trump's national security team discussed a military operation in Yemen. This immediately became SignalGate.

Here I present the secure government equipment and networks that Trump's team should have used instead of Signal on their personal smartphones. It will also become clear why the Trump team prefers using Signal.





The Houthi PC small group

On March 11, 2025, president Trump's national security adviser Michael Waltz initiated a group chat on the open-source encrypted messaging app Signal to discuss planning for airstrikes on Houthi rebels in Yemen.

The chatgroup was named "Houthi PC small group", with PC apparently referring to Principals Committee, a term typically used for a gathering of senior national-security officials. This group had a total of 19 participants:



This list shows that the members of the "Houthi PC small group" were from many different government departments and agencies and that some lower-ranking officials participated as well.

This is probably one of the reasons why they used Signal: given the variety of positions, they would probably not have access to the same equipment to have a properly secured conversation.

The major US government departments and intelligence agencies have their own computer networks, usually one for unclassified and one or two for classified information:




Secure computer networks

The networks of the Department of Defense (DoD) and most widely used and therefore most suitable for interagency communications. There are DoD networks for different classification levels:



Besides the unclassified network, the classified ones also offer email (in the Signal groupchat mentioned as "high side inboxes"), messaging and other collaboration tools, but they can be used for VoIP phone calls and secure video teleconferencing as well.






Secure telephone networks

The DoD also operates a secure telephone network for classified conversations, called the Defense Red Switch Network (DRSN), also known as the Multilevel Secure Voice service. The DRSN connects the White House, all military command centers, intelligence agencies, government departments and NATO allies.

The DRSN has some special features and uses custom made telephone sets (currently the IST-2 made by Telecore), which can be used for both secure and non-secure phone calls. These phones also have the distinctive four red buttons for Multilevel Precedence and Preemption (MLPP).

During the attacks of September 11, 2001, the DRSN didn't function as intended and therefore a new Crisis Management System (CMS) was established. This is a dedicated Voice over IP network that connects the President, the National Security Council, Cabinet members, the Joint Chiefs of Staff, intelligence agency watch centers, and others.

The CMS uses high-end Cisco IP phones with a bright yellow bezel, which indicates that it can be used for conversations up to the level of Top Secret/Sensitive Compartmented Information (TS/SCI).




Most senior members of the "Houthi PC small group" have a phone for the CMS in their office, but their deputies, advisers and staff members usually not. So when they have to be involved in a secure phone call, that often means they have to be in the same room as their principal listening to the conversation via the speakerphone.

Also noteworthy is that not included in the Signal chatgroup were Michael E. Kurilla, commander of the US Central Command, and local commanders who led the military action in Yemen. They were likely in contact with defense secretary Hegseth via the proper channels, which would be SIPRnet or the DRSN.




Securing mobile phones

All the equipment for secure communications discussed so far are fixed/landline devices that sit on someone's desk. That's fine when working in office, but nowadays people are used to do almost everything on their smartphone.

Securing mobile communications has long been a challenge. In the first place because outside, conversations can easily be overheard. For a long time, encryption devices were large and heavy, until in 2002 the Sectéra Secure Wireless Phone was introduced, which enabled encrypted phone calls and SMS/text messages over public networks.


Around 2010, cell phones of the GSM generation were rapidly replaced by smartphones, which became so complex that it's very difficult, if not impossible to prevent the device from being compromised by malware and/or backdoors.

Under its Commercial Solutions for Classified (CSfC) program, the NSA tried to solve this problem by securing commercially available devices with multiple layers of protection and encryption. This resulted in the DoD Enterprise Mobility program, which encompasses three different classification levels:





The Secret version (DMCC-S) became operational in 2015 and offers secure phone calls via the CellCrypt app, access to SIPRNet email via the Outlook Web Application (OWA) and some other pre-approved apps on a Samsung smartphone or a Samsung tablet.

The DMCC-S solution has further restrictions, because in case the phone can also store classified information (data-at-rest) it may only be used in physically protected environments. On social media it was said that a conversation like in the Signal groupchat should only take place in a Sensitive Compartmented Information Facility (SCIF), but a SCIF is only mandatory for information classified Top Secret/SCI.


The White House provides its employees with Apple iPhones without access to the iOS App Store and with all text messaging capabilities disabled - only a few staffers in the press office had the ability to text on a limited basis.

Especially Signal's option for "disappearing messages" isn't compliant with the Presidential Records Act (PRA), which requires that all communications by and among White House staff members has to be archived.



Trump's shift to Signal

As we have seen, there are various highly secure communication channels that Trump's national security team could have used. Those who were working in their office had access to secure computer networks and a secure phone, those who were traveling (like Gabbard and Witkoff) had the option of using a DMCC-S smartphone.

However, the transition team that prepared Trump's take-over of the presidency in January 2025, deliberately refused to use government facilities and IT systems. This was in part to avoid the mandatory record-keeping that comes with using official resources.

Instead, Trump's staffers and incoming government officials communicated via their personal devices, often using the Signal app, and this continued after Donald J. Trump had been inaugurated as the 47th president of the United States.

Last February, political appointees at the DoD ordered that Signal had to be installed on government phones for newly installed senior military officials: "they all use Signal and need it to communicate with the White House" - even though in the same month, the NSA had warned against vulnerabilities in using Signal.

During a House Intelligence Committee hearing a few days ago, Trump's CIA director John Ratcliffe said that Signal is now widely used by officials and staff at his agency's headquarters: "One of the first things that happened when I was confirmed as CIA director was Signal was loaded onto my computer at the CIA as it is for most CIA officers."





Links and sources
- The Independent: Previous administrations were wary of the messaging app Signal. Trumpworld has embraced it (March 27, 2025)
- The Atlantic: Here Are the Attack Plans That Trump’s Advisers Shared on Signal (March 26, 2025)
- The Atlantic: The Trump Administration Accidentally Texted Me Its War Plans (March 24, 2025)
- TWZ: C-17’s ‘Silver Bullet’ Airstream Trailer Pod Used By Secretary Of Defense Hegseth On First Overseas Trip (February 12, 2025)