May 13, 2017

The equipment aboard an EP-3E electronic surveillance plane


Since the start of the Snowden-revelations in 2013, many people got the impression that the US National Security Agency (NSA) mainly intercepts the communications of ordinary citizens. In reality, the NSA is part of the Department of Defense and as such, a large part of its job is to collect data for tactical military purposes.

A good example of the latter task comes from an internal NSA damage assessment report about the 2001 Hainan Island incident, in which an EP-3E electronic surveillance aircraft collided with a Chinese fighter jet and had to make an emergency landing on the Chinese island of Hainan.

The report was among the Snowden-documents and published by The Intercept on April 10. As will be shown here, it provides many details about both the interception and the encryption equipment aboard the EP-3E aircraft.



A Lockheed EP-3E electronic surveillance aircraft from the US Navy
(photo: US Navy - click to enlarge)


Damage assessment

The purpose of the report was to review and assess the damage to cryptologic sources and methods and the response of the US SIGINT agencies to the crisis. The second was to review and assess emergency destruction of classified material and the emergency procedures.

In general, damage to Communications Security (COMSEC) systems, like cryptographic devices, keying material and encryption methodology, was considered low, mainly because cryptographic devices are designed in anticipation of being lost or compromised.

For Signals Intelligence (SIGINT), the equipment to intercept communications and other signals as well as the results of these efforts, there was an opposite approach: the assumption had been that sensitive SIGINT material would be protected at all time, or destroyed before it was lost or compromised.

Because emergency destruction techniques didn't kept pace with technology, especially where they often no longer reside in hardware, but in software. The Hainan incident revealed that existing destruction procedures were outdated and inadequate. Also, individual and crew training appeared to be deficient and lacked realism and context.

Nevertheless, damage in the realm of tactical SIGINT was assessed to be medium, which means that the damage was recoverable with concerted effort.



The damaged EP-3E after it had landed on the Hainan island
(click to enlarge)

The EP-3E aircraft

The EP-3E aircraft is a modified version of the Lockheed P-3 Orion, which is a four-engine turboprop aircraft developed for the US Navy and introduced in the 1960s. The Platform Integration division of the military contractor L-3 converted several P-3Cs into the EP-3E, which is also known as ARIES (Airborne Reconnaissance Integrated Electronic System). The Navy has 11 EP-3Es, the last of which was delivered in 1997.

The plane generally has a crew of 24, including linguists, cryptographers and technicians. The EP-3E that flew over the South China Sea carried an 18-member reconnaissance team from the Navy, Marines, and Air Force, in addition to a 6-member flight crew. The position of their workstations can be seen in this schematic from the damage assessment report:



(click to enlarge)


Other tactical SIGINT spy planes are the Boeing RC-135 COBRA BALL, COMBAT SENT or RIVET JOINT of the US Air Force, the De Havilland RC-7 Airborne Reconnaissance Low (ARL) of the US Army and the Beechcraft (R)C-12 Huron, which is used by the Army, the Navy, the Air Force and the Marine Corps.

Together with other flying spying platforms like drones and satellites, these planes contribute to what is called Overhead Collection. The NSA's other primary information channels are cable access, hacking operations, joint NSA-CIA units and foreign partnerships.


COMINT equipment

COMINT stands for Communications Intelligence, which is information derived from the interception of foreign communications, either between people or between machines. Together, COMINT and ELINT (see below) are called SIGINT.

The COMINT collection system onboard the EP-3E consisted of antiquated HF, VHF, and UHF receivers, a rudimentary signal distribution network, and narrowband cassette recorders. The COMINT collection system used the ALD-9 antenna and processor package. In addition to installed equipment, six carry-on computers were onboard.

The COMINT equipment was generally unclassified with the exception of two carry-on computers, a SCARAB computer containing the LUNCHBOX PROFORMA processor and a laptop containing MARTES analysis tools. All data on these two systems was considered compromised.

Although other planes in the military’s spy fleet had recently undergone a major surveillance equipment upgrade, the plane that ended up in Chinese hands was two weeks away from getting one, so the equipment was old and outdated and a lot of it didn’t work properly.


SCARAB computer

The SCARAB is a portable computer device that contained the LUNCHBOX processor, which uses software to process 40 worldwide PROFORMA signals, some teleprinter and pager signals, datalink signals for the HUNTER and PREDATOR drones, and the Joint Air to Surface Stand Off Missile (JASSM) datalink. Additionally, the SCARAB computer contained the XBIT Signals Analysis software for bit manipulation and BLACKMAGIC demodulation software.


The SCARAB computer containing the LUNCHBOX processor for PROFORMA data
(photo: EP-3E incident report - click to enlarge)


PROFORMA is the codename for digital command and control data communications that relay information and instructions to and from radar systems, weapon systems (like surface-to-air missiles, anti-aircraft artillery, fighter aircraft), and control centers.

Exploitation of this information provides US and allied warfighters nearly instantaneous situational awareness data from a target country's radar systems. This information supplements US sensor systems while providing insight into the target country’s decision process.

Several working aides aboard the EP-3E provided details about Russian-designed PROFORMA signals used by North Korea, Russia, Vietnam, and possibly China. This material detailed the association of signals to specific weapon systems. China was known to use two of the signals resident in the LUNCHBOX processor.

For the 2001 mission over the South China Sea, the Science and Technology (S&T) Operator aboard the EP-3E was tasked to collect and process PROFORMA signals possibly associated with Chinese SA-10 surface-to-air missiles and Chinese short-range air navigation.


MARTES laptop

Besides the SCARAB computer, there was also a Tadpole Ultrabook IIi laptop, which contained the MARTES software tools, the RASIN Manual, the RASIN Manual Working Aid and the Telegraphic Codes Manual.

RASIN stands for Radio Signals Notation and is the COMINT Signal Classification System for classifying and reporting a wide variety of signals with their associated parametrics and characteristics. Together, the RASIN manual and the aforementioned files provided a comprehensive overview of how US intelligence exploits an adversary’s signal environment.


The Tadpole Ultrabook IIi laptop with MARTES software tools
(photo: EP-3E incident report - click to enlarge)


MARTES is the name of a set of software tools for collecting, analyzing, and processing signals. A new version of MARTES is released approximately every six months, and it is generally divided into COMINT, FISINT and ELINT tools.

A portable, digital player/recorder used to collect the signals analyzed by MARTES contained a tape of 45 minutes of enciphered and unenciphered Chinese Navy communications. The unenciphered portions carried speech segments that identified Chinese communicants.

The compromise of the largely tactical COMINT documentation was rated medium. The most sensitive and damaging documentation contained detailed collection requirements against Chinese military datalink and microwave signals. The tasking data included frequencies, data rates, dish sizes, and target communicants.

Also compromised was the ability of the US to collect Chinese submarine signal transmissions and make subsequent vessel correlations. This compromise could prompt the Chinese to modify that particular signal.


ELINT equipment

ELINT stands for Electronic Intelligence and comprises the technical and intelligence information obtained from the intercept and analysis of noncommunication, electromagnetic radiations.

