As recently as yesterday, President Trump sent a tweet using his old, unsecured Android phone. This happened just three days after Congressman Ted Lieu and 14 other House Democrats sent a letter to the Oversight Committee demanding an investigation into this blatantly bad security practice. Everybody agrees that it’s really, really stupid.
But can the US Congress really force Trump to ditch the dangerous tweet machine? Unfortunately, no. Can the Secret Service make him stop? Nah. What about the FBI or the intelligence community or a really well-worded petition? Not a chance.
President Trump can keep using his vulnerable phone, which is reportedly an old Samsung Galaxy S3, until President Trump decides to do something different. Congressman Lieu told Gizmodo that his investigation would force certain officials to testify before Congress about the president’s security practices, and the committee could then publish a report that would “hopefully put pressure on the White House to change its ways.” Congress, however, cannot force the president’s hand.
“The President of the United States can choose for convenience issues to use an unsecured old smartphone, and when he does that, he’s putting America second and himself first,” Lieu said in an interview. “Is that criminal? No. It’s just stupid behaviour that affects our national security.”
The behaviour is actually stupid for a few reasons. At a very basic level, it raises the risk that hackers could take over Trump’s Twitter account and send potentially fake or frightening messages to its 25.4 million followers. Some argue that the president’s tweets already jeopardise US national security, but the idea that a foreign actor could use the account for malicious ends is certainly scarier.
The other dumb thing about Trump’s use of an insecure Android phone involves the president’s larger understanding of security. It’s possible that Trump simply doesn’t know how dangerous unsecured phones can be in the White House or anywhere else the president is discussing sensitive information. Using malware like the very scary Stagefright bug, hackers can take over an unsecured Android phone without the user even knowing and access features like the device’s camera or microphone. (The Stagefright vulnerability on the Samsung Galaxy S3 wasn’t patched right away, so it’s entirely possible that Trump’s phone could still vulnerable if he missed a software update.)
At this point, you might be remembering that photo of President Trump and Japanese Prime Minister Shinzō Abe at Mar-a-Lago. You know, the one where random staffers are pointing their smartphone cameras at potentially sensitive documents:
(The White House later denied that there was classified information on the table.)
It’s unclear if Trump truly understood how stupid this was from a security perspective. Then again, as president, Trump’s basically allowed to decide what kinds of security measures are appropriate at any given time. Cory Louie, the White House’s former chief information security officer, used to watch over the president’s cybersecurity concerns, but “left” his job a couple weeks ago. Without anyone to answer to, there’s nothing that security experts or the American people can do about Trump’s slapdash approach to sensitive information.
“The president is the original classification authority so he has enormous discretion about when and under what circumstances to do that,” Zach Goldman, the executive director of NYU’s Center on Law and Security, told Gizmodo. “If he decides he wants to read classified documents in the open, I don’t know what the intelligence community can do about that.”
Goldman went on to compare Trump’s refusal to use a secure phone to Trump’s refusal to release his tax returns. Obviously, President Trump is happy to buck protocol until somebody that he listens to tells him to stop. It’s unclear who might be able to talk him out of his dangerous Twitter habit.
Looking ahead, we all need to realize that this cybersecurity problem isn’t going away. The intelligence community agrees that Russian hackers broke into the DNC in an attempt to influence the election. Who’s to say Putin’s cyber army will stand down now?
“The fact that the President of the United States is not taking serious the Russian cyber attack on America means that it’s open season for Russian hackers right now,” Congressman Lieu said. “This is not a partisan issue—it’s a national security issue.”
Trump doesn’t have much experience with national security or computers. But the good news is that plenty of people in the government do. Let’s just hope they can talk the White House into being more careful.