Hacker News new | comments | ask | show | jobs | submit login
[flagged] Trump’s cell phone use is security “nightmare” waiting to happen, lawmakers say (arstechnica.com)
52 points by EleneShubladze 9 months ago | hide | past | web | favorite | 42 comments

I see this, as well as Hillary Clinton's use of a personal email server, as a manifestation of a problem with the way we do security: when IT security restrictions are a pain in the butt to comply with, people are going to try to get around them.

A trivial example: IT requires users to change their passwords every N days. So users start with "password", and when they are required to change it, they use "password1", then "password2", and so on.

A non-trivial example: someone in a high government position is told they have to use a crappy, outdated, locked-down Blackberry device to access their official email, so they start using a personal email account or a personal phone for official business.

Security doesn't work if it's hard to use, because people will find a way around it, and some of those people will have enough power that you can't force them to comply.

> as well as Hillary Clinton's use of a personal email server, as a manifestation of a problem with the way we do security: when IT security restrictions are a pain in the butt to comply with, people are going to try to get around them.

Wasn't that more of an effort to get around government records-retention and transparency laws than an attempt to get around annoying and onerous security requirements?

I can see it being both.

My reading, at the time, led me to believe it was primarily a matter of access and facility, for Clinton. She wanted her email "her way", and State technical resources -- perhaps also dependent on cross-agency resources -- could not easily nor readily make it happen.

So, she had one of her own staffers take it rogue, with this server deployment.

Like a lot of senior executives, Hillary Clinton seems to have a pretty big ego and a commensurate attitude that she knows what she's doing.

In a larger context, something that really bothers me about all this: The Chelsea Manning problem arrived around the start of her tenure at State. State, the President and administration, pretty much all the powers that be were outraged over this event.

Again, from my reading, I gathered that the system these data were in was fundamentally deficient with respect to the security needs that were outline. Basically, two levels of acccess, with no compartmentalization nor, IIRC, active auditing -- perhaps much of any auditing or audit trail at all.

Clinton was head of State for the better part of eight years. They remained outraged at Manning and never ceased their push for punitive action.

But she very apparently never tackled and fixed the systems deficiencies that allowed the problem, in the first place.

As her campaign proceeded, I read numerous stories about its fundamental disorganization and corresponding disfunction.

To speak politically for a moment, I'd take this in a second compared to the malicious disaster that is Trump and his crony clown car of an administration.

But neither did she acknowledge, accept responsibility for, and actually work to fix the very tools her and State's work are now founded upon.

Go back twenty years. The intelligence services had a better scoped information collection and analysis system that showed real promise, while also better respecting privacy. Thin Thread.

Dick Cheney gets into the VP seat, and he wants to steer as much business as possible to his cronies. Thin Thread gets shut down, and in its place we end up with various proposals and tweaked formulations for what is called -- I can't remember the program names, right now -- "total situational awareness". That drowns in its own inefficiency, imprecision, and over-collection.

And in the gap, we also get 9/11 and a mis-lead if not dis-ingenuous ramp up to a multi-front war on the other side of the globe.

These people don't care about good, proper systems. They and their agendas vary; nonetheless, their agenda always takes primacy. And, invariably, the shortcuts or biased choices they force through end up costing, down the line.

“These people” such as Hillary, Bush, Cheney, usually started off a mail service outside the Whitehouse to get their campaigns organised. Over time their entire entourage is using that mail server.

Then they get into Government and we expect them to transplant their entire support network into the new environment. That is not going to happen.

What is needed is for the mail server that someone starts up to support their campaign to be secure be default with Whitehouse-level security made easier than not using it at all.

The hard part is getting people to use S/MIME certificates so that messages are encrypted end to end and you never have to quarantine cleartext on your cloud service.

Surely there is an entrepreneur in the HN crowd ready to take this on?

> A trivial example: IT requires users to change their passwords every N days. So users start with "password", and when they are required to change it, they use "password1", then "password2", and so on.

Fortunately in the latest NIST Digital Identity Guidelines this case is explicitly discouraged [1]: Do not require that memorized secrets be changed arbitrarily (e.g., periodically) unless there is a user request or evidence of authenticator compromise.

[1]: https://pages.nist.gov/800-63-3/sp800-63b.html#usabilitycomm...

First of all, NIST - not saying it's useless worldwide, but we're not bound and so it's probably ignored.

Second, good luck until something like this 2017? guideline makes it into the big non-IT corporations, NGOs and governments. maybe 2022? :)

Unfortunately, those people who have enough power that you can't force them to comply are exactly the same people whose data will do the most damage if it is breached.

Oh my if that's a "nightmare" then what is the rest of what is going on considered?

I think that died when people realized that email is inherently insecure unless you jump through a LOT of hoops (e.g. pgp)

I remember when email security was a top concern to folks.

I remember when the BigCorp I worked for asked me to email their entire customer database, every month, to the latest hotshot consulting firm that was going to "drive growth".

