The letter, which was sent Wednesday by Rep. Ted Lieu (D-California) and Rep. Ruben Gallego (D-Arizona), comes after recent media reports that Donald Trump is making "increased use" of his personal phone.
Last year, Trump reportedly had an iPhone with just one app on it: Twitter.
"While cybersecurity is a universal concern, the President of the United States stands alone as the single-most valuable intelligence target on the planet," the congressmen write.
The letter goes onto ask a number of questions of the White House Communications Agency, the entity responsible for the president’s infosec needs.
How frequently does the WHCA update the President’s phone’s operating system?
Does the President use encryption when he makes phone calls or texts from his personal cell phone?
How has WHCA adapted to the growing threat of "Stingray" devices, or IMSI catchers, in Washington D.C., especially given the President’s alleged proclivity for making outgoing voice calls on his personal cell phone?
Related Stories
Researchers at ETH Zurich and Technische Universität Berlin have described a flaw in the 3G, 4G, and 5G communications which keeps mobile phone communications vulnerable to international mobile subscriber identity-catcher (IMSI-catcher) attacks. Specifically, the Authentication and Key Agreement (AKA) protocol accidentally (?) allows for a new privacy attack against all variants of the protocol, including more detailed location disclosure.
The standards body in charge of 5G—the 3rd Generation Partnership Project, or 3GPP—has improved AKA to mitigate those well-known privacy issues. However, the researchers say, they have been able to find a new vulnerability that affects all versions of the AKA, including in the upcoming 5G standard. And what's more, the researchers say that this new attack "breaches subscribers' privacy more severely than known location privacy attacks do."
The newly discovered vulnerability allows an attacker who can intercept mobile traffic in the area (meaning anyone with a software-defined radio costing around $500) to monitor individual subscriber activity, such as the number of outgoing calls or SMSs sent in a given amount of time (but not the metadata or contents of the messages.) On top of that, the technique can tell an attacker how many calls or text messages an individual victim sent even if the victim is not near the attacker when the calls or texts are sent. Instead, after the first time the victims enters the attack area and subsequently leaves the area, even past call and text activity would become vulnerable as soon as the victim and their device re-enters the attack area.
[...] It's important to keep in mind here that, for cases of lawful intervention from law enforcement agencies, there are better ways than this attack technique to get location information, such as getting a warrant and getting the information directly from the phone companies. People working outside the legal system, such as spies and criminals, cannot get warrants and cannot typically work directly with the phone companies. Law enforcement does not need the location-finding capabilities of an IMSI catcher unless they are trying to circumvent the legal system.
Earlier on SN:
If 5G Is So Important, Why Isn't It Secure? (2019)
Sen. Wyden Confirms Cell-Site Simulators Disrupt Emergency Calls (2018)
Trump's Cell Phone Use is Security "Nightmare" Waiting to Happen, Lawmakers Say (2018)
New York District Court Throws Out DEA Stingray Evidence (2016)
(Score: 3, Funny) by PartTimeZombie on Thursday April 26 2018, @09:23PM (10 children)
Like many really old people Mr. Trump will have no clue about any of this, and I am sure never listens to advice.
(Score: 3, Touché) by black6host on Thursday April 26 2018, @09:38PM (1 child)
Careful there! He's not old enough to be my father! Us "really old" people have contributed quite a bit to today's tech. And the really, really old, like dead old, were there before us... Now, my mother on the other hand... You can say that about her, heh!
(Score: 2) by PartTimeZombie on Thursday April 26 2018, @10:07PM
To be fair he's only just old enough to be my father, but seriously, electing people over 70 to run your country is a mistake.
Did you forget Mr. Reagan's second term?
On the other hand when I see that nice young Mr. Trudeau on TV I do wonder if his Mother knows he's out late.
(Score: 5, Funny) by Snow on Thursday April 26 2018, @09:43PM (5 children)
I'm sure Jared is doing a fantastic job looking after the President's cyber.
(Score: 2) by JoeMerchant on Thursday April 26 2018, @10:23PM (2 children)
Well, with some Presidents (W and O both) I think there would be extremely high value in knowing what they say before it is released to public knowledge. With Trump.....?
🌻🌻 [google.com]
(Score: 3, Insightful) by driverless on Friday April 27 2018, @12:00AM (1 child)
Trump blabs everything to the media, Twitter, Putin, random strangers, there's no need to backdoor his phone, you just ask whoever talked to him last for whatever state secrets you're interested in.
