Last week, just ahead of the inauguration, a nation’s fears were put to rest when it was reported that Donald Trump had given up the old, unsecured Android phone he used to accept unscreened phone calls and compose deranged tweets, and been issued a new mobile phone approved by the Secret Service. Only: This morning, the New York Times reported that Trump has not relinquished his old phone, despite having been issued a secure one. But what does this really mean, besides the fact that the president clearly doesn’t really care what the Secret Service wants?
The term secure has multiple meanings when it comes to the president’s phone. There is technical security and there is operational security, which are often but not always intertwined. The technical restrictions inform the operational restrictions.
Technical security should be pretty simple to understand, though, for obvious reasons, the detailed specs of the president’s Secret Service–approved phone are kept under wraps. That phone has a military-grade level of encryption that is much higher than that of the standard consumer device, making it more difficult to break into and extract data from.
The agency in charge of the president’s phone is the Defense Information Systems Agency, which is part of the Department of Defense. Let’s assume that whatever Trump has been issued is similar to the phone Obama was issued last June when he finally relinquished his dated BlackBerry for an Android phone. The phone is reportedly a Samsung Galaxy S4, the only phone that was supported by the DOD Mobility Classified Capability-Secret (DMCC-S) program. The DMCC-S fact sheet displays three Galaxy S4 models, branding removed.
When Obama described it to Jimmy Fallon, he noted a few drawbacks. The phone could not take pictures, presumably so the camera couldn’t be accessed remotely (and so that Obama wouldn’t be able to take pictures that might later be stolen).
The phone couldn’t send text messages (SMS messages are notoriously easy to intercept), only email, and couldn’t make regular phone calls, only VoIP (voice over internet protocol, like Skype). Presumably, this was so all of his communications could be routed through secure channels.
He also couldn’t load music onto it — because if you can load files onto the phone, you can load malware onto the phone. A user can’t download apps from the Google Play storefront onto a DMCC-S phone.
The point of all of this security, frustrating as it may be, is that it makes the president difficult to reach, and difficult to hack. It makes it almost impossible for him to conduct digital diplomacy through anything but the most official channels, even while on the go.
Trump, on the other hand, is using a phone with none of these protections. Texts he sends and calls he makes could easily be intercepted by a device called a Stingray, currently in use by law enforcement, that mimics a cell tower. A person given access to his phone, physically or remotely, could quickly and easily steal files or download malware. And if Trump is using the phone as often as the New York Times reports — that is, every night — there’s likely lots of information on it that prying eyes would like to see.
But what use to Trump is a phone that can’t send tweets and can’t receive calls? He’s not able to yell at straw men on Twitter, or receive the praise he thrives on, with a pared-down device, secure as it may be. Trump’s consumer-grade Android is too technically insecure for the Secret Service, but it’s also being wielded by an insecure man with a highly public Twitter account, and that’s what makes it truly dangerous.