The security of President Trump's Android smartphone

If true, this isn’t good.

Security of President Trump's Android phone

The New York Times reports that US President Donald Trump is still using an old, poorly-secured Android smartphone:

Mr. Trump’s wife, Melania, went back to New York on Sunday night with their 10-year-old son, Barron, and so Mr. Trump has the television — and his old, unsecured Android phone, to the protests of some of his aides — to keep him company.

The guys at Android Central did a little investigative work, taking a close look at pictures of the US president holding his treasured Android phone, and came to a disturbing conclusion:

Trump's personal Android phone is more than likely a Samsung Galaxy S3, released in 2012, and which last received a software update in mid-2015, with firmware based on Android 4.3 Jelly Bean.

If that's true, it's not good at all.

If you don't keep your smartphone up-to-date with the latest patches you run the risk of having it infected by malware. And boy, there have been some major Android security scares in recent years.

Donald TrumpWho would want to infect Donald Trump's smartphone with some spyware? Well, aside from intelligence agencies the world over, I think you could probably include in your count just about every hacker on the planet who has anything more than a modest ego.

Even if you weren't interested in gathering intelligence by hijacking the microphone of a device that the world's most powerful man is carrying in his jacket pocket, you may be sorely tempted to target the US president just "for the lulz".

And even if a determined hacker wasn't able to infect Donald Trump's old Android phone, they could still cause plenty of chaos if they merely succeeded in compromising his Twitter account.

By the way, I'm pretty sure that Samsung's Android smartphones are manufactured in South Korea, Vietnam and China. Just saying...

Tags: , , ,

Smashing Security audio podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , ,

17 Responses

  1. cron

    January 27, 2017 at 2:29 am #

    No offense but that's just a honeypot ;)

    • Graham Cluley in reply to cron.

      January 27, 2017 at 11:35 am #

      Now that would be cool.

  2. Chris

    January 27, 2017 at 10:22 am #

    Nearly every single smartphone is made in China, Korea, or Vietnam, including Apple devices, so that's a pretty disingenuous statement to make.

    That said, an *S3* In 2017 is inexcusable. It's not like he can't afford to upgrade. I mean, my Mother in Law still rocks an (presumably malware riddled) S2 but she's not in charge of much beyond my Father in Law, and I'm pretty sure has limited access to nukes. Good grief.

    • Graham Cluley in reply to Chris.

      January 27, 2017 at 11:28 am #

      Yes, most electronic gadgets are manufactured in that part of the world.

      I mentioned it as a passing thought as I know the president has urged Apple to make the iPhone in the United States. Even if he can't yet buy a US-manufactured smartphone, you would imagine he would like the idea of using a smartphone whose company was headquartered in the USA rather than South Korea.

  3. Ynak

    January 27, 2017 at 10:25 am #

    Your newsletter is truly a wonderful resource. Can you please keep the political, or the nowadays so popular anti-Trump slant out of it. We're inundated with it here (in the US) and it takes away from the relevance of your newsletter. Moreover, I have serious doubts about the veracity of this report, as the NSA simply will not allow the POTUS to continue use of a regular smartphone.

    • Graham Cluley in reply to Ynak.

      January 27, 2017 at 11:23 am #

      Hi Ynak. Thanks for your kind comments, and taking the time to offer some feedback. I really appreciate it.

      Let me assure you that if Barack Obama or Hillary Clinton had been reported to be using an out-of-date Android smartphone, I would just have readily been using their poor example as a way to spread the word to all users the importance of keeping their mobile devices secured.

      Indeed, I think I've been fairly critical of the wisdom of Clinton setting up her own email server in the past.

      I understand that many people might be feeling somewhat fatigued by the endless headlines about Trump in the media, but the Russian hack of DNC's email systems, WikiLeaks leaking private email archives into the public domain, intelligence agency's covert surveillance of internet communications, and many other stories have made computer security and hacking front page mainstream news.

      It would be peculiar to avoid talking about these stories just because there are political figures involved. My view is that we should shine a light on poor security practices, and learn from mistakes made people in positions of power and influence, whatever side of the political spectrum they might sit.

      But, hey. That's just my view. What do other people think?