(Score: 2) by JoeMerchant on Friday April 27 2018, @04:24AM
Just after he started, I watched him on international news in an interview telling about how he sent missiles into Iraq (it was actually Syria...) but that wasn't the important part apparently, he spent much more effort on describing the wonderful chocolate cake he just had...
🌻🌻 [google.com]
(Score: 2) by NewNic on Thursday April 26 2018, @10:37PM (1 child)
I thought that was Barron's job. Doesn't he understand the cyber?
lib·er·tar·i·an·ism ˌlibərˈterēənizəm/ noun: Magical thinking that useful idiots mistake for serious political theory
(Score: 0) by Anonymous Coward on Thursday April 26 2018, @11:24PM
Barron may not have gotten the best genes.
(Score: 2, Insightful) by Anonymous Coward on Friday April 27 2018, @03:12AM
Fixed it for you.
(Score: 2) by DannyB on Friday April 27 2018, @06:52PM
Mr. Trump understand perfectly well why he has increasing use of an insecure cellphone.
Use of an insecure computer with a standard size mouse is too big for his tiny hands.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 5, Insightful) by black6host on Thursday April 26 2018, @09:36PM (6 children)
Well, for this president, I have to question why the concern? He's going to tell everyone everything on Twitter anyway...
(Score: 2) by MostCynical on Thursday April 26 2018, @09:44PM (3 children)
Information wants to be free
Dis-information also wants to be free
At best, there is a non-zero chance *someone* could interefere with Mr Trump's tweets. Does this give anyone plausible deniability for any of the tweets?
If he is arranging his own hookers and blow on his own phone, then gets caught, he'll just likely say "so?" and there will be no chance of blackmail... teflon has nothing on Donald.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by All Your Lawn Are Belong To Us on Thursday April 26 2018, @09:59PM (1 child)
Hmm.... Not sure how ironic you're trying to be. But I don't care quite as much about hookers and blow as I am that some career field agent or person who believes they're doing good by feeding information suddenly getting a bullet in the brain because the voice call made about it wasn't secure [cbsnews.com] and they intentionally didn't follow the rules for communications.
This sig for rent.
(Score: 3, Informative) by MostCynical on Thursday April 26 2018, @10:14PM
Hey, when they do it deliberately [nbcnews.com], they show they really don't care about anyone but themselves..
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by JoeMerchant on Thursday April 26 2018, @10:28PM
The Kennedy era had their share of hookers and blow (1960s style) in the White House, they were just much more skilled in the refinement of their public image.
🌻🌻 [google.com]
(Score: 4, Insightful) by frojack on Friday April 27 2018, @03:49AM
And why not?
He works for us, right, and his methods are working for him! The tweeting, while cringe-worthy at times, is an ingenuous back channel to the world, friends and foe alike.
If he gets caught on a stingray, who's fault is that?
The government is the only ones who can buy those things, they've gone out of their way to prevent knowledge of this, even dismissing court case to keep them secret.
So more proof that government can't be trusted with stingrays, and stingrays present just as large a risk to government as to private citizens. If the government can't control stingrays, they then need to get them off the market, and round up every one of them.
He's probably perfectly aware that people are listening, and speaks accordingly.
No, you are mistaken. I've always had this sig.
(Score: 1) by nitehawk214 on Friday April 27 2018, @06:33PM
Easy. Hack his phone, put up a tweet threatening to wipe out some industry, make a fortune on stock trades.
Even if they figure it out within an hour, the money will be made.
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh
(Score: 0) by Anonymous Coward on Thursday April 26 2018, @09:50PM (1 child)
Why should this fool be any different? Just being president does make you shit. Ask Carter. Ask Bush (43).
(Score: 2) by c0lo on Thursday April 26 2018, @10:29PM
If for a nobody to be stupid is inconsequential for many others, having a stupid pot-us is potentially detrimental for the entire world. 2xBush spring into mind.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Thursday April 26 2018, @10:02PM (5 children)
He should get his own personal server to go with it.
(Score: 2) by bob_super on Thursday April 26 2018, @10:22PM (4 children)
A personal computing device on which an elected official is non-securely storing government communication... at least Hillary wasn't walking around with her email server.
(Score: 2) by JoeMerchant on Thursday April 26 2018, @10:25PM (1 child)
The whole Hillary thing was a joke and a half, but... she didn't have full Secret Service security detail. I'm betting that somebody physically close to the President is personally charged with the responsibility to physically secure his Twitter tweeter, destroying it if necessary.
