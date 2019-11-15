Impeachment Hearings Highlight More Trump Phone OPSEC Failures
from the ill-communication dept
Plenty has been made of the President's unwillingness to adhere to anything close to reasonable security when using his mobile phones. Whereas the Defense Information Systems Agency (DISA) and the National Security Agency usually work in concert providing state leaders with "hardened" devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung's Knox security architecture) because they apparently infringe on his ability to Tweet.
Just a few months ago, Senators sent a letter expressing concern that Trump's mobile phone practices were leaving the President open to potential hacking by foreign entities:
"The President of the United States stands alone as the single-most valuable intelligence target on the planet. Given the apparent lack of progress the Administration has made since initial reports in 2016 of the President’s poor operational security, it appears the only thing standing between the Office of the President and the next national security nightmare is a combination of President Trump’s personal restraint and sheer luck."
Eventually, the President was convinced to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. Even here reports have suggested that Trump has struggled to adhere to these restrictions, often making personal calls on his unsecured Samsung Galaxy III.
This week in testimony before the House Intel Committee, diplomat William Taylor testified he had recently learned of a call between US/EU ambassador Gordon Sondland and President Trump while at dinner at a restaurant in Kiev. The conversations regarded Trump's efforts to pressure Ukraine to help him dig up dirt on Biden, though security experts were more concerned by another aspect of the revelation; namely the idea that the President was openly discussing sensitive issues -- in public -- on foreign cellular networks:
"There are a ton of risks there, but some of the biggest involve the fact that the call is traversing the foreign country's telco,"said Jake Williams a former National Security Agency operator and founder of Rendition Infosec. "Even if you trust that country not to spy on their own telcos, others probably have. There's a non-zero chance that some country (or multiple countries) are getting call data records (CDR). This definitely would have made for increased targeting on Sondland and his contacts. Honestly, if I saw that in CDR collection, my first thought would be, 'That has to be a troll, right?' That would be immediately followed by, 'Get full voice coverage on his phone (and everyone around him). These guys don't understand OPSEC."
Needless to say, having phone calls in public restaurants over foreign cell networks is considered a no no in security circles:
"During that call with Gordon Sondland, the U.S. ambassador to the European Union, Trump spoke so loudly about “the investigations” that someone in the restaurant who was not on the phone could hear his words, according to Bill Taylor, the senior American diplomat in Ukraine.
It is highly likely that others were listening too. Russia’s intelligence services have previously demonstrated the capability to intercept the phone calls of American diplomats in Ukraine and make recordings that can be used to compromise or embarrass those officials."
Granted there's a universe of other ways that foreign and US intelligence can and do spy on public officials even if you're using an encrypted connection, from the use of IMSI catchers to the exploitation of the longstanding SS7 flaw we've long noted nobody seems interested in fixing:
This stunning revelation at the #ImpeachmentHearings shows the unacceptable lack of cybersecurity by the @realDonaldTrump Administration. Any foreign power can listen in on a cell phone by exploiting a flaw known as "SS7." Look it up. It will scare you. https://t.co/mZZ7B2IHK2 https://t.co/1J7PUd8yGK
— Ted Lieu (@tedlieu) November 13, 2019
Like so many tech issues, the stupidity will get lost in partisan fisticuffs, with the President's supporters taking such deep offense at the idea the President is terrible at security that they'll mindlessly discount this as just more unfair partisan criticism they don't have to pay attention to. But reality doesn't care, and report after report has made it pretty damn clear the President of the United States has garbage-level OPSEC that no level of hand holding appears capable of mitigating.
Filed Under: donald trump, gordon sondland, op sec, phone calls, security, ss7, william taylor
Big fuss over nothing
Come now, you frame making damning calls on insecure phones on foreign networks loud enough for other people to hear him sound like a bad thing, when has something like that ever backfired and caused any problems for Trump?
[ reply to this | link to this | view in chronology ]
He had phone OPSECs?