      • Chris in reply to Graham Cluley.

        January 27, 2017 at 11:56 am #

        I think it's pretty balanced around here. I also get the feeling that Americans on both sides of the debate around Trump are getting pretty tired of the headlines – I know I am, and I live in the actual free world. Regarding the 'populism' of being anti-Trump, Trump supporters seem to refuse to believe that this is because he is regarded by a significant number of Americans and around the wider world as an incompetent, arrogant bully with almost no apparent redeeming features.

        Back to the topic in hand, yes I'd love to believe the NSA would take things in hand. I seem to recall all those years ago that Obama insisted on still using his own smartphone and was handed a somewhat locked down Blackberry – which was pretty good security for its day (well, relative to an S3 anyway). It seems hard to believe that Trump is logging into Twitter in the early hours of the morning on a five year old smartphone, but there's so much about him that is unbelievable. And not in a good way, either.

    • Bob in reply to Ynak.

      January 28, 2017 at 4:17 pm #

      Ynak – "the NSA simply will not allow the POTUS to continue use of a regular smartphone." Do you honestly believe that?

      Trump is fully entitled, if he so pleases, to ignore the NSA. He is the man in charge and can make whatever decision he wishes, however unwise.

      I didn't detect an anti-Trump slant; just an observation of fact: he wants to support US manufacturing yet doesn't use a US-based firm. Android is also notoriously insecure.

      As a peripheral issue, Google are advising their staff (green card holders) not to leave the country because they're potentially likely to be refused re-admission under the new extreme-vetting rules implemented by Executive Order. It's going to have a major impact of the US technology industry.

  4. Simon

    January 27, 2017 at 10:50 am #

    For this alone he should be impeached.

    I still can't fathom how this man is the leader of the free world – inconceivable 10 years ago, but I digress.

    • Graham Cluley in reply to Simon.

      January 27, 2017 at 11:34 am #

      That "leader of the free world" phrase always gives me a wry smile. As though it would be automatically conferred on whoever was in charge of the USA.

      And remember we're talking about a country which has a baseball competition called the "World Series" which – as far as I know – only includes teams from the United States and Canada. :)

      Some have argued that Angela Merkel might be a more appropriate "leader of the free world". https://www.theguardian.com/commentisfree/2016/nov/11/populists-us

    • Thomas D Dial in reply to Simon.

      January 27, 2017 at 8:38 pm #

      "… impeached." Rubbish unless you can explain why use of a relatively insecure device for personal communications is an instance of "Treason, Bribery, other high Crimes and Misdemeanors" as prescribed in Article II of the constitution.

      Use of such a device is unwise, but unwise actions normally do not bring forth calls for impeachment.

  5. Joe Infor

    January 27, 2017 at 1:58 pm #

    No android phone OS updates work. They are designed to be left unsecure. The is a large lawsuit happening due to this. Why designed to not let users make their phones secure? Open your eyes.

  6. mus

    January 27, 2017 at 2:28 pm #

    I still proudly rock an s3 running cyanogenmod (hopefully lineage os soon), allowing me to run the latest version of android.
    I'm sure that trump is doing something similar right? After all this is the age of computer.

    • Chris in reply to mus.

      January 27, 2017 at 3:26 pm #

      Technically according to Trump it's the age of 'the cyber'.

      Cyanogenmod is OK if you must run a phone from the late Jurassic, but no OTA updates means you're either frequently out of date or have to reload your ROM every few weeks.

  7. Matt

    January 27, 2017 at 3:22 pm #

    This contradicts other reports : http://www.theverge.com/2017/1/20/14334192/donald-trump-phone-android-security-president .I'm not sure if the NYT is the best source of information when it comes to Trump considering the visible animosity they often seem to have for each other.

  8. Anon

    January 27, 2017 at 8:39 pm #

    Samsung S3 got updated to 4.4.4, at least mine did. It was 4.3 when I bought it.

  9. Elian

    February 17, 2017 at 8:03 am #

    President Trump is the most HONEST president we've ever had! FINALLY. Yeah. Yes. Thank you Jesus. Someone in politics who speaks truth. No wonder so many lying scumbags and low lifes can't handle his presidency. They hate TRUTH.

Leave a Reply