🌻🌻 [google.com]
(Score: 2, Funny) by Sulla on Thursday April 26 2018, @10:27PM
Hopefully he has his cloth handy
Ceterum censeo Sinae esse delendam
(Score: 0) by Anonymous Coward on Friday April 27 2018, @06:34PM (1 child)
what the goddamn fuck are you talking about? do you know the difference between a client and server? if so, you would understand the differences from this security perspective. maybe you're just a liar?
(Score: 2) by bob_super on Friday April 27 2018, @06:49PM
Go ahead and tell me the legal difference between a device which stores e-mails and a device which stores e-mails.
(Score: 1) by Sulla on Thursday April 26 2018, @10:21PM (2 children)
Once upon a time presidents were able to put their faith in the superior tech offered by Blackberry. Many such cases!
https://www.popularmechanics.com/technology/gadgets/news/a24847/trump-new-secure-phone/ [popularmechanics.com]
Can't argue that the last couple years of President Obama's second term were not rife with government leaks. Apple hoards the data for themselves to undermine all that is great and good with America, Samsung passes data on to its Korean overlords who pass it on to their Chinese overlords.
What the president should be using is a trusted and secure phone developed by people from America's hat. A hat cannot betray you.
Ceterum censeo Sinae esse delendam
(Score: 5, Touché) by bob_super on Thursday April 26 2018, @10:28PM
> its Korean overlords who pass it on to their Chinese overlords.
You suck at geopolitics.
(Score: 0) by Anonymous Coward on Friday April 27 2018, @02:06PM
Did any of the leaks come from Obama's phone?
Anyway, leaks are a part of politics and many of them are deliberate.
(Score: 2, Informative) by Anonymous Coward on Thursday April 26 2018, @11:24PM
Rep. Ted Lieu (D-California) and Rep. Ruben Gallego (D-Arizona) seem to be focused on the security of the electronics the President is using. I'm much more terrified of the person using the electronics. Basically, the real problem is what is known as an insider threat. The only way to really deal with that is by denying the President access to classified information. If they are serious about this then they need to move on getting the President impeached and removed from office.
(Score: 1, Interesting) by Anonymous Coward on Thursday April 26 2018, @11:39PM (7 children)
Democrats in the US House of Representatives, as these two are, hired a spy from Pakistan to run their IT. All sorts of sensitive info got sent off to Pakistan. Democrats have even been making the investigation difficult, because they care about keeping a good image more than they care about national security.
(Score: 5, Informative) by Anonymous Coward on Friday April 27 2018, @03:24AM (4 children)
Slick Willie had a sex scandal and the Republicans lost their minds screaming about it. Fuckface von Clownstick has a sex scandal (or, by the looks of it, multiple sex scandals) and the Republicans and all their conservatard followers call it "fake news."
The Democrats learned how to be hypocrites from watching the best. Nobody can beat a conservatard at being a hypocrite.
(Score: 0) by Anonymous Coward on Friday April 27 2018, @04:05AM
Welcome to the two party system.
(Score: 0) by Anonymous Coward on Friday April 27 2018, @03:01PM (1 child)
lol
(Score: 3, Funny) by realDonaldTrump on Friday April 27 2018, @05:03PM
What’s funny about the name Fuckface von Clownstick? It was not coined by Anonymous Coward, he stole it from a moron on Twitter.
(Score: 2) by realDonaldTrump on Friday April 27 2018, @05:21PM
Amazing how the haters & losers keep tweeting the name "F**kface Von Clownstick" like they are so original & like no one else is doing it...
(Score: 0) by Anonymous Coward on Friday April 27 2018, @04:16AM (1 child)
I'm sure there are spies from dozens of countries infesting the US Federal Gov't and political parties. One just happened to get caught. Even Israel was caught spying on us.
(Score: -1, Troll) by Anonymous Coward on Friday April 27 2018, @06:01AM
One ought to hire an American who has a security clearance.
Hiring a citizen of Pakistan who lives part of the time in Pakistan is insane. That is asking to be spied on. If it hadn't been the government of Pakistan, it would have been one of their many terrorist groups.
Of course, the democrats have to have the "diversity" of an exotic person from an exotic land. Those 3rd-world people are cheap too, and even cheaper when also getting pay from their own nation's spy agency.
(Score: 0) by Anonymous Coward on Friday April 27 2018, @10:42AM
... the article is about the WHCA.
I thought it was going to be about Trump crossing the road while txting with one hand and trying to eat a yoghurt with the other.
(Score: 0) by Anonymous Coward on Friday April 27 2018, @06:39PM
i sure hope there are protocols in place for IT in the highest office in the land and shit like the hillary email server is not the norm/tolerated. if not, these stupid fucks aren't fit to run a wii.