I argued for encryption of the files sent. Reached out to the technical side of the consulting company; the person I interfaced with seemed fine with the idea -- even if it wasn't their standard procedure. (Visions of however many companies sending this data each month, quarter, whatever.)

And promptly got chewed out by my management for my efforts.

It's not just that people like this don't know. It's that they are willfully ignorant until the pain becomes too great.

In other words, you can think of this -- kind of like pollution -- as a large momentum of externalized costs.

Even when companies tank, many of the managers responsible simply move on -- or have already moved on. Customers/clients experiences losses they never fully recoup. The wheel turns, and approximately the same people emerge in a new configuration of business that repeats the story.

P.S. This also reminds me of telling a geologist friend that they should really encrypt their online consulting on oil fiend technical issues for clients in the Far East. A lot of email and IM -- back before most any productized IM had encryption, neither of connection nor of content.

If I were playing the other side, I'd definitely scrape those to learn where production was at, technical tips and knowledge transfer, but also particularly -- and if I weren't interested in the geology and technical side, itself -- to learn of production expectations and use those to maximize the revenue I extracted in rights, leases, perhaps even outright confiscation in some cases.

Oh, not to mention taking advantage of inside knowledge to profit from market valuations, where accessible to investment.

Well what happened arnt we concerned about clasified info being hacked?

It can't get hacked by our adversaries if we just tell them when they visit the oval office!

I want a reporter to ask him about that, or his spokeswoman. What kind of tortured justification can they give?

Oh I don't think it's waiting.

Yea, seriously.

>or the fortuity of foreign agencies not knowing his personal cell number

I find it incredibly difficult to believe that professional intelligence services don’t have his cell phone number already.

I'm not the most clued up on US politics, but is it his personal phone? If it is, this could give rise to a situation not dissimilar to the one caused by Hilary Clinton's private email server!

Only if he's illegally conducting official business on it.

Thought: it would be possible to make the phone reasonably secure by having one of the SS agents (who are always around him) carry a secured WiFi access point, which the phone connects to (and it doesn't connect to anything else).

Then the access point is VPN-ed and firewalled back to an endpoint that is secured, from which phone calls are then connected directly to e.g. Verizon / ATT / Level3 for termination to the dialed number.

i.e. network topology is

TrumpPhone <--> WifiAP <--> VPN to <--> Secured endpoint <--> telco/bandwidth .

More security could be added by e.g. configuring a virtual phone number which lives "on the switch" then forwards to a securitized softphone. This would mean that the phone number attached to a physical phone would never be used; and multiple phones configured identically could be set up ahead of time, audited, upgraded, etc.

An hypothesis: There are idea bubbles, just like there are financial bubbles. In fact, arguably a financial bubble is just one application of idea bubble - for example, 'real estate always goes up'; 'tulips are worth more than gold', 'crypto-currency doesn't need regulation', etc. That is, the evidence for idea bubbles seems obvious: they are widely known in finance, technology (hot trends, etc.), angry mobs, and elsewhere. I'm just classifying them as a way of thinking about them.

More specifically, I hypothesize that there is a bubble right now in political thinking: It doesn't matter what evil, incompetent, or highly risky things we do, as long as our side 'wins' in the immediate term. We can safely ignore the longer term consequences. A successful businessperson who relies heavily on international trade told me recently: 'Trump is vile, but I voted for him and I'd vote for him again - because I'm a businessperson and business is good.' In that statement they believe there is a problem but choose to ignore its consequences, even the ones that will directly affect their business (e.g., trade problems).

And that property seems to apply to all idea bubbles in all areas: Ignore the consequences. I can see how bubbles work up close: The mechanism seems to be that when everyone joins the bubble, 1) it's exciting and engaging, and 2) nobody is making us think about the consequences; the social pressure to exercise judgment band behave is gone, because nobody will judge you for it. The parents are gone - let's party! Pick up your pitchforks and torches! This is gonna be Awesome!!!

Reality is that which, when you stop believing in it, doesn't go away. - Philip K. Dick[0]

[0] Attributed; I don't have time to find the source.

>Last year, Trump reportedly had an iPhone with just one app on it: Twitter.

Can someone with more knowledge explain how is this a security nightmare? If he's not using it for email, if it's just for him posting his opinions onto Twitter, I'm not sure I follow why it's so bad?

It’s a smart device with known (and unknown) vulnerabilities that’s always near the president. It probably has a browser, a camera, gps, and a microphone and it is always connected to Apple’s cloud. It’s a large attack surface if you’re a nation state. Oh, it’s also a phone. It makes un-encrypted calls, and is capable of sending and receiving messages.

I thought it was determined (well, alleged, with data) that Trump uses an Android device[1]. Has that changed?

[1]: http://varianceexplained.org/r/trump-tweets/

That sentence should probably be "with just one third party app on it". The phone probably has the standard set of Apple apps as well, including Mail.

