Nobody’s cellphone is really that secure

Earlier this week, The New York Times reported that the Russians and the Chinese were eavesdropping on President Trump’s personal cellphone, and using the information gleaned to better influence his behavior. This should surprise no one. Security experts have been talking about the potential security vulnerabilities in Trump’s cellphone use since he became president. And President Obama bristled at—but acquiesced to—the security rules prohibiting him from using a “regular” cellphone throughout his presidency.

Three broader questions obviously emerge from the story. Who else is listening in on Trump’s cellphone calls? What about the cellphones of other world leaders and senior government officials? And—most personal of all—what about my cellphone calls?

There are two basic places to eavesdrop on pretty much any communications system: at the endpoints or during transmission. This means that a cellphone attacker can either compromise one of the two phones, or eavesdrop on the cellular network. Both approaches have their benefits and drawbacks. The NSA seems to prefer bulk eavesdropping on the planet’s major communications links, and then picking out individuals of interest. In 2016, WikiLeaks published a series of classified documents listing “target selectors”: phone numbers the NSA searches for and records. These included senior government officials of Germany—including Chancellor Angela Merkel—France, Japan, and other countries.