The ELINT systems onboard the EP-3E included a disparate collection of antennas, signal distribution networks, wideband and narrowband receivers, recorders, and processing and display equipment. The bulk of these systems were off-the-shelf devices that, although designed for the ELINT mission, contained no particularly sensitive technologies.

The system that were of a specific concern after the Hainan incident included the AN/ULQ-16 and the AN/ALQ-108. The AN/ULQ-16 is a computerized pulse processor used to make detailed timing measurements of radar signals. The AN/ALQ-108 is an enemy IFF (Identify Friend or Foe) interrogation system, which is used to actively and passively exploit early Soviet IFF and range extension signals.

Emergency destruction of the ELINT equipment during the Hainan incident was largely ineffective. The crew zeroized (deleted) all memories and erased all mission data, but the rugged construction of critical components and lack of destruction tools prevented adequate destruction.


Communications equipment

For internal communications, the EP-3E uses the the Digital Communications Management System (DCMS). All operational crew positions have access to the DCMS with headsets or through their helmets, with the exception of personnel in the galley and observers in the flight station. Communication paths between crew members are divided into various audio networks.

For communications with the outside world, there are numerous radios onboard, which connect to a variety of radio networks. Short-range communications are conducted using both plain voice and secure VHF and UHF radios. When the aircraft is on a mission for Sensitive Reconnaissance Operations (SRO), long-range communications with NSA and military operation centers are conducted via HF radio and over secure UHF satellite networks.


Radio/satellite transceivers

The EP-3E was equipped with the following radio transmitter/receivers (transceivers):

- Two AN/ARC-94 HF radios for long-range communication. One (HF-1) is configured for secure modem communications and is encrypted using a KG-84C encryption device. The other (HF-2) is configured for voice communications and can be encrypted using a KYV-5 encryption device.

- Three AN/ARC-206 radios for UHF line-of-sight communications. UHF-1 and UHF-2 are controlled by the Senior Evaluator (SEVAL) and are configured for voice communications. Both can be encrypted using KY-58 encryption devices. A third AN/ARC-206 radio is configured for line-of-sight datalink operations.

- Two AN/ARC-182 radios for VHF or UHF line-of-sight communications. Both are controlled from the flight station and are configured for voice communications. Both can be encrypted using KY-58 encryption devices. The control units for these radios have a switch setting allowing an easy and immediate change to emergency frequencies.

- One LST-5 satellite radio for secure UHF voice satellite communications. The radio can only be controlled locally at its location is in an avionics bay inside the aircraft cabin. It is encrypted using a KY-58 encryption device.

- The OL-390 Digital Communications Group and its associated UHF radio are used for secure satellite modem communications. The radio is controlled by the secure communications operator and is encrypted using a KG-84A encryption device. Because this radio shares distribution and antenna equipment with the LST-5, simultaneous transmission using both radios is not possible.


Encryption devices

For securing voice and data communications, the EP-3E had 16 encryption devices onboard, of the following types:

- The KY-58, which is used for voice and data encryption at 16 Kb/sec over AM/FM, VHF and UHF radio and satellite channels. The device can be used for data up to the classification level TOP SECRET. It accepts keys from the family of Common Fill Devices and also incorporates remote keying. The production of the KY-58, which is part of the VINSON family, was completed in 1993.


A KY-58 encryption device
(photo via jproc.ca - click to enlarge)


- The KG-84, which is used for data encryption at 64 Kb/sec over radio and satellite channels. The KG-84 can be used for communications up to the level of TOP SECRET, depending on the key-set that is loaded, and is fully complient with NSA TEMPEST standards. Like similar encryption devices, the KG-84 can be controlled either locally, or remotely (for example from the cockpit) through a Remote Control Unit (RCU).


KG-84C (left) and a KG-84A (right) encryption devices
(photo: EP-3E incident report - click to enlarge)


- The KYV-5, which is used for voice or data encryption over HF, VHF and UHF radio and satellite channels. The KYV-5 is a relatively small communications security module which is attached to a larger CV-3591 converter, together forming a TACTERM unit. The device is part of the Advanced Narrowband Digital Voice Terminal (ANDVT) family.


A KYV-5 encryption device attached to a CV-3591 converter
(photo via jproc.ca - click to enlarge)


The damage assessment report isn't clear about whether the Chinese removed these encryption devices from the plane before giving it back to the US. The particular equipment had previously been compromised, though not directly to China, and the report also mentions that components of for example the KG-84 had also been available through sites like eBay.


Cryptographic materials

Beside the KY-58, KG-84 and KYV-5 encryption devices, the EP-3E also carries KYK-13 and KOI-18 electronic fill devices, a KL-43 off-line encryption device, and a Global Positioning System (GPS) unit.

The EP-3E that landed on the Hainan island also carried keying and other cryptographic materials for its various secure devices, including Top Secret keying material in canisters, entire codebooks, and call sign lists. In all, this was much more than what was needed for the mission: nearly a month's worth of keying material and codebook pages that were not scheduled to become effective until well after the scheduled landing.

Instead, the use of an electronic key loading device such as the CYZ-10 Data Transfer Device (DTD) could have eliminated the risk of hardcopy keying material compromise. These devices can hold multiple keys, load multiple devices, and are easily zeroized.

During the Hainan incident, most cryptographic keys and codebooks had been jettisoned by the plane's crew, but the remaining material was considered compromised. However, all the encryption keys (except for the worldwide GPS key) were replaced by new ones within 15 hours of the EP-3E's emergency landing.



A COMSEC Material System (CMS) box containing cryptographic keying material
(photo: EP-3E incident report)


Radio networks

The radio equipment onboard the EP-3E conntected to the following networks:

- The Global High Frequency System (GHFS), which is a worldwide network of highpower HF stations that provides air/ground HF command and control radio communications between ground agencies and US military aircraft. The GHFS network supports Sensitive Reconnaissance Operations aircraft by passing encoded advisory conditions (NICKELBACK), position reports and administrative traffic. As of October 1, 2002, the network was renamed into High Frequency Global Communications System (HFGCS).

- The Pacific Tributary Network (PTN), which is a UHF secure voice satellite network that provides COMINT advisory support and threat warning to deployed US and allied forces. Network participants include the Pacific Reconnaissance Operations Center (PACROC), which provides coordination and flight following to SRO aircraft, the NSA's Kunia Regional SIGINT Operations Center (KRSOC) on Hawaii and the National Security Operations Center (NSOC) at Fort Meade.

- The SENSOR PACER network, which is a UHF secure low data-rate digital satellite network that provides time-sensitive SIGINT reporting, COMINT advisory support, threat warning, and administrative traffic support to Sensitive Reconnaissance Operations platforms worldwide. Network participants include KRSOC and the Tactical SIGINT Interaction Center at Kadena AB, Okinawa (TSIC-K).