The Trumpster is known to use email little or not at all. Maybe that has changed now but I would suspect not.


The iPhone and any app on it can be exploited. The microphone can be remotely turned on, it's location can be tracked, etc. etc.

We can evaluate the likelihood of attack based on the attacker's return on investment: If there's a $1 million secret and the attacker can get it for $0.1 million, that's a good deal; if it costs the attacker $2 million, then why bother?

The value of accessing POTUS' information can't be overstated. It's the literal survival of nations, trillions upon trillions of dollars, the very course of the history of civilization. If foreign powers can access it, even if it costs them billions of dollars, they will. Even allies do it - the U.S. was caught hacking the German Chancellor's phone in the last several years. The same goes for others with the resources and the willingness to break the law, such as organized crime and less scrupulous buinsesspeople - you could easily make billions on the markets by knowing Trump's plans. And if your competitor knows and you don't, you are at a disadvantage.

Also, it's a good source for blackmailing POTUS (an incredible but now conceivable thought) and for gaining similar information about the powerful people he meets with.

I believe the meaning is the opposite. The iPhone was secure, and Trump is now using his personal Android phone[1].

To quote Obama about his iPhone[2]:

"this is a great phone, state of the art, but it doesn’t take pictures, you can’t text, the phone doesn’t work, you can’t play your music on it"

[1] https://arstechnica.com/tech-policy/2017/01/post-inauguratio...

[2] http://fortune.com/2016/06/10/president-obamas-new-smartphon...

Headline is misleading. It should say smart phone use, not cell phone use. A lot of this is about his use of the internet via his phone, not about voice calls per se. The ability to pull a phone out of your pocket and call someone, almost any time, any where, is just another layer of the issue. But his use of twitter would be problematic even if it was all done from a PC.

When I had a job at an insurance company, where we had to comply with HIPAA et al, most people in the department hated making phone calls. I was there a fairly long time before I got any training on handling phone calls.

Phone call themselves are an information security nightmare waiting to happen in part because it is live conversation. It is hard enough to write a letter that is HIPAA compliant. Certain kinds of letters, like those advising customers of a HIPAA breach related to their policy, had to be written using a form letter and then reviewed by the legal department to make sure it was in compliance and this all went through your boss.

In the claims department, it was common for people to speak colloquially of 'paying claims' because most claims were paid, not denied. But the correct term is processing claims. I had a coworker get in trouble because she called a customer, said something like "We need this information so we can pay your claim" (instead of saying "so we can process your claim") and then the claim was actually denied.

President Reagan helped bring the presidency into the video age. He was a former actor and was constantly aware of surroundings and what was in the background behind him, what was framing his image. This changed the way the presidency was portrayed in visual media, both pictures and film. If you go look at presidential images preceding his administration and those following it, they are dramatically different.

My impression is that Trump made a concerted effort to go where the people were and adopt the channels of communication they used, including twitter. It wasn't his thing, personally. No surprise that he has no clue what he is doing.

Perhaps this is the presidency where we need to figure out how the president uses the internet and social media. Perhaps they need to develop some protocols around it. I don't believe there are previously established good protocols.

This is another venue for communicating with the people. Hopefully we woo't throw out the baby with the bath water in trying to resolve the issues this presents.

Agreed, but didn't Obama use his famously during his presidency?

I think it's quite the opposite. He (reportedly [1]) didn't have a smartphone until 2016, and it was pretty locked down.

[1] http://fortune.com/2016/06/10/president-obamas-new-smartphon...

I remember when he got elected in 08 he didn't want to give up his "Crackberry"

They made sure his blackberry was secure. There was no security problems with him using it.

He had a blackberry.

This is called whataboutism. If you are correct, it was wrong in both cases. https://en.wikipedia.org/wiki/Whataboutism

This is such a yawner. Everything about Trump is a disaster or a nightmare or incompetent, blah, blah blah. (Hillary had a barely secured email server in here closet!!)

And here we are, decent economy, relative peace, no collusion, functioning government. Trump may be unconventional but there's nothing wrong with that (in fact many, including detractors, praise that quality) and it seems to be working OK so far.

Disclaimer: I loathe Trump but believe the criticism he gets is frequently unwarranted.

Didn't he recently just wake up and decide to fire some rockets on Syria? You call that relative peace?

Why are you trying to downplay how incompetent one president it is by highlighting another candidate? Maybe it is true that they would both have been relatively incompetent, but that is not the point being made here. The example you're giving also does not serve to put things in perspective, as it is also an egregious offense.

I was going to say peace but qualified it with relative. The Syria thing is pretty minor war-wise, imo.

I only threw in the "Hillary email" thing because the subject is communications security.


For what? Do you think any of my opinions/assertions lack supporting evidence?

Not sure I'd agree with the "functioning government" part...

Well, Clinton unlike Trump isn't president.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact