The President's Phone OPSEC Continues To Be, Well, Crap
from the ill-communication dept
By now the President's unwillingness to adhere to anything close to reasonable security when using his mobile phones has been made pretty clear. Whereas the Defense Information Systems Agency (DISA) and the NSA usually work in concert providing state leaders with "hardened" devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung's Knox security architecture), because it might infringe on his ability to Tweet.
Past reports have suggested that security advisors have at least convinced him to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. But as a new report this week from the New York Times makes clear, Trump's lax phone security is being pretty routinely taken advatage of by foreign intelligence agencies:
"When President Trump calls old friends on one of his iPhones to gossip, gripe or solicit their latest take on how he is doing, American intelligence reports indicate that Chinese spies are often listening — and putting to use invaluable insights into how to best work the president and affect administration policy, current and former American officials said."
Senators sent a letter to Trump back in April expressing concern at his abysmal operational security, but that message still hasn't gotten through to the aggressively cocksure President, according to the Times report:
"Mr. Trump’s aides have repeatedly warned him that his cellphone calls are not secure, and they have told him that Russian spies are routinely eavesdropping on the calls, as well. But aides say the voluble president, who has been pressured into using his secure White House landline more often these days, has still refused to give up his iPhones. White House officials say they can only hope he refrains from discussing classified information when he is on them."
The Times quotes numerous anonymous experts who say their claims come from sources in these foreign governments. And while the Times story doesn't get technical about how foreign intelligence agencies are tapping into the calls, many surmise they're exploiting, among other things, the cellular network Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US) flaw that the industry has been refusing to fix for the better part of the last decade. The flaw can be exploited to track user location, dodge encryption, and even record private conversations if strict countermeasures aren't adhered to.
That said, security experts were quick to point out there's an ocean of ways that foreign intelligence agencies could be intercepting Trump's calls in transit via passive decryption as the calls travel between the phone and cellular tower:
4) Passive decryption.
The Russian and Chinese embassies are likely sucking up all GSM/LTE bands in the district. Modern iPhones would do most voice as VoLTE, meaning this would require a passive attack against handshake or KASUMI cipher. Seems most likely.
— Alex Stamos (@alexstamos) October 24, 2018
Of course intel agencies could also be targeting his most-commonly called individuals on the other end. As is his way, the President was quick to issue a Tweet insisting the entire story was false...while using his iPhone:
The so-called experts on Trump over at the New York Times wrote a long and boring article on my cellphone usage that is so incorrect I do not have time here to correct it. I only use Government Phones, and have only one seldom used government cell phone. Story is soooo wrong!
— Donald J. Trump (@realDonaldTrump) October 25, 2018
To let Trump's ego dictate his security practices is obviously still problematic, potentially even to the point of putting lives at risk. It's also incredibly ironic given all the time Trump spends complaining about potential Chinese spying habits, including the Trump-driven blacklist of all Huawei products in the United States. It's a blackballing that's not based on much in the way of evidence, but is certainly appreciated in a protectionist capacity by the U.S. networking and cell phone vendors who didn't want to have to compete with cheaper Chinese gear. Huawei, for its part, was quick to make light of the report:
China spokeswomen Hua Chunying on the NYT Trump iPhone tapping story: "If they are very worried about iPhones being tapped, they can use Huawei." pic.twitter.com/lZ48beuA7e
— Luna Lin (@LunaLinCN) October 25, 2018
Trump's phone habits continues to be a giant middle finger toward transparency (like adhering to the Presidential Records Act) and fundamental opsec, but neither Trump nor the adults tasked with his daily supervision appear to much care.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: china, donald trump, iphone, listening in, opsec, phones, russia, surveillance, wiretap
Reader Comments
Subscribe: RSS
View by: Time | Thread
How are they eavesdropping?
[ link to this | view in chronology ]
Re: How are they eavesdropping?
[ link to this | view in chronology ]
Re: How are they eavesdropping?
The SS7 vulnerability and passive tower decryption, both of which would allow you to access the content of communications are possibilities, listed as 2 of at least 4 possible vulnerabilities that he could be vulnerable to if using a poorly secured line.
