What is the Signal messaging app and how secure is it?

The free messaging app Signal has made headlines after the White House confirmed it was used for a secret group chat between senior US officials.

The editor-in-chief of the Atlantic, Jeffrey Goldberg, was inadvertently added to the group where plans for a strike against the Houthi group in Yemen were discussed.

It has caused a significant backlash, with Democrat Senate leader Chuck Schumer calling it "one of the most stunning" military intelligence leaks in history and calling for an investigation.

But what actually is Signal - and how secure or otherwise were the senior politicians' communications on it?

Signal has estimated 40-70 million monthly users - making it pretty tiny compared to the biggest messaging services, WhatsApp and Messenger, which count their customers in the billions.

Where it does lead the way though is in security.

At the core of that is end-to-end encryption (E2EE).

Simply put, it means only the sender and the receiver can read messages - even Signal itself cannot access them.

A number of other platforms also have E2EE - including WhatsApp - but Signal's security features go beyond this.

For example, the code that makes the app work is open source - meaning anybody can check it to make sure there are no vulnerabilities that hackers could exploit.

Its owners say it collects far less information from its users, and in particular does not store records of usernames, profile pictures, or the groups people are part of.

There is also no need to dilute these features to make more money: Signal is owned by the Signal Foundation, a US-based non-profit, which relies on donations rather than ad revenue.

"Signal is the gold standard in private comms," said its boss Meredith Whittaker in a post on X after the US national security story became public.

That "gold standard claim" is what makes Signal appealing to cybersecurity experts and journalists, who often use the app.

But even that level of security is considered insufficient for very high level conversations about extremely sensitive national security matters.

That is because there is a largely unavoidable risk to communicating via a mobile phone: it is only as secure as the person that uses it.

If someone gains access to your phone with Signal open - or if they learn your password - they'll be able to see your messages.

And no app can prevent someone peeking over your shoulder if you are using your phone in a public space.

Data expert Caro Robson, who has worked with the US administration, said it was "very, very unusual" for high ranking security officials to communicate on a messaging platform like Signal.

"Usually you would use a very secure government system that is operated and owned by the government using very high levels of encryption," she said.

She said this would typically mean devices kept in "very secure government controlled locations".

The US government has historically used a sensitive compartmented information facility (Scif - pronounced "skiff") to discuss matters of national security.

A Scif is an ultra-secure enclosed area in which personal electronic devices are not allowed.

"To even access this kind of classified information, you have to be in a particular room or building repeatedly swept for bugs or any listening devices," said Ms Robson.

Scifs can be found in places ranging from military bases to the homes of officials.

"The whole system is massively encrypted and secured using the government's own highest standards of cryptography," she said.

"Especially when defence is involved."

There's another issue tied to Signal that has raised concerns - disappearing messages.

Signal, like many other messaging apps, allows its users to set messages to disappear after a set period of time.

The Atlantic's Jeffrey Goldberg said some of the messages in the Signal group he was added to disappeared after a week.

This may violate laws around record-keeping - unless those using the app forwarded on their messages to an official government account.

This is also far from the first row involving E2EE

Various administrations have wanted to create a so-called backdoor into messaging services that use it so they can read messages they think might pose a national security threat.

Apps including Signal and WhatsApp have previously fought attempts to create such a backdoor, saying it would eventually be used by bad actors.

Signal threatened to pull the app from the UK in 2023 if it was undermined by lawmakers.

This year, the UK government became embroiled in a significant row with Apple, which also uses E2EE to protect certain files in cloud storage.

Apple ended up pulling the feature in the UK altogether after the government demanded access to data protected in this way by the tech giant.

The legal case is ongoing.

But, as this controversy shows, no level of security or legal protection matters if you simply share your confidential data with the wrong person.

Or as one critic more bluntly put it: "Encryption can't protect you from stupid."