President Donald J. Trump has continued to use his personal Android smartphone despite security concerns, The New York Times reported Wednesday.
Trump was concerned about losing access to his personal phone even prior to taking his oath of office, the Times reported last fall, citing unnamed aides who told reporters he worried about how isolated he could become in the White House without his phone to keep in touch with friends.
The president told a friend he had given up his phone as security officials urged him to do, the AP reported last week. It was unclear whether he would be using a heavily modified BlackBerry like the phone President Barack Obama carried, however.
Trump nevertheless has continued to use his personal Android to tweet, according to multiple reports.
If the president were to limit his personal phone use to tweeting — and it’s not clear whether he has — it still could pose a threat to national security.
“Even if he isn’t using the device for storing or sending classified information, having the device in the president’s presence still raises security concerns,” maintained Andrew Blaich, a security researcher at Lookout.
“We have discovered sophisticated spyware that when successfully deployed can remotely access the phone’s microphone and camera,” he said. “Think about the impact an attacker could have if they could access the POTUS phone’s microphone during key briefings throughout the day.”
Telemetry features, such as GPS tracking, also pose a risk.
“Tracking the physical movement and geographical location of a target is classified information for high-value targets,” said Israel Barak, CISO of Cybereason.
“It’s also valuable information for an adversary. Using a commercial off-the-shelf smartphone by a high-value target like the U.S. president is an unacceptable risk,” he explained.
“When it comes to a corporate executive, balancing risk with functionality might lean towards using a commercial device,” Barak said, “but when it comes to a high-value national target, where the threat actors are sophisticated military-grade adversaries, that’s a risk that can’t be balanced in favor of a commercial phone.”
Safety vs. Convenience
Obama’s BlackBerry mobile phone was specially modified to be extra secure, even though BlackBerry devices, in general, are considered more secure than other phones.
That’s because BlackBerry isn’t just a phone. It’s also a network. Traffic from the phone is encrypted and sent to BlackBerry servers operated by the enterprises or government agencies. The traffic also is encrypted when it goes from the server to the Internet.
The tradeoff for all that security, though, is performance.
“The reason that BlackBerry isn’t as popular as it used to be is all that encryption slows things down,” explained Slawek Ligier, vice president of engineering for security at Barracuda Networks.
“Using a browser on a BlackBerry device has always been painfully slow,” he said.
The good news for the president, though, is that text-only tasks, such as tweeting, don’t take much of a performance hit.
Resistant to Change
When it comes to their phones, many consumers resist change, and it appears presidents aren’t any different.
“Where Trump is concerned, usually the most banal explanation is the correct one — he’s used to it, it seems convenient, and he’s stubbornly digging in his heels against the advisors explaining it’s a bad idea,” said Julian Sanchez, a senior fellow at the Cato Institute.
“He’s also clearly not terribly technically sophisticated, and so probably doesn’t grasp how risky it is,” he said.
If the president insists on using an insecure phone, can anyone stop him from doing so?
“Federal laws and regulations prohibit the communications of classified information,” observed Michael Harris, chief marketing officer for Guidance Software.
“Even the president of the U.S. is required to comply,” he said, “but enforcing laws on the president is in the hands of the U.S. Congress.”