- The SIERRA ONE Early Warning network, which is a UHF secure voice satellite network utilized by 5th and 7th Fleet Orion P-3's and EP-3E's for tactical reporting and coordination. Network participants include all PACOM Tactical Support Centers (TSC) and CTF 57/72, Kami Seya, Japan.



April 10, 2017

Mysterious devices in Trump's pop-up situation room


Last Thursday, April 6, the United States conducted airstrikes against Syria and president Trump received a briefing on this attack at his Mar-a-Lago estate in West Palm Beach, Florida. The next day, his press secretary Sean Spicer tweeted a photo of this briefing, which shows some hitherto unseen and futuristic looking devices:



Trump and his team of policy makers at Mar-a-Lago. April 6, 2017
(White House photo - click to enlarge)


In the photo we see some kind of small guest or spare room with a rather narrow table and cheap chairs of the type that can be rented for events. At the far right side there seem to be dark curtains, indicating there may be windows.

As was pointed out by Sean Spicer, the photo was redacted for security reasons: the content of the documents was erased. CNN provided a version of this photo showing who all the persons in the room are:



(click to enlarge)


Not present in the room were vice president Mike Pence, secretary of defense James Mattis and chairman of the Joint Chiefs of Staff, general Joseph Dunford, but they participated from Washington DC via secure video teleconference, according to Spicer.


The photo clearly is an imitation of the famous picture showing former president Barack Obama with his national security team monitoring the killing of Osama bin Laden in the White House Situation Room in May 2011. The Trump picture is even shot from the same angle as the Obama one:



President Obama and his national security team watching the killing of
Osama bin Laden in the White House Situation Room. May 1, 2011.
(White House photo by Pete Souza - click to enlarge)


Video teleconferencing

The big screen seen on the left side of the Mar-a-Lago photo can be identified as the Cisco TelePresence System EX90 with high-definition video screen, modified for TEMPEST protection by CIS Secure Computing. The system includes a smaller touchscreen device which is used to control the video teleconference calls.




Mysterious devices

Much more intriguing are the white devices with some kind of black screen or speaker, two by two connected to a larger central device by two cables each. Only for president Trump there's a different device in silver grey, probably with a display folded up:




On the internet, there was speculation about the purpose of the mysterious devices. Some suggested that it could be small displays or microphone/speakers, but that seems less likely. Displays of that size would hardly add any useful functions and for such a small group there's no need for microphones and/or speakers in front of every participant: nowadays one single conference phone unit is sufficient for much larger conference tables (and the large Cisco EX90 screen has built-in microphones too).

Update:
In a thread on Reddit, someone said that the "hardened EX90 doesnt really have good microphone pickups, so we have to run a few external microphones thru the 1/8 mini microphone jack. Now they went a little crazy with the mic's but prolly went overboard because didnt want anyone complaining about not being heard. What you see is a Mini XLR cable and Sheilded POE cable that goes from each base station to the next."
However, another thread on Reddit is somewhat more in favor of jammer devices (see below).

There's also no reason why there should be such a series of devices when it comes to encryption: both video and audio from the standard Cisco equipment can easily be encrypted by a single network encryptor, like from General Dynamics's TACLANE series. In this way, the Defense Information Systems Agency (DISA) provides secure video teleconferencing over its Secret (SIPRNet) and Top Secret/SCI (JWICS) networks.


Voice masking?

Another option for the black-and-white boxes is that they may not be used for picking up audio, but for masking it. With a technique called voice, speech or sound masking, a special device generates noise, preferably according to an algorithm that is adjusted to human speech. This noise is distributed through a number of emitters in order to mask the voices of people who are for example engaged in confidential conversations.

Such a purpose could explain the modular set-up of the mysterious devices in the Mar-a-Lago room: the larger ones in the middle of the table could then be for producing a standard voice masking noise, while the small ones may even be capable of adjusting the noise to the voice of that particular person.



(click to play)


Several companies sell voice masking systems, but on their websites there aren't devices similar to those in Trump's room. So there's no proof that they are for voice masking, but maybe readers of this weblog can provide more information.

Interesting is that one seller claims that their equipment uses the M2 algorithm, which is especially for US and NATO contractor companies, and US and Five Eyes(!) governments can contact the company for "further voice masking options."

In the 2015 Technical Specifications for SCIF Construction (pdf) it is said that in case the normal construction of a room doesn't provide the necessary acoustic protection, "sound masking devices, in conjunction with an amplifier and speakers or transducers" can be used in order to prevent classified discussions from being overheard by unauthorized persons.



Figures showing that the spectrum of SpeechMask is adjusted to
the actual qualities of human speech than broadband noise is.
(graphic: speechmasking.com - click to enlarge)


A Mar-a-Lago SCIF?

This brings us to the security of the room in which the meeting took place. According to Trump's press secretary, the photo shows a SCIF, which stands for Sensitive Compartmented Information Facility - a room, a suite of rooms or a whole building that is protected in such a way that classified Sensitive Compartmented Information (SCI) can be stored, processed, viewed and/or discussed without being intercepted from the outside.

People were wondering whether the Mar-a-Lago residence actually had such a SCIF, especially after Trump and his advisors held an "open-air situation room" meeting on the terrace of the resort, in front of club members and waiters, when North Korea fired a missile in February.

It seems that with the photo from Thursday, press secretary Spicer wants to show that for sensitive government business Mar-a-Lago does have a SCIF. But this isn't very convincing. Everything seems hastily arranged for this occasion, given the rather uncomfortable chairs and the odd sign taped onto the door, which says "QUIET AREA" - not clear whether that applies to the room we see or the room behind the door:



And if the mysterious white devices are indeed for voice masking, that would also indicate that the room isn't fully qualified as a permanent SCIF - else there would be no need for installing such equipment. At best, this room is a (temporary) Secure Working Area (SWA), which is an accredited facility "used for discussing, handling, and/or processing SCI, but where SCI will not be stored."

With Donald Trump having spent already 8 of the 11 weekends of his presidency at Mar-a-Lago, it's strange that there's apparently still no proper SCIF with solid walls and without windows, and just one door with a high-security lock - shouldn't be too difficult to construct for the real estate businessman like Trump was.


By contrast, president George W. Bush had a special building on his ranch in Crawford, Texas that was used as a SCIF, modeled like a conference room in the White House Situation Room, with comfortable chairs and all the necessary communications equipment for secure and non-secure phone calls as well as for video teleconferencing:



George W. Bush in the SCIF on his ranch in Texas. December 29, 2004.
(White House photo)


On the same day as the airstrike against Syria, president Trump also received the Chinese president Xi Jinping at Mar-a-Lago, which at least led to visitors of the club being warned not to use cell phones when the president was near. Also there were plenty of secret service agents around, according to local news reports.

Mar-a-Lago isn't just Trump's private vacation residence, but also a club resort that is open to paying members and ticketed guests, staffed by workers without the same security clearances as White House staff, which makes the place vulnerable to infiltration and/or eavesdropping by foreign intelligence.



