President Trump is still tweeting from his old Android phone in the White House, even after being given a new, secure device just before his inauguration, according to a report in The New York Times.
That revelation stirred some strong negative reactions from three mobile security analysts contacted on Thursday. Two of those analysts said using the older Android device only for tweeting doesn't necessarily pose a national security risk, but they questioned what else he might be doing with that Android device that could pose such risks.
"If all that President Trump does with that Android phone is tweet, then it's not a [security] problem," said Roger Entner, a long-time analyst on mobile and security matters at Recon Analytics. "If he does more than that, then it becomes a significant problem especially if the Android phone travels with the President overseas."
However, Entner said it is possible some hacker or group could pose as President Trump using his @realDonaldTrump handle. Doing that likely would require breaking into secure Twitter servers or the wireless and wired network infrastructure used to reach Twitter from any device. Or, someone could gain access to his Twitter user name and password, which becomes more possible if he has trusted other people to access his account.
"Hackers can pose like him on any device and that's more about his Twitter security, not the phone security," Entner explained.
"The main problem is if someone hacks his unsecured Android phone, then they can always locate where the phone is and in all likelihood where he is. This is the kind of metadata that the spy agencies thrive on when going after their targets," Entner said.
Jack Gold, an analyst at J. Gold Associates, had similar concerns. "If President Trump is still using his unsecured Android phone for tweeting, what else is he using it for and what kind of info does he have on it that could be compromised?" he asked.
"In theory, the whole reason for giving him a secured phone is to prevent any hacks or the interception of sensitive data and communications," Gold added. "The mere fact that he is using an unsecured device is very troubling. That would probably be grounds for dismissal for many other government employees who face much stricter enforcement" on their use of mobile devices.
During his campaign, Trump frequently expressed concerns over former Secretary of State Hillary Clinton's use of a personal e-mail server for some official business.
"We should learn from the lessons of Secretary Clinton, who used an unsecured device for much of her tenure," Entner said. "There are very are sophisticated people and countries out there who love to know what the President talks about to his inner circle."
Sign up for CIO Asia eNewsletters.