Encryption Is Not Trust

SOE's Prosper network had 10,000 agents and the best ciphers in Europe. One compromised man destroyed it all.

· · 10 min read
Silhouette of a person against a surveillance state backdrop

In the summer of 1943, SOE agent Jack Agazarian told his superiors that Henri Dericourt could not be trusted. Dericourt controlled air operations for Prosper, the largest British spy network in occupied France. He arranged clandestine flights for agents and supplies across the English Channel. Agazarian believed he was feeding information to the Germans.

Maurice Buckmaster, head of SOE’s French section, and his deputy Nicholas Bodington dismissed the warning. Prosper was Major Francis Suttill’s creation: more than 10,000 agents, weapons caches across northern France, safe houses, clandestine airfields, and cipher systems that British intelligence considered unbreakable. The network was preparing to support the Allied invasion: coordinating sabotage teams, receiving arms drops from England, building an underground army that could rise on command. It was too big and too important to be threatened by one man’s suspicion about another.

Prosper had also outgrown SOE’s own rules. Compartmentalization required that agents from different circuits never meet and that cells operate independently, so that the compromise of one could not cascade to the rest. But radio operators were shared between cells because there were not enough to go around. Agents from different circuits knew each other by name and face. The network’s reach was treated as proof of its strength. Its exposure was treated as an acceptable cost of growth.

Agazarian was right. Dericourt had been passing intelligence to Hans Boemelburg, chief of German counterespionage in Paris, including the locations of fourteen clandestine airfields. The Gestapo dismantled Prosper in weeks. Suttill, Agazarian, Noor Inayat Khan, Andrée Borrel — arrested, deported, executed. When the betrayal opened the door, it moved through the entire structure because the structure had no internal walls.

The ciphers held. The one-time pads were never broken. The man Agazarian warned them about destroyed the network anyway.

Volume IV documented what Prosper proved eighty years ago: when the state holds an overwhelming advantage in surveillance and prosecution, the response cannot rest on a single tool. Encryption secures the communication channel between two points. It says nothing about the people at either end, the structure that connects them, or the process that decided they should be connected at all.

Defend the 612

In December 2025, an organization called Defend the 612 began building a counter-surveillance network in Minneapolis. Named for the city’s area code, it organized civilians to monitor Immigration and Customs Enforcement activity across the Twin Cities.

Within weeks the operation had scaled to more than 150 Signal groups, some hitting the platform’s 1,000-member capacity. Approximately 5,000 trained volunteers. A crowdsourced database tracking over 4,800 suspected ICE vehicle license plates. A 24/7 voice dispatch channel running SALUTE-format reporting with specialized cells for mobile patrols, plate checks, and non-cooperation response.

New date-stamped rooms were created each day and old ones deleted, a rotation designed to limit the window of exposure. The operational planning was sophisticated. The front door was wide open.

Signal encrypted every message end-to-end. The enrollment form that let anyone join was on a public website.

On January 24, 2026, conservative journalist Cam Higby published screen recordings, screenshots, and audio clips from inside the network on X. Approximately twenty million views. Higby had not broken Signal’s encryption. He had filled out the form, followed the emailed links, and sat quietly recording.

Within hours, FBI Director Kash Patel opened an investigation. Within weeks, Christina Buttons had independently infiltrated the same network for the Daily Wire, and City Journal had gained access through a pseudonymous account. Three independent infiltrations, all through the same door.

The network’s vetting tested ideology, not identity. Members were expelled for saying the wrong thing. Nobody was expelled for saying nothing.

The Pattern

In 2018, the FBI built an encrypted phone company called ANOM and secretly operated it for three years. Twelve thousand subscribers across 300 criminal organizations in more than 100 countries, all communicating through infrastructure the agency controlled from the ground up. Over three years, the FBI catalogued 27 million messages before activating the trap. When Operation Trojan Shield launched on June 7, 2021, more than 10,000 police officers in sixteen countries arrested 800 people in a single coordinated action.

The subscribers had never asked who owned the servers. That question would have mattered more than any cipher.

EncroChat’s users asked the question and got the wrong answer. In 2020, French National Gendarmerie compromised the platform by planting malware on 60,000 devices worldwide. The malware read messages before encryption could protect them and recorded lock screen passwords.

The haul: 6,600 arrests, $979 million seized, 103 tons of cocaine intercepted, 923 weapons recovered. The U.K.’s National Crime Agency alone prevented 200 threats to life, including planned kidnappings and executions. On June 13, 2020, EncroChat realized it was compromised and told users to destroy their phones. For most, the instruction arrived after the handcuffs.

Ghost launched in 2021 to absorb users fleeing EncroChat and Sky ECC. Europol coordinated a nine-nation takedown in 2024, arresting 51 people across three continents, including members of the Italian Mafia and organized motorcycle gangs. The pattern is worth spelling out: each time a platform fell, its user base migrated to the next one, trusting a new brand without changing the behavior that exposed them on the old one.

In March 2025, National Security Advisor Michael Waltz accidentally added a journalist from The Atlantic to a Signal group chat containing active strike plans for Yemen. Drone schedules. Targeting coordinates. Strike times. Signal worked flawlessly. Waltz had typed the wrong phone number.

The Electronic Privacy Information Center’s Calli Schroeder called it “maybe the sloppiest information leak I’ve ever heard of.” Their operational security, she added, was “weaker than what I’ve used in student law clinics.”

The Channel and the Network

Signal’s end-to-end encryption means a state-level adversary cannot read messages in transit. Signal’s servers store no message content. For the problem of interception, the tool is close to perfect.

Interception is one problem.