Links
- NBC News: What Is a SCIF and Who Uses It?
- BBC: Decoding the Trump 'war room' photograph
- Quartz: Trump created a makeshift Situation Room at Mar-a-Lago for a briefing on the Syria bombing
- Motherboard: What the Heck Are These Electronic Devices in Trump's Situation Room?
- National Counterintelligence and Security Center: Technical Specifications for Construction and Management of Sensitive Compartmented Information Facilities (pdf)

February 21, 2017

Trump's "beautiful" Oval Office phones and what was changed on them

(Updated: April 4, 2017)

On January 20, businessman Donald J. Trump became the 45th president of the United States. In the Oval Office he found telephone sets for both secure and non-secure calls, which were installed under his predecessor Barack Obama. Trump called them "beautiful phones", but nonetheless some small changes were made, apparently to better fit the image that he wants to present of himself.

As Trump continued twittering there's speculation whether he still uses his very unsecure old Samsung Galaxy S III or a new phone that has been properly secured. At the moment this isn't clear, also because there are no photos yet showing Trump using a smartphone as president. This issue will be discussed when more information becomes available.



President Trump signing an executive order, with the modified Cisco 8841 IP Phone
and the older Cisco 7975 IP Phone with expansion module. January 24, 2017.
The wooden box with presidential seal is an emergency call device.


As we can see in this picture, there are the following telephone sets on the president's desk in the Oval Office:

- On the left: a new Cisco 8841 IP phone, which is part of the internal White House telephone network and can be used for all non-secure calls. This network was modernized since 2015, but the phone was not placed on the president's desk until late 2016.
On the back of this phone is a black metal box and on the front panel there's an extra red button, both of which are modifications by Advanced Programs, Inc. (API) in order to meet Telephone Security Group (TSG) standards, including on-hook security for the handset and the speakerphone and probably also for TEMPEST protection.
These modifications are to make sure that the phone cannot by any means be caused to produce or transmit audio when the handset is on-hook - whether accidental or deliberate. It's not for securing the calls by means of encryption.

Update:
As noticed on reddit, this Cisco IP phone may not be an 8841, but an 8851 or 8861, which have a USB port and a connection for a Key Expansion Module (KEM) on the right side of the phone. A close look at the photos seem to show that one of the anti-tamper labels covers these extra ports that the 8841 doesn't have:


Close-up of the box attached to the Cisco 8841
(click to enlarge)

- On the right: an older Cisco 7975G Unified IP Phone with expansion module 7916, which is for the highly secure Executive Voice over Secure IP-network connecting the president to all major decision makers, like the secretaries of State, Defense and Homeland Security, the Director of National Intelligence and top military officials.
This telephone network became operational in 2006 or 2007, but this particular phone is on the president's desk only since early 2011. Elsewhere, these phones usually have a bright yellow bezel or faceplate instead of the standard silver one, indicating they may be used for conversations up to the level of Top Secret/SCI.


Based upon the photos that have been published, president Trump used the non-secure telephone for calls with German chancellor Merkel and Saudi Arabia's king Salman, while the secure one was used for phone calls with Russian president Putin and Australian prime minister Turnbull. This means that these latter heads of state have been provided with the necessary encryption systems to set up a secure communication channel.


"Beautiful phones"

In an interview with The New York Times on January 25, president Trump said "These are the most beautiful phones I’ve ever used in my life" - which may sound a bit strange as both are regular models for management and executive positions in large businesses and organisations. In this case it's understandable though as in his Trump Tower office, there's just a mid-range Avaya/Lucent 8410 office phone from the mid-1990s with a tiny monochrome display, where both phones in the Oval Office have large full-color screens.



The old Avaya/Lucent 8410 on Trump's desk in Trump Tower,
while using his Samsung Galaxy S III smartphone
(click to enlarge)

Apparently referring to the Cisco 7975 for the secure Executive Network, Trump added that it is "The world’s most secure system - The words just explode in the air" - a rather odd way to say that these calls are highly encrypted and therefore impossible to intercept with the express purpose of course that the words do not dissappear in the air but reach the other end uninterrupted.


Small changes

All this sounds like Trump was very happy with the telephone equipment he found in the Oval Office, but photos from just a few days later show that some changes were made to both phones on the president's desk:

- Instead of the Cisco 8841 IP phone modified for security reasons, there's now the regular commercial version of this telephone set, so without the additional box at the back and the red button on the front.

- The expansion module (with 12 buttons that allow up to 24 additional direct lines) of the older Cisco 7975G IP phone has been removed:



President Trump calling Australian prime minister Turnbull using the Cisco 7975G IP Phone
for secure calls (without expansion module). January 28, 2017
(photo: Drew Angerer/Getty - click to enlarge)


With the expansion module attached, the older Cisco 7975 IP phone was quite a large device, so probably Trump wanted to have it smaller to make room for all the paperwork he likes to have spread out on his desk. Apparently he saw no need for having the extra direct line buttons, probably because he can always have a Situation Room communications officer connect him to anyone he wants, but it may also symbolize that there's only a very small number of people that he is in contact with.

The reason for replacing the modified (and therefore more secure) Cisco 8841 by a regular version is more puzzling. It doesn't make the device smaller, nor easier to operate. The only thing is that the box on the back, the small red button and the silver anti-tamper seals draw some extra attention to the device.

That doesn't sound like a very big deal, but according to a report by The New York Times, visitors to the Oval Office said that Trump "is obsessed with the décor — it is both a totem of a victory that validates him as a serious person and an image-burnishing backdrop — so he has told his staff to schedule as many televised events in the room as possible".



President Trump speaks to Saudi Arabia's king Salman using
the Cisco 8841 for non-secure calls. January 29, 2017
Note the extra long handset cord
(photo: Jonathan Ernst/Reuters - click to enlarge)


So with the two telephones being necessary, they had to be as less distracting as possible: no sophisticated technical security improvements to gaze at, as well as leaving more space for the papers - everything to focus on Trump as a hard working president.

The piles of paper may be more suggestive than real though: like in his Trump Tower office, they are not just official reports and memos, but also include newspapers, magazines and printed web articles, from which Trump learns the news as he seems to have difficulties with reading more complex texts. But the papers also work rather chaotic, just like every aspect of his presidency so far.

Earlier presidents used to have their actual paper work not in the more ceremonial Oval Office, but for example in the little-known small private study right next to it. The Treaty Room in the residence part of the White House was also used as a private study, especially during the evening hours. President Trump however favors watching television shows, which he impulsively comments on twitter and seem to be his primary source of information.