[ link to this | view in chronology ]
Re: Re: How are they eavesdropping?
[ link to this | view in chronology ]
Re: Re: Re: How are they eavesdropping?
[ link to this | view in chronology ]
Re: Re: Re: Re: How are they eavesdropping?
If there were techniques to make a regular phone call more difficult to snoop on, Apple would likely add that to iPhone.
[ link to this | view in chronology ]
Re: Re: Re: Re: How are they eavesdropping?
tl;dr probably just a fancy government VPN, basically.
That said, there's no reason Trump couldn't have a secured/hardened phone and then either A) have them add in a firewall exception for Twitter just for his phone or B) just carry a small unsecured tablet (preferably with the microphone removed) for Twitter purposes.
Or, yanno, our President could just grow the f*ck up and let a staffer handle the tweets like the last adult to occupy that office did. But who am I kidding?!
[ link to this | view in chronology ]
Re: How are they eavesdropping?
[ link to this | view in chronology ]
Re: How are they eavesdropping?
[ link to this | view in chronology ]
Nothing changes....
[ link to this | view in chronology ]
Re: Nothing changes....
[ link to this | view in chronology ]
Re: Nothing changes....
Techdirt criticizes Trump not just for having devices (ignoring the security experts), but for his poor opsec in handling them, disregarding the limitations of the device's intended use and regularly communicating classified info or info intended to be kept secure.
[ link to this | view in chronology ]
Re: Nothing changes....
[ link to this | view in chronology ]
Re: Re: Nothing changes....
Just like clockwork, they will care intensely and extremely loudly again the second their opponent has a lapse in security. then handwave all of Trump's issues as ancient history and not worth talking about.
[ link to this | view in chronology ]
Re: Re: Re: Nothing changes....
[ link to this | view in chronology ]
Re: Re: Re: Re: Nothing changes....
[ link to this | view in chronology ]
Re: only one to remember obama's Blackberry?
No lies, now.
[ link to this | view in chronology ]
"But I don't wanna!"
The fact that we're talking about the gorram president of the united states acting like a child in refusing to use a specifically secured phone for use, insisting instead that he absolutely must have a phone he can tweet with just baffles the mind, even if it is entirely within character for him.
Nice to him to faceplant in his rebuttal though to provide at last some mitigating humor. 'They got things wrong, but I can't be bothered to point out what' translates pretty much directly to 'I have absolutely nothing to rebut them, so instead I'll try to act superior and dismiss them with absolutely nothing to support my claim.'
[ link to this | view in chronology ]
Re: "But I don't wanna!"
HARWOOD: Speaking of trying to avoid the dangers of the bubble, you still got one of these in your pocket?
Pres.-elect OBAMA: You know, I actually took it out as a consequence of this interview, but I'm still clinging to my BlackBerry. They're going to pry it out of my hands.
HARWOOD: Well, are you, in fact, going to overcome this idea as anachronistic that presidents can't use the most modern...
Pres.-elect OBAMA: Well, here's what I think I can get. I think I'm going to be able to get access to a computer somewhere. It may not be right in the Oval Office. The second thing I'm hoping to do is to see if there's someway that we can arrange for me to continue to have access to a BlackBerry. I know that...
[ link to this | view in chronology ]
Re: Re: "But I don't wanna!"
[ link to this | view in chronology ]
Re: Re: Re: "But I don't wanna!"
[ link to this | view in chronology ]
Re: Re: Re: "But I don't wanna!"
I would further postulate that said poster would also equate bombs with restaurant confrontations.
[ link to this | view in chronology ]
Re: Re: "But I don't wanna!"
[ link to this | view in chronology ]
Re: "But I don't wanna!"
NO, YOU are taking the NYT as absolute Truth like every netwit does when attacks Trump. Story unlikely on the surface, and the targetting is clear. You are being played at best.
Suddenly you're for absolute "secrecy" too! Rest of the time you netwits try to "expose" Trump or Pai by demanding every last detail of what they're doing every second of the day!
Sheesh.
[ link to this | view in chronology ]
Re: Re: "But I don't wanna!"
If not:
Please explain why you feel it is unlikely to be true.
