Donald Trump’s history of lax phone security is well-documented. Before the election, he spent ample time furiously typing away on an outdated Samsung Galaxy phone — one that had many unpatched security vulnerabilities. As president, new reports claim Trump ignores his staff’s concerns about his insecure smartphone use because it’s “too inconvenient” to comply with security procedures.
According to sources who spoke to Politico, Trump uses at least two iPhone devices provided by the White House IT staff. One phone is locked down to only place calls and cannot access the internet. These are basically treated as burner phones. The other has a Twitter app to support Trump’s famous tweeting habit, as well as a handful of news site bookmarks. Since this phone accesses Twitter and the internet, it must have internet access.
Long-standing policy in the White House has been for the president to swap out phones every 30 days. Aides to President Obama confirmed this was the way things ran during the last administration. Swapping phones every month makes it less likely someone will be able to discover the device ID for the president’s phone or sneak malware onto it. This also allows White House IT experts to inspect the phone in detail in case someone did manage to gain access to it.
Sources claim Trump has gone as long as five months without having the call-enabled phone swapped. This phone also has a microphone and camera (it’s an iPhone after all), but the super-secure enterprise devices from the Obama era didn’t have these hardware components. The White House disputes how often the call-enabled phone gets swapped, but officials did confirm the Twitter phone “does not necessitate regular change-out.” That seems fishy to say the least.
The White House cites improved security measures on the Twitter phone that prevent it from being a security risk. We often talk about mobile device exploits, and they’re usually merely theoretical or only become known after patches roll out. However, Trump is perhaps the highest-profile target on the planet for espionage. Zero-day exploits do exist for both Android and iOS. There’s nothing inherently secure about using Twitter, either. It’s entirely possible someone could be willing to spend generously to obtain a zero-day hack for iOS with the intention of using it to compromise the president’s phone. That could be a serious issue if no one is swapping this phone in order to scan it for suspicious activity.
New macOS Security Bug Unlocks App Store With Any Password
Apple's macOS High Sierra has a flaw in the latest version that allows admin users to bypass a locked app store by entering any password they like.
Researchers Found Another Major Security Flaw in Intel CPUs
Security researchers have found another flaw in Intel CPUs — this time related to Intel Active Management Technology. Once again, this flaw can be leveraged to take complete control of a system, regardless of any security measures the user might employ.
Lawmakers Urge AT&T to Cut Ties with Huawei, Citing National Security Concerns
It's been several years since the last dust-up, but US lawmakers and regulators are still sounding the alarm about any cooperation with Huawei.
Most Android Security Scares Are Bullshit
Many of the Android malware stories we see making the rounds end up amounting to nothing because of the way the platform operates these days. While Android malware is definitely out there, you usually don't need to panic.