Update #1:

The following photo from March 8, 2017, shows the White House office of deputy press secretary Sarah Huckabee Sanders. We see that the Cisco 8800-series IP phone on her desk still has the security modifications by Advanced Programs, Inc. (API) which the phone on president Trump's desk hasn't anymore:


Office of deputy press secretary Sarah Huckabee Sanders. March 8, 2017
(photo: AP Photo/Evan Vucci - click to enlarge)


Update #2:

Ultimately on March 21, 2017, the Cisco IP phone from the 8800-series with the security modifications was back on the president's desk again, as can be seen in the photos taken when Trump signed a bill for the NASA budget:


The two Cisco IP phones on the president's desk on March 21, 2017.
(photo: AP Photo/Evan Vucci - click to enlarge)


At the moment we can only guess about the reasons for these changes, but it's seems possible that, as a reader commented here, Trump "had the phones changed because he doesn't trust whatever was left around by the previous administration" - which fits a story about White House aides who became paranoia and fear that career intelligence employees are working to undermine the new president by monitoring their phone calls, emails, and text messages and subsequently leaking this information.


Sloppiness

Trump wants his country's physical borders to be extremely secure, but he clearly has much less feeling for and experience with securing classified or sensitive information, illustrated by apparently preferring a regular Cisco 8841 IP phone on his desk, instead of the modified version that secures against sophisticated eavesdropping techniques.

Maybe he thinks that such risks are exaggerated by the intelligence and security people he is so skeptical about, but in the late 1990s it was for example suspected that the Israelis had penetrated and could listen into the (non-secure) internal White House telephone system.

Another example of Trump's sloppiness was when Brian Krzanich, CEO of Intel, visited the Oval Office on February 8, and a lockbag with the key still in it was lying underneath a bunch of papers - a security violation for which Democratic senator Martin Heinrich called out Trump on twitter:




Such a lockbag is used for securely transporting classified documents, notably a method that Trump prefers, as he told reporters in response to questions about Russia's hacking of the Democratic party: "It's very important, if you have something really important, write it out and have it delivered by courier, the old-fashioned way because I'll tell you what, no computer is safe."

Earlier, Trump said that computers "have complicated lives very greatly" and he himself doesn't use a computer nor e-mail, while his smartphone appears mainly for twitter. A big difference with president Obama, who used an iPad for government business and also received the President's Daily Brief on his tablet computer.

Trump however doesn't like to read long and nuanced intelligence reports and now gets much shorter daily national security briefings covering only three topics, typically no more than one page each. To keep the president's attention, intelligence analysts were even instructed to only include facts that support their analyses and not cover topics from different perspectives.



(The New Yorker, February 2017 - click to enlarge)



Links
- Time: Donald Trump After Hours
- Politico: ‘People are scared’: Paranoia seizes Trump’s White House
- AP News: Media the enemy? Trump sure is an insatiable consumer
- Ned Price: I didn’t think I’d ever leave the CIA. But because of Trump, I quit.
- Dale Beran: 4chan: The Skeleton Key to the Rise of Trump
- API datasheet: 8841 Cisco IP Phone (pdf)

- See also the reactions on reddit

January 18, 2017

The 5-year anniversary of this weblog



Today is the 5-year anniversary of this weblog, so this time we will look back at the main developments and the highlights from the 108 articles that have been published here so far.

The very first posting was on January 18, 2012, and contained a video about the White House Situation Room, providing a nice look at the telecommunications equipment used at the highest level of the US government.



The first header of this weblog from January 2012, showing communications equipment
in the watch center of the US National Counterterrorism Center (NCTC)


Initially, this weblog was called Top Level Telecommunications, as it was the intention to write about the communications equipment used by high-level government and military officials.

This fills a gap, because about crypto equipment for secure communications, there were already some very good websites, like those from Jerry Proc and the Dutch Crypto Museum, while for example the White House Museum and Cryptome provided great photos of the phones used by the US president, but without a more technical description of their functions.

In this way, a range of articles were written about the various phones used by president Obama. Then in October 2012 there was an extensive piece about the most important and exclusive communications link in the world: the Washington-Moscow Hotline. For many people it was an eye-opener that there were actually no red telephones on this hotline.

Besides the phones of the US president, there were articles describing the telephone equipment used by the Israeli prime minister, by the Dutch queen, by the popes, as well as by North-Korean dictator Kim Jong-un.

Also provided were a list of highly secure mobile phones and a solution by General Dynamics to secure high-end commercial smartphones.



The second header of this weblog from October 2013, showing the NSA's National Security
Operations Center (NSOC), with the old name, but also the new domain name


Then, in June 2013, the Snowden-leaks started, which would result in the largest number of highly secret documents about NSA and GCHQ ever published. For this weblog, they provided a unique opportunity to describe the modern ways of intercepting communications as detailed as the methods to protect them and so the focus shifted from Top Level Telecommunications and Communications Security (COMSEC) to Signals Intelligence (SIGINT).

After for example new insights into the PRISM program and slides about other collection programs, it was described that the NSA tool BOUNDLESSINFORMANT only shows metadata and that the screenshots from BOUNDLESSINFORMANT can be misleading, which was eventually confirmed in February 2014 when it came out that the Dutch government tried to hide the truth about metadata collection as shown in the BOUNDLESSINFORMANT charts.

Carefully studying the original NSA documents made clear that they often did not support the stories in the press or the way they were presented by Snowden himself. The NSA presentations and reports made clear that the agency is extremely capable in intercepting communications, but they show no evidence for global mass surveillance in the sense that all our communications are continuously monitored, stored and analysed.

Other examples: in July 2014, Glenn Greenwald came with a last big story that was intended to prove that NSA was spying on ordinary American citizens, but actually the original document shows that it was not NSA, but FBI that monitored 5 Americans. In February 2015 it was reported that NSA and GCHQ had stolen SIM card keys from companies like Gemalto, but this didn't put "billions of cellphones" at risk as this was clearly an operation for tactical military purposes.


This kind of close and critical examination of the Snowden documents became an almost unique feature of this weblog as only very few other people took the time and effort for similar analysis.

Although sometimes controversial, the articles about the Snowden-revelations became highly appreciated by a very wide range of people, which led to a huge increase of readers and also of followers of the twitter-account @electrospaces.

The name Electrospaces was initially chosen for the URL of this weblog (http://electrospaces.blogspot.com) and is derived from Electrospace Systems Inc. (ESI), a former company that manufactured the sophisticated and futuristic looking telephone devices used for the Defense Red Switch Network (DRSN) and therefore also by the US president and the military leadership.



An Electrospace MLP-2 telephone from the early 1980s


With this weblog now being not only about top level telecommunications equipment anymore, and the need for a short name on twitter, the initial name was replaced by Electrospaces.net, which also became the new and easier-to-use domain name. Accordingly the new name was presented on the header of this weblog as of January 2016.


Fans of top level telecommunications equipment were not forgotten, with articles about State Department red phones, the phones of NSA director Alexander, those of US Director of National Intelligence James Clapper, and of the Dutch prime minister. A final comprehensive overview of the presidential communications equipment under Barack Obama combines the information from earlier postings about Obama's phones.


Meanwhile, this weblog provided the first description of NSA's largest cable tapping program: DANCINGOASIS and identified the DRTBOX and the DRT surveillance systems for collection of wireless signals for tactical military purposes. And there was a detailed overview of FAIRVIEW: Collecting foreign intelligence inside the US.