Signal does not control who joins a group. It does not prevent screenshots or screen recordings. It does not stop a member from copying the conversation and publishing it on X to twenty million people.

Metadata remains visible to anyone with access to network traffic: who talks to whom, when, how often, for how long. A cluster of encrypted communications between unknown identities does not need to be decrypted to be interesting. To a signals analyst, the pattern is the product. The content can stay locked. The shape of the network is already on the table.

The information security researcher known as the Grugq has spent years on this distinction. Signals intelligence can be evaded with better tools. Human intelligence survives every protocol upgrade. An agent who joins your group, an insider who copies your conversations, a journalist who fills out your enrollment form.

Most compromises are not cryptographic but social. People say too much, to too many, with too little verification of who is listening. The technology-first mindset treats security as a product you can install. It is not. It is a set of behaviors maintained under pressure, and no protocol enforces behavior.

Encryption protects the channel. It does not protect the network.

The Jedburgh Principle

A year after Prosper fell, ninety-three three-person units parachuted into occupied France on the night of June 5, 1944. One American, one British, one French officer, plus a radio operator. Each team carried a “Jed Set” radio, silk sheets with 500 pre-coded phrases to minimize transmission time, and one-time pads for encipherment. The same cipher technology that had failed to save Prosper.

The critical design choice was isolation. No Jedburgh team communicated directly with conventional ground forces. Every request routed through Special Forces Headquarters in London, adding hours of delay. That delay meant the capture of one team could not compromise operations they had never directly contacted.

Each unit recruited through a single trusted local contact, who in turn built a subcell of trusted subordinates. Hideout locations flowed upward to leadership, never sideways between cells. If the mission was sabotage or reconnaissance, there was no reason for subcells to assemble in large groups. Need-to-know was load-bearing structure, not a line in a policy manual.

SOE wrote the compartmentalization doctrine that Prosper had ignored. The radio operators who came after proved it worked by actually following it.

Those operators transmitted from different locations each time and finished every broadcast within twenty minutes, the estimated window before German direction-finding equipment could triangulate a signal and dispatch a team. They assumed every transmission was being hunted, because it was. Each knew only immediate contacts. When one was captured, the damage stopped at the boundary of what that person knew, because the network had been designed with walls between every cell.

Prosper and the operators who survived both used one-time pads and SOE’s cipher systems. The operators survived because they maintained the structural discipline that Prosper had abandoned in pursuit of scale.

That discipline required constraints. Vetting people by identity, not ideology, because a journalist who shares your politics but not your loyalty is invisible to a belief-based screening process. Cells small enough that no single compromise could cascade through the network. Infrastructure you control yourself.

ANOM’s subscribers trusted servers the FBI had built. EncroChat’s users trusted servers the French Gendarmerie had already compromised. If you cannot audit the system end to end, you are trusting a brand, not a protocol.

Security and scale pull in opposite directions. A three-person Jedburgh team cannot cover what a 5,000-volunteer network covers. It also cannot be destroyed by a single enrollment form.

The Architecture

Agazarian warned them about Dericourt. Buckmaster decided that Prosper’s size made it secure. Ten thousand agents felt like strength. They were ten thousand points of failure connected by trust that nobody verified, inside a structure with no internal walls.

The cipher was never the vulnerability. Not in 1943, not when ANOM’s subscribers communicated through FBI servers, not when three journalists walked through Defend the 612’s front door. What failed each time was the architecture: who had access, how trust was verified, how far a single compromise could reach.

Prosper had unbreakable encryption and no architecture. The Jedburgh teams that followed a year later had the same encryption and nothing but architecture. One was destroyed in weeks. The other survived the war.

Discipline does not scale. Agazarian warned them about a man. He might as well have been warning them about the design.

Sources

  • City Journal: “Inside Minneapolis’s ICE Watch Network” (Investigative Report, January 2026)
  • NBC News: “FBI investigating Minnesota Signal group chats” (Brandy Zadrozny, January 2026)
  • Axios Twin Cities: “How Minnesota’s rapid responders are tracking ICE agents in real time” (January 2026)
  • Fox News: “FBI investigating Minnesota anti-ICE Signal group chats, Patel says” (January 2026)
  • U.S. Department of Justice: “FBI’s Encrypted Phone Platform Infiltrated Hundreds of Criminal Syndicates” (ANOM / Operation Trojan Shield, June 2021)
  • Europol: “Dismantling of encrypted criminal EncroChat communications leads to over 6,500 arrests” (June 2023)
  • Computer Weekly: “Europol provides detail on Ghost encrypted comms platform takedown” (2024)
  • Dark Reading: “OPSEC Nightmare: Leaking US Military Plans to a Reporter” (March 2025)
  • The Grugq: Hacker OPSEC (grugq.github.io)
  • Warfare History Network: “The British Prosper Spy Network: Destroyed to Protect D-Day”
  • Spartacus Educational: “Prosper Network” (SOE in France)
  • Dorinda Balchin: “A Life on the Line: SOE Radio Operators in the Second World War” (August 2017)
  • Inter Populum: “Jedburgh Teams: Lessons for Unconventional Warfare”
  • CIA Historical Review: “Surprise, Kill, Vanish: The Legend of the Jedburghs”
  • Light Fighter Manifesto Volume IV (Light Fighter Manifesto L.L.C., 2024)

Sources verified February 12, 2026

Tools

  • Light Fighter Guide - Tactical field reference for comms, drones, SIGINT, and mission planning
  • Reticulum Field Reference - Setup guide for building your own encrypted communications infrastructure
  • Signal - End-to-end encrypted messaging (understand its limits)
  • Reticulum - Cryptography-based networking stack for building resilient, delay-tolerant communications