A military program has created an Android-based super secure smartphone that goes with the office of the President. Is Trump using it?
Among the privileges and cool stuff that come with being the president of the United States is a highly modified Boeing Black smartphone, an encrypted device certified to handle Top Secret data. The Defense Department Information Systems Agency, or DISA, developed the phone with help from Boeing and other partners, the phone “goes with the office” of the President. But is Donald Trump using it — or his old and far less secure Android phone?
The DISA phone emerged from the agency’s Mobility Classified Capability program. A fact sheet says the program uses “commercial mobile devices (smart phones and hotspot devices) and commercial mobile architecture components” such as commercial virtual private networking. The sheet describes the phone as “NSA-approved,” and lists “Top Secret” communication capability as “coming soon.”
(The fact sheet does not mention the Boeing Black, but when Defense One asked DISA if the two were separate, an official replied, “no.”)
As of November 1, DISA had handed out at least two of the phones, to President Obama and to Cyber Command leader Adm. Mike Rogers, according to DISA chief Lt. Gen. Alan Lynn, who spoke at the Milcom conference in Baltimore. Lynn was initially coy when asked who helped DISA make the device: “I don’t want everyone to know who’s making good stuff for me because there’s a lot of partners. I don’t want to just highlight one. Although I’m sure the question might have come from that one.” A moment later, he softened. “I’ll tell you who worked on the Top Secret one, Boeing did. Boeing Black is the device we’re working with.”
He added that DISA was “just now in the test phase of it.”
Since then, DISA has become a bit shy in discussing the device. When we asked whether Obama’s Boeing Black phone had been given to Donald Trump, a DISA official, speaking on background, said only that the phone “goes with the office of that position.”
Officials with White House Communications Agency, the DISA department that handles communications for the White House but is operationally independent, did not respond to repeated requests for comment.
A bit about the phone: In 2014, Boeing filed required paperwork with the Federal Communications Commission, and received FCC ID H8VBLK1. The filing details an Android-based, dual-sim-card phone that can switch between civilian and classified and civilian networks, including WCDMA, GSM, and LTE networking at 3G.
The phone’s most important and famous feature: when you try to break it open, it self-destructs. According to the FCC filing: “Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable.”
Boeing would not discuss how the phone has changed since those 2014 filings. But Lynn talked a bit about the agency’s numerous modifications.
Almost no data resides on the phone itself, which he described as being “close to a VDI,” a virtual desktop infrastructure. That means that the phone is little more than a window into another computer somewhere else. In addition, there is “a large amount of encryption tied into it.”
Is Trump using the phone that DISA made for the President? Boeing referred inquiries to DISA, who referred us to the White House, who did not answer.
On Jan. 20, the Associated Press reported that Trump had surrendered his insecure Android-based Samsung Galaxy to security services. But on Thursday, the New York Times reported that the President was still using an unsecured phone:
“Mr. Trump’s wife, Melania, went back to New York on Sunday night with their 10-year-old son, Barron, and so Mr. Trump has the television — and his old, unsecured Android phone, to the protests of some of his aides — to keep him company.”
This worries at least some security experts. “This is a consumer device, and it’s going to have security vulnerabilities,” Bruce Schneier writes. “He’s at risk from everybody, ranging from lone hackers to the better-funded intelligence agencies of the world. And while the risk of a forged e-mail is real — it could easily move the stock market — the bigger risk is eavesdropping. That Android has a microphone, which means that it can be turned into a room bug without anyone’s knowledge. That’s my real fear.”