The Snowden documents also revealed an overwhelming number of NSA codewords, internal organizational designators and the SIGADs which denote collection facilities, for which separate lists were compiled here in order to keep track of them - and they are still the most complete ones available.

Other lists contain codewords from GCHQ, CSE and BND and explain the numerous abbreviations and acronyms found in the disclosed documents. For a better understanding of the context, an overview of the complicated US classification system, as well as of NSA's legal authorities was created.



The current header of this weblog from January 2016, still showing the NSA's National
Security Operations Center (NSOC) but now with the new name Electrospaces.net
and the three topics which are covered here.


A range of articles became dedicated to developments in Germany: starting with how secure the Merkel-Phone is and how NSA targeted her mobile phone to an extensive coverage of the hearings of the parliamentary commission that investigates spying by NSA and the cooperation between NSA and BND (twitter hashtag: #NSAUA).

These seemingly endless hearings are transcribed by volunteers of the German digital rights organization Netzpolitik.org, but as they reveal many interesting details that confirm or complement things from the Snowden-documents, it proved to be worthwhile to summarize them here in English too.

Some notable results from these hearings were many interesting details about the joint NSA-BND operation Eikonal, which was recognized as being part of NSA's RAMPART-A program here for the first time, as well as that BND didn't care much about foreign NSA selectors.


In collaboration with the French weblog about intelligence & defence Zone d'Intérêt, articles were published about what if Google was an intelligence agency, followed by analysis of the new intelligence laws in France and the Netherlands, with articles about similar laws of other countries to follow in the future.


Finally, some numbers: the most popular article on this weblog became the one about how Obama's BlackBerry was secured from April 2013 with over 100.000 pageviews. Second is a piece from July 2014 about the new phones aboard Air Force One with was read about 72.000 times. Third comes a detailed description of INCENSER, or how NSA and GCHQ are tapping internet cables which got some 65.000 pageviews. The overall total of pageviews for this weblog is currently almost 2,3 million!




Links
- Washingtonian: 5 Questions for a Dutch Blogger Who’s Obsessed With the White House’s Phones

January 14, 2017

The presidential communications equipment under Barack Obama

(Updated: January 31, 2017)

Over the past five years, a range of articles on this weblog covered the secure and non-secure phones used by president Barack Obama, whether in the White House, at his Summer residence or aboard Air Force One.

With Donald Trump taking over the US presidency in a few days, it's a good moment to look back and provide a comprehensive overview of the communications equipment during Obama's time in office.

Additional context for this was provided by a background story from the New York Times from April last year, as well as by several other sources, which show an almost complete overhaul of the communication systems of the Obama White House.





Preparations under George W. Bush

For the communications systems used by the president of the United States it was more important to be reliable, than to be up-to-date, and so the equipment often served decades, almost until the moment that there are few officials left who know how to maintain it.

Modernization started under the presidency of George W. Bush, not directly to keep up with the rapid rise of internet communications, but because the existing system failed during the attacks on September 11, 2001. As the 9/11 Commission report says:
"The President told us he was frustrated with the poor communications that morning. He could not reach key officials, including Secretary Rumsfeld, for a period of time. The line to the White House shelter conference room and the Vice President kept cutting off."



Conference room of the Presidential Emergency Operations Center (PEOC). September 11, 2001
In the drawer there's a small version of the Integrated Services Telephone (IST)
(White House photo - click to enlarge)


These failures led to an overhaul of communications systems and the installment of new equipment. Bush' deputy chief of staff Joe Hagin ordered for example the upgrade of the Intel 486 computers, replacement of the slow and cumbersome Lotus Notes e-mail system, and White House staff members started using the first BlackBerries.

From August 2006 to May 2007 the famous Situation Room in the West Wing basement underwent the biggest renovation since this facility was created under the Kennedy administration. It was transformed from one simple conference room with a small office space into a multi-room facility with high tech communications equipment, much like we got used to from fictional movies and tv-series:



Video about the White House Situation Room. December 2009.
(White House video - click to play)


Simultaneously, a new and highly secure telephone system was established that should prevent failures like on 9/11: the Executive Voice over Secure IP-network, which connects the president with all major decision makers, like the secretaries of State, Defense and Homeland Security and the Director of National Intelligence.

For this network, common Cisco 7975 unified IP phones are used, but instead of the bezel or faceplate being standard silver, it's bright yellow, which is the color code for the highest classification level: Top Secret/SCI. The phones themselves have no encryption capability, there are separate network encryptors, probably from General Dynamics' TACLANE familiy.



Obama calls the French president Hollande using the Cisco IP phone with
yellow faceplate for secure communications. Key Largo, Florida, March 8, 2014
(White House photo by Pete Souza - click to enlarge)


Before this new IP-network was installed, the president's secure phone calls went through the Defense Red Switch Network (DRSN), which is the secure telephone network for the entire US military. In 2001, the DRSN was still circuit-switched, but its special multilevel precedence and preemption (MLPP) functionality couldn't prevent the glitches during the September 11 attacks.

The DRSN uses custom-made telephone devices, the latest model being the Integrated Services Telephone 2 (IST-2), which can be used for both secure and non-secure phone calls. Probably because of this combined functionality, president George W. Bush got an IST-2 in the Oval Office and so this was also the phone that Obama found on his desk when he took over the Presidency in January 2009:



A single IST-2 telephone on Obama's desk, March 29, 2009
(White House photo by Pete Souza)


Although it was useful to have just one phone for secure and non-secure calls, the IST-2 was probably a bit too military-looking, and also a special cover plate had to be made to cover the 50 direct line buttons, to prevent visitors from seeing who Obama's primary phone contacts were:


The IST-2 telephone with cover plate. The wooden box with the presidential
seal and the red button is an emergency call device
(click to enlarge)


In March or early April 2011, the single IST-2 on the president's desk was replaced by two more common phone sets:

- A black Avaya/Lucent 8520T, which is for the internal White House telephone network that was installed in 1996 and can be used for all non-secure phone calls.

- A dark gray Cisco 7975G Unified IP Phone with expansion module 7916, which is for the highly secure Executive Voice over Secure IP-network, but instead of the yellow faceplate, the phone in the Oval Office has the standard silver one, probably to make it not stand out too much. Although this phone came on the president's desk under Obama, the system itself was already operational since 2007.



