Donald Trump Seems to Still Be Using His Unsecured Android Phone
That's bad news for the nation's security.
President Donald Trump appears to still be using his personal smartphone. Even though Trump reportedly turned over the device after his swearing in, the New York Times reported today that he has been carrying his old “unsecured Android phone” around the White House, “to the protests of some of his aides.”
Throughout his brief presidential tenure, Trump has continued to tweet from both his personal Twitter account and the official @POTUS account. As was the case before his inauguration, tweets appear split between an iPhone and an Android smartphone, which likely delineates between Trump’s aides tweeting and Trump tweeting himself. Tweets from his personal account continue to come from an Android phone, suggesting that he may be tweeting from a non-secure device.
Smartphone blog Android Central has done some sleuthing on photos of Trump on his smartphone, and has determined that he likely owns a Samsung Galaxy S3, first released in 2012. “It’s safe to say it’s a good three years out of step with the latest Android security updates,” Android Central’s Alex Dobie said.
A US president hanging on to their run-of-the-mill smartphone is a matter of national security. Trump’s off-the-cuff tweets about companies and current events can move markets. If anyone were to hack or phish their way into his Twitter account, it’s entirely possible they could send markets into a tailspin before the White House was able to regain control.
On top of that, consumer-grade devices just aren’t that secure. There’s a reason the government builds specific, hardened devices for the president and other high-ranking officials—they are then able to control and monitor exactly what information comes into and leaves the devices. Consumer phones, with their multiple cameras and microphones, are relatively easy to hack or turn into devices that can spy on their owners. Just imagine what would happen if Trump’s insecure Samsung smartphone was on the table during a joint chiefs of staff meeting about the country’s security.
It seems relatively unlikely that Trump would be able to tweet from his new government-issued phone. Details on that phone are scarce—Barack Obama had a heavily modified Samsung Galaxy S4—but even an Android device probably wouldn’t have Twitter downloaded. According to a fact sheet released by the Defense Information Systems Agency (DISA), which provides logistical support and manpower to the White House Military Office, Obama’s super-secure device could only make calls, open emails and attachments, and browse the web; it doesn’t appear to have access to an app store. Theoretically, Trump could use a secure browser to tweet from Twitter’s mobile website, but his tweets suggests he’s using Twitter’s Android app directly.
The president’s government-issued devices fall under the purview of the White House Military Office, a representative for DISA told Quartz. The White House itself did not immediately respond to queries, and DISA referred Quartz to a comments line that is closed. The National Security Agency, which is tasked with maintaining the integrity of US communications systems, also wasn’t immediately available to comment on whether it had been consulted on the security of Trump’s smartphones.
It’s also not clear whether Trump is using additional security layers that are available to the general public. Twitter, for instance, offers what’s called two-factor authentication, which backstops regular logins through a texted security code or authentication service like Google Authenticator. These programs help prevent people that have been phished from losing access to their account.
Likewise compromising would be the association of any personal email address with Trump’s Twitter account. From what Trump said on the campaign trail, he’s generally not a fan of public officials using private email accounts while in office, so hopefully that’s been updated.