President Trump Thinks Basic Phone Security Is Simply Too Inconvenient

from the who-needs-updates dept

For the past year much has been made of the President's unwillingness to adhere to anything close to reasonable security when using his mobile phones. Whereas the Defense Information Systems Agency (DISA) and the National Security Agency usually work in concert providing state leaders with "hardened" devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung's Knox security architecture) because they apparently infringe on his ability to Tweet.

Just a few months ago, Senators sent a letter expressing concern that Trump's mobile phone practices were leaving the President open to potential hacking by foreign entities:

"The President of the United States stands alone as the single-most valuable intelligence target on the planet. Given the apparent lack of progress the Administration has made since initial reports in 2016 of the President’s poor operational security, it appears the only thing standing between the Office of the President and the next national security nightmare is a combination of President Trump’s personal restraint and sheer luck."

Eventually, the President was convinced to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. Even here reports have suggested that Trump has struggled to adhere to these restrictions, often making personal calls on his unsecured Samsung Galaxy III. This week a report from Politico highlights again how White House and IT security staff have recommended that these devices be routinely swapped out, an idea the President continues to resist:

"While aides have urged the president to swap out the Twitter phone on a monthly basis, Trump has resisted their entreaties, telling them it was “too inconvenient,” the same administration official said.

The president has gone as long as five months without having the phone checked by security experts. It is unclear how often Trump’s call-capable phones, which are essentially used as burner phones, are swapped out."

And yeah, that's a serious problem. While these devices appear to be the equivalent of burner phones, five months is forever in security world, giving attackers ample opportunities to compromise the microphone, camera, or other hardware embedded in Trump's devices. It's a particularly notable problem in the wake of things like the SS7 vulnerablity -- a flaw mobile carriers routinely try to downplay that opens the door to remote surveillance and a wide variety of attacks on most modern smartphones and mobile networks.

Needless to say, the President's abysmal privacy and security practices likely make a delicious potential target for hostile foreign powers, something you'd think Trump would realize given his breathless hyperventilation regarding a certain home e-mail server. Meanwhile, the President's disdain for routine security comes incongruently as his FCC moves to block many Chinese hardware vendors from doing business in the States, a protectionist move the administration insists is exclusively focused on protecting national security.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: disa, donald trump, secure phone, security, tweeting


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 22 May 2018 @ 12:19pm

    Nice priorities there

    "While aides have urged the president to swap out the Twitter phone on a monthly basis, Trump has resisted their entreaties, telling them it was “too inconvenient,” the same administration official said.

    'Yeah, I present a huge target, and my utter brilliance(read: colossal stupidity) means I'm also a very easy target, but swapping phones on a monthly basis to mitigate that risk somewhat would be hard.'

    Oh yeah, this is absolutely someone who gets security and should be involved in making decisions relating to it on a national level.

    (As an aside, just bask in the fact that the US president is so obsessed with Twitter that he has a phone specifically for it, because that's not all sorts of crazy at all.)

    Dear @realDonaldTrump: The #SS7 flaw allows foreign governments to listen in on your unsecured cell phone.

    If you're not concerned about that, how about this: that same flaw gives US intelligence the capability to listen in on your phone.

    And this is just hilarious. 'Hey, so I know having foreign governments listening in to your calls may not be a big deal to you, but that same flaw allow US intelligence to listen in too if they care to'. Talk about knowing which buttons to push and tweak his nose at the same time.

    link to this | view in chronology ]

    • icon
      Toom1275 (profile), 22 May 2018 @ 4:22pm

      Re: Nice priorities there

      The security flaw in Trump's communications is a simple PEBKAC error.

      link to this | view in chronology ]

    • icon
      nerd bert (profile), 23 May 2018 @ 7:00am

      Re: Nice priorities there

      I'm not terribly concerned about Trump's use of an unsecured phone dedicated to Twitter use. That stuff is way too public for his own good anyway. Heck, having Putin write his tweets for him would probably only help his popularity with his base.

      And this is just hilarious. 'Hey, so I know having foreign governments listening in to your calls may not be a big deal to you, but that same flaw allow US intelligence to listen in too if they care to'.

      As funny as that sounds, it's a far more consequential issue. If, as been alleged, US intelligence is caught as politically corrupt and serving just one master there will be a far, far larger crisis of confidence in government and very deep damage to our political system. I say caught only because the instances that have come before have been minimized by bipartisan agreement. Trump and his supporters are no fans of the established order and I doubt they'll be willing to give the intelligence community cover to escape the community's corruption. And a victory by Trump over the IC after an attack by the IC would give him the ability to reform the IC, which I doubt many folks will like on either side of the aisle.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 1:34pm

    President Trump’s personal restraint

    Something is lacking in that phrase.

    link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 22 May 2018 @ 1:35pm

    Much like Bill O'Reilly, Alex Jones and Glen Beck

    Donald J. Trump is known for a lot of outrageous opinions for a lot of things, and its only because he got elected president that his opinion is considered at all.

