President Donald Trump loves to use the bully pulpit.
His favourite megaphone is Twitter, often sending tweets from an “old, unsecured Android phone,” especially while watching TV at night, according to the New York Times’ Maggie Haberman.
Trump’s aides have tried to take the phone from him, but they have been unsuccessful. Trump sent tweets from Android as recently as Friday.
Photographic evidence suggests his phone is a Samsung Galaxy S3, which was first launched in 2012 and last received an Android security update in 2015.
Experts believe that Trump’s phone is a security threat — he could be phished or hacked, experts say. It’s even conceivable that someone could hack the device and turn it into a “room bug” listening in on the West Wing or the Oval Office.
It’s understandable that Trump may not want the ultra-secure phone that President Barack Obama received, which was only able to communicate with pre-approved people. “This is a great phone, state of the art, but it doesn’t take pictures, you can’t text, the phone doesn’t work, you can’t play your music on it,” Obama said last year.
But that doesn’t mean the President needs to carry around a security risk.
There’s actually a middle ground, and while the Secret Service might not love this proposal — iPhones are still commercial devices — it would make Trump much more secure in “the cyber,” as he once put it.
Trump should get an iPhone.
It is not a debate among security professionals; Apple’s mobile operating system, iOS, is much more secure than Android.
Since Apple controls what software runs on iOS, there is generally much less malicious code that is able to infiltrate the device.
Apple also makes lots of decisions that may seem harsh, but are smart from a security perspective. For example, all iOS apps — like Twitter — are forced to use App Transport Security, meaning that their traffic is encrypted.
Apple’s iPhone also gained the ire of the FBI in 2016 when the bureau discovered it couldn’t extract data from a dead terrorist’s iPhone without outside help, because of the way iPhones handle full-disk encryption. And the company that is suspected of provided that outside help, Cellebrite, can’t hack recent iPhones, it was discovered in a recent data dump.
Most importantly, iPhones get security updates that patch critical flaws on a regular basis. If Trump was using an iPhone as old as his purported Galaxy S3, it could run Apple’s latest operating system, iOS 10, with all the most up-to-date bug fixes.
But an iPhone wouldn’t mean Trump would be unhackable. It’s still conceivable that a foreign state could use a “cyberweapon” that takes advantage of undiscovered flaws in Apple’s code. This kind of cyberweapon, the first of its kind to be seen targeting iOS, was discovered last year.
But Apple fixed those bugs as soon as it learned about them. Not only do similar bugs exist for Trump’s Android, but there’s no way to fix them, ever, because the Galaxy S3 is no longer receiving updates.
Trump may have some loyalty to Samsung. He tweeted earlier this week — from an iPhone, possibly an aide’s — that he encouraged a report that suggested Samsung might bring some manufacturing in the United States. And a Samsung subsidiary paid him $150,000 to give a speech in 2015, according to FEC filings. (Samsung did not respond to a request for comment.)
Trump is also from an older generation that’s not as good with computers, so perhaps he wants to stick with the technology he’s most comfortable with.
But Trump’s preference for his old phone should not mean that foreign adversaries should have such a attractive vulnerability to target.
Trump’s aides can’t get him to stop tweeting, but at the very least they can make sure he uses a more secure smartphone. An iPhone 7 starts at $650, a bargain for a bit of extra national security.
This is an opinion column. The thoughts expressed are those of the author.