Only he wasn’t using the official Signal app, which is widely considered to be the gold standard of encrypted messaging apps. He was actually using a clone of Signal called TeleMessage Signal, or TM SGNL. Two days after the photo of Waltz was published, an anonymous source told me that they had hacked TeleMessage. The exploit that the hacker used was incredibly simple. By downloading a heap dump and then searching for “password,” the hacker could see usernames and passwords of random users.