    Maybe we should consider instead listening to other experts?

    link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
      identicon
      Anonymous Coward, 22 May 2018 @ 3:19pm

      Re: Much like Hillary ?

      ... yes, if only Hillary was now President -- she never found it "inconvenient" to strictly follow government security protocols for email and phone. And Hillary was really tech savvy on this stuff... way smarter than Trump.

      link to this | view in chronology ]

      • icon
        That One Guy (profile), 22 May 2018 @ 4:28pm

        Ah the classics...

        Because 'But what about Hillary!' just never gets old...

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2018 @ 4:52pm

        Re: Re: Much like Hillary ?

        link to this | view in chronology ]

      • icon
        Ehud Gavron (profile), 22 May 2018 @ 7:28pm

        Living in the past, much?

        Hillary is the past. If you really want to complain about what people MIGHT do who DIDN'T get elected, let me suggest that doing so while your mommy wipes your butt is the only time that's appropriate.

        E
        P.S. Feel free to whine about Obama also. Last I heard he hasn't been President in a while either.

        link to this | view in chronology ]

      • icon
        PaulT (profile), 23 May 2018 @ 1:31am

        Re: Re: Much like Hillary ?

        It's always fascinating. You people can never, ever actually defend things that Trump is doing. You can only deflect on to what someone else did or you imagine they may have done. You can never shed positive light on to something he himself does, only negative light on to others.

        It must be a troublesome position, voting for someone who you know is objectively terrible, and being unable to defend a single one of his actions?

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 May 2018 @ 2:08pm

        Re: Re: Much like Hillary ?

        Alternately, Hillary was virtually pilloried for using a personal unsecured email for sensitive state communications. Trump, however, seems to get a pass.

        link to this | view in chronology ]

        • icon
          Uriel-238 (profile), 23 May 2018 @ 3:20pm

          Re: Re: Re: Much like Hillary ?

          Trump has gotten a pass for practically everything he and his minions complained about regarding Obama and Clinton.

          Remember when Trump was calling the US the laughing stock of the international community?

          link to this | view in chronology ]

  • icon
    Gary (profile), 22 May 2018 @ 1:43pm

    Chip?

    What - is this article serious? I thought it was Chip. Who would do this on purpose?

    link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
      identicon
      Anonymous Coward, 22 May 2018 @ 2:42pm

      Re: Chip?

      What - is this article serious? I thought it was Chip. Who would do this on purpose?

      Oh, Gary! You are not going to last here much longer!

      Hate ME all you want (that's part of why I'm here!), but since you are actually wondering why this trivial clickbait is up, then clearly Techdirt's reality-warp has failed to engulf you. I didn't believe in that at first, either, but once noticed, it becomes unbearable. Even I have had to FLEE for more than year at a time.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2018 @ 2:45pm

        Re: Re: Chip?

        Do tell

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 24 May 2018 @ 12:07am

        Re: Re: Chip?

        Seriously, blue, Trump is not going to let you suck him off. No matter how much you promise to flee a site you hate the guts of but simply refuse to flee anyway.

        link to this | view in chronology ]

    • identicon
      Chip, 22 May 2018 @ 3:21pm

      Re: Chip?

      I am Not the "President"! I just use Quoatin "Marks" and capital LETTERS the same WAY he does!

      Every Nation eats the Pain thips it Deserves!

      link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 22 May 2018 @ 2:27pm

    Obviously the response to this is to hack the phones

    Record the president's conversations and online traffic and then post them publicly.

    Some kids are only swayed by the natural consequences of their actions.

    link to this | view in chronology ]

    • identicon
      Ed, 22 May 2018 @ 2:40pm

      Re: Obviously the response to this is to hack the phones

      Perhaps set up a kickstarter campaign to fund some Russian hackers to record his conversations and post them publicly?

      link to this | view in chronology ]

      • icon
        Bergman (profile), 22 May 2018 @ 10:51pm

        Re: Re: Obviously the response to this is to hack the phones

        That would have Espionage Act implications. Don't go there.

        Instead, use the wiretapping loophole the feds and multiple states have created by their claims that operation of a Stingray device is neither interception of electronic communications nor an unauthorized access to a computer.