[ link to this | view in chronology ]
Re: Re: "But I don't wanna!"
Suddenly you're for absolute "secrecy" too!
Suddenly you're not!
[ link to this | view in chronology ]
Re: Re: "But I don't wanna!"
[ link to this | view in chronology ]
More New York Times fabrication eagerly repeated.
Let's not forget the NYT running for months the FAKE NEWS of Trump-Russia collusion. It's The Establishment Organ. They couldn't even find a bit of doubt in the "Iraq has WMD" story, with their own reporter stenographing Cheney's lies. Less than zero credibility, only useful to see what The Deep State is trying.
That means simply ALLEGED are numerous and experts claiming FOREIGN sources who'd have an interest in undermining Trump -- as indeed does the NYT.
No details are key point of all FAKE NEWS -- like the lying about Kavanaugh. This is unlikely at best without hardware. The software method is sure to leave large footprints all over, and is only useable in practice by NSA which doesn't have to watch those.
It's certain the NSA is monitoring Trump, AND that this "news" has ONLY that germ of Truth, with the back story concocted to attack Trump.
And who cares whether Trump does this? I'm for EVERY official action of EVERY politician being ENTIRELY public. We need to outlaw backroom deals and surveil politicians to more than they can bear, so get OUT of gov't!
And is this truly the most important story you can run here at mighty Techdirt? Where's The Maz when today's big STORY is "Trump is causing bombs to be sent"? Not going to pick up that fake news too, or is Masnick busy writing that so Bode had to write this silly filler?
[ link to this | view in chronology ]
Re: More New York Times fabrication eagerly repeated.
You have zero credibility.
[ link to this | view in chronology ]
Re: More New York Times fabrication eagerly repeated.
[ link to this | view in chronology ]
Re: Re: More New York Times fabrication eagerly repeated.
Can't be. While certainly incoherent and bullshitty enough, RE Tard's sentences are far too long to be Trump.
[ link to this | view in chronology ]
Re: More New York Times fabrication eagerly repeated.
You know it was also the NYT that broke the Clinton email thing right?
[ link to this | view in chronology ]
Re: More lies
[ link to this | view in chronology ]
Re: More New York Times fabrication eagerly repeated.
Hmmmm..so much to dissect from this post.
What I immediately noticed due to it being all capitalized is the word ALLEGED. You wouldn't have capitalized it if you didn't want it noticed.
Now that word is important to you. When it comes to Trump or say, a Supreme Court "justice" who can't get laid without forcing himself on women. Allegedly.
But let me ask you, is it important to the dim-witted simpletons yelling "lock her up" like trained chimps who just learned how to get a treat by hitting the big button?
Or maybe when he yells out "who's gonna pay for the wall?" and the tards go "Mexico!" There's an implied "allegedly" there, I'm sure.
No. That word wasn't important then. But dammit, it's important now. You found that word like Trump finds his penis - accidentally.
What's a simple person like yourself to think about this story? It must be bullshit, right? He appeals to you. More importantly, the fact that he's a dipshit appeals to you. You can relate to that, amirite?
A simple common man for all the simple people like you. Doing simple things with simple tools. Using simple words and short sentences.
Sure, tell yourself that he knows what he's doing. That his tweeting like a 12-year old with ADD is that important - national security be damned. And if it's found that he's blabbering like an idiot and the Russians and Chinese are listening? So what? No better way to own the libs than to help the Russians and Chinese elect your guy. After all, some of you would rather be Russian than democrat.
He's just gotta tweet dammit! Because you can relate to that. Sentences longer than 288 characters are hard to process and hurt your brains. And brain hurt is bad.
[ link to this | view in chronology ]
Funny.
[ link to this | view in chronology ]
SS7? Why bother working for this info?
[ link to this | view in chronology ]
In.Other Words, everyone knows what Trump is saying ....
Shades of the commemorative plaque in the US embassy in Moscow with the passive microwave resonator!
Shades of Edward Snowden on the NSA.
[ link to this | view in chronology ]
Could be worse:
Hey, at least the Russians and Chinese are stepping up to keep records for us.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: "But I don't wanna!"
[ link to this | view in chronology ]
[ link to this | view in chronology ]