[ reply to this | link to this | view in chronology ]
'Zero' is technically an amount
From what I've gathered from articles like this it was fairly minimal, he had a tendency to undermine what was there, and he basically had to be pressured to adopt what little there was, rather like a petulant child being forced to eat their veggies before they can leave the dinner table.
All that and he still managed to make it worse though, it's almost impressive, albeit for all the wrong reasons...
[ reply to this | link to this | view in chronology ]
Re: 'Zero' is technically an amount
A petulant child on a mission could sit and stare at thise veggies on the plate into the morning until it was time to go to school!
[ reply to this | link to this | view in chronology ]
He pushed thru 25 people who were red-flagged for security clearances. I don't phone Sec isn't a high priority as much as tweeting about some other TV reality stars.
[ reply to this | link to this | view in chronology ]
I'm skeptical that this will surprise anyone. It could be worse, but fortunately he is the textbook example of the Dunning-Kruger effect. Just imagine what it would be like if he were competent enough to carry out his ill-conceived ideas.
[ reply to this | link to this | view in chronology ]
Trump's phones
After three long years of having unsecured phones, how come nobody has hacked into them and gave us the goodies.
[ reply to this | link to this | view in chronology ]
Re: Trump's phones
The Internet is already full of incoherent incompetent racist trolling, so why bother? It's not like full access to his phone (or being in his cabinet or being himself) could help you predict Trump's actions on the next day.
[ reply to this | link to this | view in chronology ]
Re: Re: Trump's phones
The up-side to Trump being ill-informed is that anyone breaking into his phones mostly gets access to stuff he's already tweeted, or stuff that's already been aired on Fox.
Yes, there's a benefit to him not reading his briefings.
[ reply to this | link to this | view in chronology ]
Re: Trump's phones
How would we know they haven't already? It's not like Trump is gonna tell us, and I would suspect that those in his administration who would know would rather keep their jobs than tell.
[ reply to this | link to this | view in chronology ]
Re: Trump's phones
After three long years of having unsecured phones, how come nobody has hacked into them and gave us the goodies.
Because as-is, he continues to be a useful idiot. No need to hack him so that he shuts the fuck up - it's more useful to let him continue to run his big mouth.
[ reply to this | link to this | view in chronology ]
Re: Trump's phones
Maybe cause they like having the inside scoop.... until he tweets it out
[ reply to this | link to this | view in chronology ]
I would just like to point out that as far as I know, this is all we get out of democrat party for two or more years for our bucks. Impeach Trump. What else have they done except to run our country deeper into the ground and make our country look so pathetic. I wonder if this impeachment has sour grapes written all over it and the fact that Pres. Trump once stated in a public debate with Clintons present that they should be arrested.
[ reply to this | link to this | view in chronology ]
Re:
You're literally just lying.
[ reply to this | link to this | view in chronology ]
Re: Re:
No, you are lying.
[ reply to this | link to this | view in chronology ]
Re: Re: Re:
That comeback is sadder that Trumps last erection. About as potent too bro.
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Re:
You mean, when he erected that wall?
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Re: Re:
A 10 foot long wall along a 100 foot property line is pretty damned impotent. So yeah, like his wall.
[ reply to this | link to this | view in chronology ]
The wall
The border wall is penetrable by $100 of power tools. Climbing enthusiasts are making a mockery of how easy it is to scale. Even kids are doing it.
The wall is being constructed with funds appropriated from other military projects (schools for kids in military families, repair of military facilities wrecked by hurricanes, an engineering center at a military academy and so on) further weakening the readiness state of the US armed forces, and driving potential recruits to rethink their career choices.
The wall was long established as being a vanity project considering most undocumented immigrants simply fly in and overstay their visas.
Considering all these factors, it surprises me we might still have people who think the border wall was a pretty keen idea. It only further demonstrates how Trump support is less a rationalist-based position and more like a religious ideology, something people take on faith because the bitter truth is too terrifying.
[ reply to this | link to this | view in chronology ]
The impeachment hearings are about whether the President abused his official powers to bribe a foreign government into investigating one of his political rivals ahead of the 2020 elections. Anyone who tells you otherwise is trying to grift you.