        The government exemption built into wiretapping, eavesdropping, interception and the Computer Fraud and Abuse Act all require that the government have a warrant to qualify for the exemption -- no warrant means no exemption. So either there are an awful lot of unindicted people guilty of MANY felonies and conspiracies to commit felonies throughout the state and federal governments (raising equal enforcement clause issues) or such actions are not illegal.

        link to this | view in chronology ]

    • icon
      That One Guy (profile), 22 May 2018 @ 4:33pm

      Re: Obviously the response to this is to hack the phones

      Given his utter indifference towards security, if his phones aren't already compromised by at least one(and more likely several) foreign intel agencies and other large groups I would be extremely surprised.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2018 @ 6:26pm

        Re: Re: Obviously the response to this is to hack the phones

        Possibly this explains all those cell towers in DC that no one knows who owns them.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2018 @ 10:08pm

        Re: Re: Obviously the response to this is to hack the phones

        The thing is, he's not consistent, he's not a 4d chess player. He tells whoever he's talking to what he thinks they want to here.

        So, anyone listening in on his private conversations will just be *even more confused* as to what his real priorities and positions are.

        Wait, maybe there is something to this 4d chess ting after all.

        link to this | view in chronology ]

        • icon
          Uriel-238 (profile), 22 May 2018 @ 10:21pm

          The President's real priorities and positions

          I'm pretty sure he wears his priorities and positions on his sleeve. He just changes his mind very frenetically. And he keeps close advisor that redirect him if he veers too hard from their agenda.

          I suspect if the President's conversations were published daily we'd have few surprises, but mostly confirmations of what we've already determined.

          But it might embarrass the President, the White House and the GOP. And then they might actually take communication security seriously.

          After the Zimmerman telegram, the German Republic took communication security very seriously. I'd like to avoid the misfortune of their misstep of being in a war at the time.

          Wait...we are in a war, if not three or four. Dangit.

          link to this | view in chronology ]

  • icon
    Dan (profile), 22 May 2018 @ 2:39pm

    Mountain or molehill?

    Serious problem? I don't see it from a practical standpoint (for any president). The President goes from the White House, to Marine One, to Air force One, to the presidential limo, rinse and repeat. Any one of those vehicles has a secure link. And we are worried about the chance he might use a cellphone for a fleeting moment in-between? Methinks they are more worried about his ability to tweet in general, not so much the security level of said tweet. What secret could he give away in a 30 second walk, that he doesn't give to the press already, just to show he can?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 3:04pm

      Re: Mountain or molehill?

      That insecure phone has both a microphone and camera, that could make a mockery of the secure communications in those vehicles.Its not so much what he is using them for, so much as who is recording what using them.

      link to this | view in chronology ]

      • icon
        Dan (profile), 22 May 2018 @ 4:39pm

        Re: Re: Mountain or molehill?

        The mic is a good point. Taken. The camera and GPS, not so much.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 22 May 2018 @ 5:03pm

          Re: Re: Re: Mountain or molehill?

          The recording capabilities, with remote playback are also rather useful.

          link to this | view in chronology ]

        • identicon
          Anonymous Coward, 22 May 2018 @ 9:36pm

          Re: Re: Re: Mountain or molehill?

          You might think you don't need GPS to track the President, but what's not widely known is that the motorcades, Air Force One, etc. are mostly diversions. The President is typically sent through U.S. Mail in a box wrapped in brown paper, as simple registered mail insured for $1 million.

          link to this | view in chronology ]

        • icon
          JMT (profile), 23 May 2018 @ 5:12pm

          Re: Re: Re: Mountain or molehill?

          How is someone remotely accessing the camera and GPS any less of a worry?

          link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 3:06pm

      Re: Mountain or molehill?

      Weird, I didn't know Air Force One had a golf course inside it.

      link to this | view in chronology ]

    • identicon
      Thad, 22 May 2018 @ 3:24pm

      Re: Mountain or molehill?

      If you don't see any possible security risks in a device with a camera, microphone, and GPS in it that is carred by the President of the United States of America, then you haven't put very much thought into it.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2018 @ 3:50pm

        Re: Re: Mountain or molehill?

        "If you don't see any possible security risks in a device with a camera, microphone, and GPS in it"

        No need for anything else after that really.

        link to this | view in chronology ]

      • icon
        Dan (profile), 22 May 2018 @ 4:53pm

        Re: Re: Mountain or molehill?

        I just question how much usable stuff someone could get, that isn't already available via other means. I could imagine, that's how Trump sees it. I know the GPS would be a non issue. And I have never seen anything done on how much a mic picks up while pocketed.

        There is also the other issue, how long it takes to upgrade things. I seem to remember Obama using an outdated Blackberry, because they couldn't "secure" an Android or iPhone. Trump would see having to wait, as ridiculous. I would agree with him on that.

        link to this | view in chronology ]

        • identicon
          Thad, 22 May 2018 @ 5:09pm

          Re: Re: Re: Mountain or molehill?

