The mobile device habits of President Donald J. Trump have been an ongoing source of agitation for many—and not just because of his frequent blasts on Twitter. Getting Trump to adapt his device use to the potential security threats faced by a head of state has proven to be a challenge for the White House Communications Agency (WHCA) and the White House’s information technology team.
According to a report by Politico’s Eliana Johnson, Emily Stephenson, and Daniel Lippman, Trump has resisted all efforts to get him to use a secured mobile device, instead relying on a pair of off-the-shelf cell phones—one for Twitter only and the other for placing calls. And while the phones used for calls are treated to a degree as “burner phones”—with devices being swapped out regularly—Trump has pushed back on regular security checks and swap-outs of his Twitter phone, calling them “too inconvenient.” Two White House officials told Politico that Trump has gone as long as five months without having his Twitter device checked by IT or WHCA staff.
Because of the sensitivity of White House communications and their connection to national security, the WHCA is a military unit that falls under the Defense Information Systems Agency. DISA and the National Security Agency have worked together to develop secure mobile devices for national leadership; during the Obama administration, DISA launched the DOD Mobility Classified Capability-Secret (DMCC-S) program and an accompanying voice-only Top Secret device program (DMCC-TS). The Top Secret device is still in development, but former Secretary of State John Kerry was an early user of the DMCC-S device—a hardened Samsung Galaxy S4 device based on Samsung’s Knox security architecture.
Obama eventually moved to another hardened Android device adopted by the DMCC program. While the Galaxy S4 was released for wider use, Defense One’s Patrick Tucker reported that Obama received a Boeing Black device—one with heavily restricted functionality.
A tale of two iPhones
But Trump wanted to be able to tweet and call people at will—neither of which is a feature of either DMCC-S device. So initially, he stuck to using his personal phone. While he was photographed right after his inauguration aboard Air Force One using an iPhone 5, he also continued to use Twitter from a personal Android phone—by some reports, a Samsung Galaxy III.
As Ars reported last year, he eventually was convinced to use an iPhone locked down for use with Twitter only. But he continued to resist using a secure phone for calls, because that would have meant routing those calls through the WHCA switchboard, and reportedly continued to place calls from his own Android phone from the White House residence after hours.
The current security regimen, if you can call it that, was a compromise, sort of—the WHCA and IT staff have been allowed to check the phones Trump uses for calls with some regularity for signs of malware. They have not had their cameras disabled. However, they likely have policies configured on them to prevent the installation of applications and use of other phone features and have up-to-date software. One Politico source said that the device, like the Twitter phone, is an Apple iPhone—so the devices Trump is given likely have been restricted using Apple’s Configurator application.
While these steps would likely prevent malware from being introduced into Trump’s phones, this isn’t necessarily the most secure option, given that there are other ways to attack mobile devices. Even if Trump regularly cycles through phones used for calls, that would not prevent interception of his calls by using gear that “spoofs” cell towers—convincing the phone that it’s the closest, best cellular connection to pair with (much like how the devices used by law enforcement and intelligence organizations, frequently referred to as “stingrays,” work).
And there are other network risks associated with allowing a broadband data connection from within the White House, particularly if an attacker can leverage the mechanisms usually used by carriers to push software and firmware updates out to mobile devices. A smartphone’s baseband processor—the hardware that sits between the smartphone’s processor and the cellular network—runs on its own operating system and could be used as a back-door into the device. This is what developers of Replicant, the fully open source/free version of Android, found Samsung had done on Galaxy phones.
As president, Trump has the authority to dictate how he communicates. And finding a balance between security and convenience remains a tricky dance even for executives with a much less daunting threat model. But given the amount of grief the Trump campaign gave former Secretary of State Hillary Clinton over her email use, the risks Trump is willing to run just to have unimpeded access to his Twitter and his contacts outside government seem a bit beyond what would be prudent.