The Cisco 7975, Lucent 8520 and iPad 2 on Obama's desk, July 31, 2011
(White House photo by Pete Souza)


In the Oval Office, this configuration would stay in use until the Summer of 2015. The same telephone sets could be found in the office of the president's personal assistent, which is right next to the Oval Office, as well as in the West Wing offices of other White House staff members who may need secure voice communications:



Obama in the office of his personal assistent, with a black Avaya/Lucent 8520T
for non-secure and the gray IST-2 for secure phone calls, May 24, 2010.
Left of the television there's a smaller Avaya/Lucent 8410D.
(White House photo by Pete Souze)



President Obama bids farewell to his personal secretary Katie Johnson. June 10, 2011.
(Cisco 7975 IP phone for secure and the Avaya/Lucent 8520T for non-secure calls)
(White House photo by Pete Souza - click to enlarge)



The office of Ben Rhodes, deputy national security adviser for strategic communications,
with a black Avaya/Lucent 8520 and the Cisco IP phone with yellow faceplate.
Also note the white file cabinet with KABA MAS high security lock.
(photo: Doug Mills/The New York Times - click to enlarge)


In March 2011, president Obama received an iPad 2 directly from Apple founder Steve Jobs ahead of the commercial release. As of January 31, 2012, this device was used to provide Obanma with portions of the President's Daily Brief (PDB), a summary of the most important intelligence assessments. This electronic way of delivery allows analysts to add video and audio clips and interactive graphics. For security reasons, the wireless connections of the president's iPad are disabled.





New equipment under Barack Obama

Immediately after becoming the 44th president of the United States in January 2009, a problem arose with the BlackBerry that Barack Obama was almost addicted to before he was elected. The president using a BlackBerry was considered a big security risk, as foreign intelligence agencies could easily track the president's movements and intercept his communications.


Secured BlackBerry

Obama definitely wanted to keep his BlackBerry, so the White House Communications Agency (WHCA) and the National Security Agency (NSA) came up with a solution: in cooperation with engineers from BlackBerry manufacturer Research In Motion (RIM) they secured a set of regular BlackBerries with the SecurVoice application.

Somewhere in May or June 2009, this highly secured BlackBerry was delivered to president Obama as well as to a group of up to twenty people with whom he liked to stay in close contact with. This because it's only possible to have secure communications if both ends are using the same encryption method or device.




President Obama using his secured BlackBerry 8900 in the limousine while
traveling to the airport in Jakarta, Indonesia. November 10, 2010.
(White House Photo by Pete Souza - click to enlarge)



As of 2009, the White House Communications Agency (WHCA) started upgrading its Washington Area System network, modernizing six network switches in Washington, transiting secure telephone units to IP-based phones, purchasing 24 secure deployable voice switches, upgrading narrow and wideband satellite systems, and conversing the radio network used for presidential travels to an IP-based system.

As part of the Senior Leadership Communication System (connecting the president, vice president, Congress, secretary of Defense, chairman of the Joint Chiefs, etc.) the WHCA established a nationwide network that would survive a high-altitude electromagnetic pulse (HEMP) from a nuclear blast. This network would consist of fiber-optic rings with redundant connections with HEMP and non-HEMP networks.

For all this, the WHCA asked an extra $ 24.7 million for its 2009 procurement budget, which also included upgrading the Head of State network to an IP-network. This system is used by the president to communicate with foreign leaders, but unfortunately we have no additional information about it, so it's not clear which heads of state are connected to it and whether and how it is secured.



A small room within the White House Situation Room where the president
"can make a head-of-state phonecall from the Situation Room itself"
(screenshot from a White House video)


Cool phones?

Even though Obama inherited a fully modernized Situation Room and a sophisticated IST-2 phone on his desk, and was also provided with a uniquely secured BlackBerry, he still expressed his disappointment of the communications equipment he found in the White House. During a meeting with fundraisers in April 2011, he said:

"I always thought I was gonna have like really cool phones and stuff," and: "We can't get our phones to work." Acting out his exasperation: "Come on, guys. I'm the president of the United States! Where's the fancy buttons and stuff and the big screen comes up? It doesn't happen."


Although this wasn't really the case for the president's own equipment, it did apply to other White House employees. The New York Times reported that West Wing aides were stuck "in a sad and stunning state of technological inferiority: desktop computers from the last decade, black-and-white printers that could not do double-sided copies, aging BlackBerries (no iPhones), weak wireless Internet" and desktop phones from the mid-1990s.

Part of this problem was that responsibility for White House technology has long been divided between four agencies, each with their own chief information officer:
- the National Security Council (NSC)
- the Executive Office of the President (EOP)
- the US Secret Service (USSS)
- the White House Communications Agency (WHCA)
That led to a series of Band-Aid solutions over the years, as one agency or another has attempted piecemeal upgrades to White House gear.



"Composite of several images of the President and his national security team during meetings
in the Situation Room discussing the mission against Osama bin Laden" - May 2011.
On the table we see the Cisco with yellow faceplate and an STE secure phone.
(White House Photo by Pete Souza - click to enlarge)



Even in March 2016, when a full IT modernization had already started (see below), Obama said that the pop-culture depiction of presidential-grade technology and the real world are far apart: movies and TV shows "make it appear as if I’m in the [Situation] room and moving things. [We] have half a finger print and a half an hour later I’m tracking a guy on streets of Istanbul. Doesn’t work that way, no. Sometimes I’m just trying to get a connection."

After all the system upgrades, trying to get a connection should not be a problem anymore. Real-time monitoring of military of intelligence operations may be different, but the White House was eager to show that at least they were capable of doing so during the moments when US Navy SEALS killed Osama bin Laden on May 1, 2011:



President Obama in one of the small conference rooms of the Situation Room,
following the operation against Osama Bin Laden. May 1, 2011.
(White House Photo by Pete Souza - click to enlarge)


In the air

With quite some improvements of the ground-based communications systems, the equipment aboard Air Force One was still lagging behind. For their modernization, an $ 81 million contract was awarded to L-3 Communications in 2009. This included replacing outdated analog systems, providing fixed bandwidth switching and integrated secure/non-secure video teleconferencing.

By August 2012, all the old phone sets from the 1980s had been replaced by the Airborne Executive Phone (AEP), which is able to make both secure and non-secure calls from a single handset. It also provides Multiple Independent Levels of Security (MILS) for digital voice and internet data access.




President Obama talks on the phone aboard Air Force One. April 10, 2014.
The Airborne Executive Phone has the red light on, which means it's a secure call.
(White House Photo by Pete Souza - Click to see the full version)


After the upgrade of the phone system, administration officials still had to sent e-mails over an air-to-ground internet connection that was often no better than dial-up modems from the mid-1990s.

Current White House deputy chief of staff for operations Anita Decker Breckenridge told The New York Times that this wasn't acceptable anymore and that she has since worked with the Air Force to upgrade the president’s plane to broadband speeds: "This is the Oval Office in the sky. Talk about a network that didn’t work."


On the road

The Airborne Executive Phone was also installed in the presidential limousine: in the next picture we can recognize a dark gray version of the device between the seats, underneath the presidential seal. President Obama seems to be using a Motorola RAZR flip-phone, for which there's a cradle right next to the side-window.

Previously, an earlier Motorola clamshell phone was used inside the limousine, which means that there must also be a picocell inside, as the heavily armored vehicle will act as a Faraday cage that blocks wireless signals. In the picture, Obama also has two BlackBerries and his iPad in a cover:



President Obama talks on the phone with Aurora Mayor Steve Hogan during the
motorcade ride to Palm Beach International Airport. July 20, 2012.
(White House Photo - Click to enlarge)


(The WHCA also provides secure and non-secure telephones at every location the president visits while traveling. These phones are slightly different and will be described in a separate article later on)


On vacation

"Presidents don't get vacations, they just get a change of scenery" - so when president Obama was on Summer vacation at the Blue Heron Farm in Chilmark on the island of Martha's Vineyard, the White House Communications Agency (WHCA) would install all the necessary equipment, especially for secure communications.

