Donald Trump’s smartphone security: an inconvenient truth

"But her emails!"

Donald Trump's smartphone security

According to Politico, US President Donald Trump hasn’t been following the advice of his security team, and is resisting their attempts to regularly check his iPhone to see if it has been hacked.

President Donald Trump uses a White House cellphone that isn’t equipped with sophisticated security features designed to shield his communications, according to two senior administration officials — a departure from the practice of his predecessors that potentially exposes him to hacking or surveillance.

The president, who relies on cellphones to reach his friends and millions of Twitter followers, has rebuffed staff efforts to strengthen security around his phone use, according to the administration officials.

This isn’t, of course, the first time that Donald Trump has had his smartphone security questioned. In February 2017, for instance, two senators on the Homeland Security Committee raised concerns that he appeared to still be using a Samsung Galaxy S3, released in 2012, which hadn’t received a Android software update since mid-2015.

It appears that security-minded folks managed to pry that Android phone from Trump’s hands and replace it with two iPhones.

One of the iPhones is for Twitter and has a number of “preloaded news sites” (no prizes for guessing which is his favourite).

The other iPhone (which has a working camera and microphone, but apparently has its GPS disabled) is for making calls.

According to Politico, it’s the iPhone that Donald Trump tweets from that he is shy of handing over for regular security checks:

While aides have urged the president to swap out the Twitter phone on a monthly basis, Trump has resisted their entreaties, telling them it was “too inconvenient,” the same administration official said.

The president has gone as long as five months without having the phone checked by security experts. It is unclear how often Trump’s call-capable phones, which are essentially used as burner phones, are swapped out.

Too inconvenient? Really?

How hard can it be to give someone a locked-down iPhone with a copy of Twitter and a few news apps installed?

Convenience sounds like the kind of excuse Hillary Clinton would give for why she controversially set up her own personal email server for government business.

Hillary Clinton’s use of a personal email server rather than one supplied by the IT security experts at the State Department was ill-advised, and could have put her communications more at risk of being compromised by hackers.

Similarly, Donald Trump would be smart to stop thinking of phone security checks by his IT experts as “too inconvenient”, and rather as something to be grateful for. Anything less would be pretty dumb.

The risk, after all, is far from theoretical. Last year it was reported that White House Chief of Staff John Kelly’s smartphone had been compromised.

Now, I wonder if the @realdonaldtrump account changed its Twitter password (as instructed) earlier this month and if Trump has enabled two-step verification to reduce the chances of his account being hijacked?

If he hasn’t, maybe he could ask his IT security experts to do it for him.

Tags: , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, ,

2 Responses

  1. Joe Gill

    May 22, 2018 at 4:59 pm #

    I thought an up-to-date Samsung Galaxy S7 or above with KNOX installed and configured was the safe bet in this day and age. .

  2. Matt

    May 29, 2018 at 1:38 pm #

    Oh, good. People are learning from past mistakes.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.