Amid what would seemingly be considered a puff piece by the New York Times about how Trump is enjoying the White House, a side note has alarmed tech researchers, security experts, and national security employees alike: Trump still owns, and regularly uses, an unsecured Android phone. While the President is still a private citizen, and can legally use any phone he wishes, an unsecured Android is an enormous security risk, and likely a disaster waiting to happen.
Security experts have been taking Google and Android device manufacturers in general to task for years over security problems. Obama, in complying with national security directives, spent eight years with a phone that couldn’t even send a text. The Android operating system can be modified, outside of certain files, any way the user wishes. That creates a problem with security updates, as each manufacturer has to tailor each security update to each device’s slightly different software. Even somebody using a stock Android phone from a trusted manufacturer has a nearly 90% chance of being vulnerable to one of 11 serious security vulnerabilities according to a recent University of Cambridge study.
Android is so insecure, a vulnerability found in 2015 revealed that 80% could be compromised with a simple text you don’t even bother to look at. Even the simple act of connecting to a poorly secured WiFi point could compromise your phone. And all this assume the software hasn’t been breached at the level of the manufacturer. For all we know, Trump is using one of the three million phones hackers embedded with “rootkit” software that lets them remotely take over the phone.
Another issue is the legal netherworld Trump may be floating in. Many apps will collect various forms of data and deliver it to the developer for various purposes. To use Twitter on your phone, you need to agree to let it track your location, modify your phone’s storage, and collect data on your app usage. If Trump visits a top secret facility, phone in tow, he could be broadcasting its location to the entire world. If Trump downloads the selfie app Meitu, he might have just sent everything on it to China.
This mixture of breaches and easy access almost certainly means Trump’s phone, if it’s not compromised already, soon will be by foreign intelligence services. The FBI has the capability to flip on your phone and listen at a moment’s notice, and it’d be foolish to assume other governments don’t have the same tools. If Trump connects to any government services through his phone, he may be transmitting that data accidentally as well.
An unsecured Android phone in the White House is an enormous security risk, no matter who owns one. Hopefully, its time in the Oval Office will be short.