          I just question how much usable stuff someone could get, that isn't already available via other means.

          Well, given the president's history of discussing sensitive information in public, you may have a point.

          link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Techdirt Pro-Mo Dept, 22 May 2018 @ 2:47pm

    CIA: Collect It All

    Last chance! Campaign ends at midnight! Get your copy of the CIA's declassified training game by backing CIA: Collect It All on Kickstarter.

    https://www.kickstarter.com/projects/mmasnick/cia-collect-it-all

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 2:55pm

      Re: CIA: Collect It All

      for gods sake stop recursive spamming mike its not anyone didnt notice

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 2:55pm

      Re: CIA: Collect It All

      for gods sake stop recursive spamming mike its not anyone didnt notice

      link to this | view in chronology ]

    • identicon
      Thad, 22 May 2018 @ 3:28pm

      Re: CIA: Collect It All

      Thanks, Blue. This is much less repetitive and annoying than your usual posts.

      But, uh, you spelled "promo" with a hyphen.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 5:39pm

      You-Re so jelly it’s funny.

      link to this | view in chronology ]

  • icon
    tom (profile), 22 May 2018 @ 2:59pm

    Just goes to show that it is far easier to preach cyber security then practice what you preach.

    Besides, given reports that there are multiple fake cell towers around the DC area, not sure the risk of a twitter phone being compromised is high on the list of things to worry about.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 May 2018 @ 3:51pm

      Re:

      I was thinking the same thing. Doing that in the national capital seems dumb.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 3:52pm

    > The President of the United States stands alone as the single-most valuable intelligence target on the planet.

    Hah! The real reason that nobody is hacking him is that they all know there is nothing of intelligence on that mans phone (or anywhere else).

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 3:59pm

    "...the single-most valuable intelligence target on the planet"

    I know this statement is factually true but do we have to use the word "intelligence"? Maybe "data" or "spray-tan mineral stockpile" instead?

    link to this | view in chronology ]

  • identicon
    BroD, 22 May 2018 @ 4:04pm

    Well I can only assume that Bob Mueller is listening, too.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 4:24pm

    Why doesn't he just have someone else write his tweets for him?

    Wait a sec.....

    link to this | view in chronology ]

  • identicon
    athe, 22 May 2018 @ 4:29pm

    "Intelligence" target

    _The President of the United States stands alone as the single-most valuable __intelligence__ target on the planet._

    They do realise who they're talking about, right?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 9:10pm

    See, that's your security magical backdoor right there!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2018 @ 9:14pm

    This is why every phone needs to be secure

    Swapping out one's phone every few months, using separate phones for voice and Twitter... Karl, if you think that's "basic" security you're the most paranoid one here.

    Anyhow, it's a good example of why we shouldn't want phone-makers to reduce their security to enable surveillance. Consumer devices always manage to migrate into "inappropriate" areas—not usually the President's office, but places like hospitals and military bases where data should be kept confidential. The US Government's "solution" to security problems is to give some weird outdated hacked-up phone, and replace it frequently in some way that's obviously disruptive (come on, this is the President's office, why can't someone just show up and say "here's your new phone, we've transferred all your shit over"?). So if we want usable security, we're not going to get it from them. Apple and Google might be able to do it if the government doesn't stand in the way.

    And what's this about a flaw so old that companies are "routinely" downplaying it? We've got some flaw affecting the entire country's privacy, and the solution is to give the President a magic phone and leave the rest of us out to dry? Don't we have groups like CERT to fix shit like this? Does the government really think they can identify a small subset of people such that, as long as those people don't get hacked, they'll get no blowback from the bug? The phone companies should be getting called into Congressional hearings and getting fined every day it's not fixed.

    link to this | view in chronology ]

  • icon
    Bergman (profile), 22 May 2018 @ 10:54pm

    I find it particularly amusing

    that the phone hardware and OS absolutely vilified by the feds for being 'too secure' and a direct threat to national security, is the same one they use when they need security themselves.

    link to this | view in chronology ]

  • icon
    Wolfie0827 (profile), 23 May 2018 @ 11:45am

    News flash: Trump finds thinking too hard and inconvenient.

    link to this | view in chronology ]

  • icon
    McGyver (profile), 23 May 2018 @ 4:58pm

    It was very clever of Ted Lieu to phase it that way... Trumpalumpski is okay with foreign nations listening in on his calls... Maybe he welcomes that... But American intelligence agencies finding out what he is up to, well that's not something his boss is interested in.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 May 2018 @ 9:20pm

    Sorry, I couldn't get past the headline. "Trump thinks"... Who knew?

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.