[ reply to this | link to this | view in chronology ]
Re:
Well, one was the last time he was eligible to being grifted by high-standing politicians in a manner he could follow?
Trump stands for politics even a simpleton can comprehend. Sometimes only a simpleton.
[ reply to this | link to this | view in chronology ]
Re:
Trump once stated in a public debate with Clintons present that they should be arrested.
One has to wonder why, with full control of Congress for two years, along with a hand-picked DOJ, he was too impotent to actually do so. When you're in charge, it's not good form to ask the other side why you're not getting shit done.
What else have they done except to run our country deeper into the ground
But, I thought the economy was booming? Was he lying then or now?
[ reply to this | link to this | view in chronology ]
Re: Re:
The ones for whom the economy is booming is them. They have given themselves outrageous raises and slapped us in the faces. Those people who expect and demand from our sons and daughters to lay down their lives for our country and who would not they themselves lift a finger, and who trouble us with more undemocratic laws and incarcerate 20% of the incarcerated world's population, and who barely call off their dogs on America, enjoy $500 meals at our expense. Is it or could there possibly be any question why some of us are so incensed by them? And now they wish to stifle the platforms to restrict our speech!
[ reply to this | link to this | view in chronology ]
Re:
Nunes?
Is that you?
[ reply to this | link to this | view in chronology ]
Re:
Hint: It's not democrats making the country look pathetic. It's not even republicans in general. It's Trump.
[ reply to this | link to this | view in chronology ]
Re: Re:
Have you watched the public inquiry proceedings so far? Republicans in general (well, at least in the House) are certainly closing ranks with Trump concerning looking pathetic. I watched without the expectation to have my mind changed with regard to either Trump or the witnesses (so why even bother with public hearings?) and was right with that.
I didn't expect that the real impact would be how far my respect for House Republicans dropped. I mean, make no mistake: this is sort of a rehearsed performance and not particularly suited to increase my respect for Democrat House members. But the Republicans were really disgusting. They apparently think they can smear their way out of any problem like their Líder Máximo.
[ reply to this | link to this | view in chronology ]
Re:
Since the Dotard in Chief believes that, it's been three years. Weakest president ever. Why's he so afraid of the Clintons?
[ reply to this | link to this | view in chronology ]
Re: Re:
Who said he was? lol
[ reply to this | link to this | view in chronology ]
Re: Have you tried digging up?
He did by his every word and action.
[ reply to this | link to this | view in chronology ]
Re:
“What else have they done except to run our country deeper into the ground and make our country look so pathetic. I wonder if this impeachment has sour grapes written all over it“
Soooooo much projection bro.
[ reply to this | link to this | view in chronology ]
He is bad at security in general.
He was giving a press conference a few weeks ago to present his "new and improved border wall", and started discussing how they are "wired" and all.
When asking one of his officials to give more details about the security features, he had to be told that it would be a bad idea.
Add to this the guests at his golf resort, who can simply pay to access him and some of his international counterparts, listening in as he's loudly talking foreign affairs over "the most beautiful chocolate cake", and this latest reveal is not so new or surprising.
All of this is several levels of stupid that we've never seen in a US president.
[ reply to this | link to this | view in chronology ]
Good minions are hard to find
On one hand, assuming that we had a functional country with a functional government, yes, OPSEC is super important. I heard that long ago before in the days of the old republic before the dark time, the NSA was all about that, securing the entire communications system so it was safe for officials and businesses alike to communicate without fear of spies and saboteurs.
These days, not so much. It's a great era for black hats.
On the other hand, it is reassuring that tyrannical administrations can't bother themselves to cover their flanks and posterns. President Trump's inability to adhere to security protocols (combined with the misery he farts out like a geyser, stinking up all of Washington and anyone who has to engage the federal system) may well be his undoing.
[ reply to this | link to this | view in chronology ]
Primary security failure identified:
Letting Trump anywhere near a phone.
[ reply to this | link to this | view in chronology ]
User error
Traditionally, between chair and keyboard
84% of all data breaches fall into this classification.
[ reply to this | link to this | view in chronology ]