In the following picture we see Obama during his vacation in August 2011, with on the table two common white Panasonic KX-TS108W office phones, which the WHCA provides for non-secure calls. For highly secure calls, two Cisco 7975G Unified IP Phones with yellow faceplate were installed:

> Read more: Obama on vacation


President Obama monitoring Hurricane Irene with his assistant John Brennan and
some other officials. Martha's Vineyard, Massachusetts, August 26, 2011
(White House photo by Pete Souza - click to enlarge)



The New York Times reported about a situation during Obama's Summer vacation in 2014: when White House aides accompanying the president struggled with their laptops as they tried to revise a presidential statement, they could not get on-the-road tech support from the WHCA because the agency’s staff members were not authorized to log in to computers issued by the Executive Office of the President.


IT modernization

After this incident in Martha's Vineyard, White House deputy chief of staff for operations Anita Breckenridge was determined to finally fix the mess of the presidential communications systems.

By March 2015 she had hired David Recordon, who designed and maintained the office technology for Mark Zuckerberg and the other employees at Facebook, to modernize the White House IT systems. Just 28 years old, he was appointed as the first Director of White House Information Technology. "It was an interesting challenge and world for me" according to Recordon.

For this overhaul, the White House didn't need to request additional money - it was paid out of the existing technology budgets for the various agencies involved. In some cases, money was saved by eliminating duplications: the four agencies involved no longer negotiate their own contracts with cellphone companies and no longer buy duplicate copies of software licenses.



President Obama in his private study in the Treaty Room of the White House. We see two
black Avaya/Lucent 8410 phones, a computer screen and an HP laser printer. March 2009.
(Callie Shell/Aurora Photos - click to enlarge)


New IP phones

After almost 20 years, the old internal White House telephone network with the black Avaya/Lucent telephones was replaced by a new IP-based system with the latest Cisco IP phones from the 8800-series.

These phones have full-color (video)screens, WiFi and Bluetooth connectivity (although likely disabled for security reasons), and speed-dial buttons that can be configured online - for the old desktop phones only few staff members knew how to program them. Many White House aides now carry the most recent iPhones, but Obama still carries his own specially modified BlackBerry.

The new IP phone system seems to have been first rolled out in the White House staff offices in the Eisenhower Executive Office Building (EEOB) right across the street, where the new phones were first seen in this picture from November 2015:



White House staffers in the social media office of the White House
in the Eisenhower Executive Office Building. November 2015
(photo: Stephen Crowley/New York Times - click to enlarge)


Later, the new phones also made their way to the office of Obama's personal secretary, right next to the Oval Office, where they replaced the old Avaya/Lucent Lucent 8520T and now sit next to the older Cisco IP phone for the highly secure Executive Voice over Secure IP-network (here also with the standard silver instead of the yellow faceplate):



Obama presents a birthday cake to his personal secretary Ferial Govashiri,
in her office just outside the Oval Office. August 30, 2016
(White House photo/Pete Souza - click to enlarge)


Strangely enough, this new Cisco IP phone was not yet installed on the president's desk in the Oval Office. There, a much simpler telephone from a different manufacturer had replaced the old big black Lucent 8520 by May 2015. The new Avaya 9608 IP phone is a very common office phone with just an average monochrome display and only a few direct line buttons:



President Obama talks on his phone for secure calls with Secretary of State
John Kerry. In front of it there's the new Avaya 9608, July 13, 2015.
(White House photo by Pete Souza - Click to enlarge)



This Avaya IP phone was also placed underneath the side-table in the seating area of the Oval Office, as can be seen in the following picture. In the seating area there's always the same set of telephones as on the president's desk, but when the president makes a phone call, he usually uses the ones on his desk. The phones in the seating area can then be used by his aides or advisers to listen in to the call.



President Obama and FBI Director James Comey speak to members of
the media in the Oval Office of the White House, June 13, 2016.
(AP Photo/Pablo Martinez Monsivais - click to enlarge)



However, in November 2016, the Avaya phone underneath the side table had been replaced by the more futuristic looking Cisco IP phone from the 8800-series, but on the president's desk there still seems to be the simpler Avaya device.



Jann Wenner visits president Obama in the Oval Office, the day
after the 2016 presidential election, November 9, 2016.
(White House photo/Pete Souza - click to enlarge)

Updates:

A close look at the high-resolution version of a photo from December 24, 2016, shows that also on the president's desk, the Avaya phone has been replaced by what can be recognized as the new Cisco from the 8800-series, with some kind of module on the back.

Meanwhile, readers of this weblog have recognized that the box on the back is because this Cisco 8841 IP Phone has been modified in order to meet Telephone Security Group (TSG) standards, including on-hook security for the headset and speakerphone, in this case by Advanced Programs, Inc. (API). The modified phones can also be recognized by the bright red secure hold button:


On the very last day of the Obama administration, just hours before Donald Trump was inaugurated, all the offices of the White House West Wing were empty, leaving just the new communications equipment:



Empty desks in the White House press offices, with a new Cisco IP phone, a new computer
screen and keyboard with integrated smartcard reader. January 20, 2017.
(photo: David Nakamura/The Washington Post - click to enlarge)


New computers

Besides the new telephone system, director of White House Information Technology David Recordon also installed a new computer network. The New York Times reported that first he tried to map the miles of Ethernet cables and phone wires inside the walls of the White House. His team of technicians eventually discovered and removed 13,000 pounds of abandoned cables that no longer served any purpose.

"They had been installed over the decades by different organizations using different standards, different techniques, from different eras" Recordon said. "They were finding these pipes that just had bundles of cable that had been cut off over the years, no longer used. So we just started pulling it out."

With the wiring fixed, Recordon started replacing the old computers by new ones with fast, solid-state drives and fast processors, as well as installing color printers. The WiFi is now made strong enough to live-stream for example an event on Facebook from the Roosevelt Room. And finally, the White House has started requiring users to log on to their computers with two-factor authentication using a smartcard and a pincode.



An Avocent KVM-switch and a smartcard-reader with a smart ID card
inserted, as seen in Ben Rhodes' White House office
(photo: Doug Mills/The New York Times)



Links and sources
- The New York Times: Obama Boosted White House Technology; Trump Sees Risk (Dec. 2016)
- The White House: How the Presidential Transition Works in the Social Media Age (Oct. 2016)
- The New York Times: Technology Upgrades Get White House Out of the 20th Century (Apr. 2016)
- Comparison of Cisco IP phones: Impressions of the 8861 (Aug. 2015)
- Many more pictures at Cryptome: Obama Phones (Jan. 2012)
- NBC News documentary: Inside the Obama White House (2009)
- See also: The White House Museum