The Trump Administration discussed a secret military operation on Signal, inadvertently adding Jeffrey Goldberg, the editor-in-chief of The Atlantic, to the thread. Until the bombs started dropping in Yemen, Goldberg couldn’t believe what he was reading.
Even if Goldberg hadn’t been included in the chat, it remains a terrible idea to discuss matters of national security via any app, no matter how secure it is considered. This point, while likely to ruffle some feathers in the political arena, should also serve as a stark reminder that nothing you do online is truly anonymous.
Here’s what you should consider before confiding your secrets to technology
1. You are more interesting than you think.
It’s a common misconception that regular citizens like you and me are of no interest to hackers. However, a threat actor could exploit your device to gain access to your employer. By exploiting the data on your phone, a hacker could steal your identity and potentially cripple the entire organization.
2. Don’t blindly trust what technology companies tell you.
Encrypted chat apps Signal and WhatsApp are publicly debating which one is more secure. Meredith Whittaker, the president of Signal, appears to be particularly annoyed by WhatsApp’s Will Cathcart, who suggests there are hardly any differences between WhatsApp and Signal.
While Signal is generally considered a more trustworthy choice by the security community — and it’s worth noting that WhatsApp is owned by Meta — I still recommend exercising caution when using either app.
Recall how in 2021, Proton, another security-focused company, provided the IP address of a French activist to law enforcement due to legal obligations. Many remain upset about this incident, but it also serves as a reminder, as Proton’s Andy Yen noted, that “the Internet is generally not anonymous.”
3. Governments are increasingly asking for a backdoor.
The “good guys,” meaning law enforcement, want to have a key to your communication just in case it can be instrumental in some criminal case. Governments have long argued that end-to-end encrypted communication is an obstacle when trying to solve high-profile human trafficking, drug trafficking, and child exploitation cases, among others.
In some countries, the “good guys” might actually succeed in having those backdoors installed. While such amendments are theoretically intended to target only criminals, they set a very dangerous precedent. This is because governments often view protesters, dissidents, and political opponents as threats to national security or even sovereignty, effectively treating them as criminals.
4. Your phone might get stolen.
Are you the only one who knows your phone’s passcode? Is it a random sequence of numbers or something more meaningful, like someone’s birthday? Imagine what would happen if Goldberg’s phone were stolen. While it’s not child’s play to unlock it, it can be cracked through brute force.
Even though Signal offers encryption, the recent leak of military plans emphasizes the need for caution, even on trusted platforms. It’s crucial for every user, including government officials, to double-check contact identities, use additional layers like two-factor authentication, and be mindful of what’s shared. No tool is foolproof, and the failure to implement proper security measures shows that awareness and caution are just as important as the technology in use.
ABOUT THE EXPERT
Jurgita Lapienytė is the Editor-in-Chief at Cybernews, where she leads a team of journalists and security experts dedicated to uncovering cyber threats through research, testing, and data-driven reporting. With a career spanning over 15 years, she has reported on major global events, including the 2008 financial crisis and the 2015 Paris terror attacks, and has driven transparency through investigative journalism. A passionate advocate for cybersecurity awareness and women in tech, Jurgita has interviewed leading cybersecurity figures and amplifies underrepresented voices in the industry. Recognized as the Cybersecurity Journalist of the Year and featured in Top Cyber News Magazine’s 40 Under 40 in Cybersecurity, she is a thought leader shaping the conversation around cybersecurity.
Valimail Launches Industry-First BIMI Simulator
Posted in Commentary with tags Valimail on March 25, 2025 by itnerdValimail today announced the launch of its BIMI Simulator, a comprehensive suite of tools designed to empower brands to visualize and optimize their email presence through Brand Indicators for Message Identification (BIMI). This first-of-its-kind platform allows users to see what their email could look like with BIMI, understand the potential brand impression opportunity by implementing BIMI, and be inspired by what other companies and competitors are doing with their logos.
Valimail has been at the forefront of BIMI since 2018 as part of the AuthIndicators Working Group, the founding group of BIMI, and has been instrumental in the development of industry standards enabling brands to deliver their logos alongside email messages to billions of inboxes worldwide, increasing customer engagement with those messages and boosting brand trust. More recently, Valimail was a key partner in introducing a new capability to enhance BIMI with Common Mark Certificate (CMC), which provides greater flexibility and more affordable pathways for brands of all sizes that either do not have the right product trademark or do not have a trademark at all, looking to enhance their email marketing efforts while ensuring the security of their email communications.
According to Wombatmail, BIMI adoption has seen a growth of 28.4% between January 2024 and January 2025, measured by the number of domains with BIMI logo records published in the top ten million domains. BIMI drives significant marketing advantages, including increased brand visibility, higher user engagement, and a consistent brand experience. In addition a recent Yahoo Mail study found that BIMI implementation can increase email engagement up to 10%. Furthermore, BIMI provides a cost-effective channel for brand visibility, offering low-cost brand impressions compared to traditional advertising methods.
With major email providers like Google, Apple, and Yahoo! supporting BIMI verification standards, Valimail’s BIMI Simulator empowers brands to make the case for implementing BIMI, by visualizing its impact to improve brand awareness and protect against impersonation. This provides a comprehensive view and practical application of BIMI, available in a downloadable report, which includes:
BIMI Simulator: A tool that allows teams to simulate and visualize how the company’s logo will be displayed to recipients of BIMI-compliant email providers.
BIMI Audience Insights Report: A tool that allows businesses to visualize the breakdown of outbound mail that the organization sent to mailboxes that support BIMI in the past 30 days.
BIMI Inspiration: A comprehensive catalog of public BIMI records and logos of leading brands using BIMI, fostering inspiration and competitive insights.
One critical component of BIMI implementation is achieving Domain-based Message Authentication, Reporting, and Conformance (DMARC) at enforcement, an email security protocol that helps companies protect against email spoofing by verifying email senders and protecting domain owners from unauthorized use. By adding BIMI to DMARC, companies transform email authentication from a technical requirement into a visible brand asset, driving organizations to prioritize and achieve DMARC enforcement to unlock the full potential of BIMI.
All BIMI Simulator features are complimentary enhancements available to current Valimail customers using Monitor, Enforce, and Amplify. Valimail will showcase these new features in an upcoming webinar on Wednesday, March 26; register to join here.
Leave a comment »