Donald Trump’s history of lax phone security is well-documented. Before the election, he spent ample time furiously typing away on an outdated Samsung Galaxy phone — one that had many unpatched security vulnerabilities. As president, new reports claim Trump ignores his staff’s concerns about his insecure smartphone use because it’s “too inconvenient” to comply with security procedures.
According to sources who spoke to Politico, Trump uses at least two iPhone devices provided by the White House IT staff. One phone is locked down to only place calls and cannot access the internet. These are basically treated as burner phones. The other has a Twitter app to support Trump’s famous tweeting habit, as well as a handful of news site bookmarks. Since this phone accesses Twitter and the internet, it must have internet access.
Long-standing policy in the White House has been for the president to swap out phones every 30 days. Aides to President Obama confirmed this was the way things ran during the last administration. Swapping phones every month makes it less likely someone will be able to discover the device ID for the president’s phone or sneak malware onto it. This also allows White House IT experts to inspect the phone in detail in case someone did manage to gain access to it.
Sources claim Trump has gone as long as five months without having the call-enabled phone swapped. This phone also has a microphone and camera (it’s an iPhone after all), but the super-secure enterprise devices from the Obama era didn’t have these hardware components. The White House disputes how often the call-enabled phone gets swapped, but officials did confirm the Twitter phone “does not necessitate regular change-out.” That seems fishy to say the least.
The White House cites improved security measures on the Twitter phone that prevent it from being a security risk. We often talk about mobile device exploits, and they’re usually merely theoretical or only become known after patches roll out. However, Trump is perhaps the highest-profile target on the planet for espionage. Zero-day exploits do exist for both Android and iOS. There’s nothing inherently secure about using Twitter, either. It’s entirely possible someone could be willing to spend generously to obtain a zero-day hack for iOS with the intention of using it to compromise the president’s phone. That could be a serious issue if no one is swapping this phone in order to scan it for suspicious activity.
Now read: 20 Tips to Stay Anonymous and Protect Your Online Privacy
