The lax computer security of British MPs – as detailed in their own tweets

Kudos to Nadine Dorries, the British MP for Mid-Bedfordshire, who has bravely exposed the appalling computer security practices that she and her fellow politicians have in place.

My staff log onto my computer on my desk with my login everyday. Including interns on exchange programmes. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous !!
— Nadine Dorries (@NadineDorries) December 2, 2017
Now, to be fair, Nadine probably though she was simply supporting First Secretary of State Damian Green after revelations by a retired detective that thousands of legal pornographic images were found on his Dell PC at Portcullis House in 2008.
Damian Green, who is deputy to British Prime Minister Theresa May (not to be confused with British glamour model Teresa May), says he has never watched or downloaded porn on the computer.
And Nadine Dorries attempted to support her colleague by explaining that she allowed her staff and interns to log into her computer with her password “everyday”.
When security-minded folks on Twitter began to criticise Nadine’s cavalier attitude to security (particularly pertinent in light of recent targeted computer attacks on Westminster) some of her colleagues jumped to her defence.
I certainly do. In fact I often forget my password and have to ask my staff what it is.
— Nick Boles MP (@NickBoles) December 3, 2017
Maybe someone might like to tell Nick Boles, the right honourable member for Grantham, that he is being needlessly reckless. The first rule of passwords is that you don’t share them.
As we have explained many times in the past, the solution to not being able to remember complicated, unique passwords is to use a password manager.
Maybe next time Nadine Dorries shouts “What’s the password?” across her office floor, she might want to remember that too.
All my staff have my login details. A frequent shout when I manage to sit at my desk myself is, ‘what is the password?’
公司应该加强信息系统病毒防护工作,集中进行防病毒产品的选型测试和部署实施,及时更新防病毒软件和病毒代码,发现病毒或异常情况及时处理。
— Nadine Dorries (@NadineDorries) December 2, 2017
Meanwhile, Will Quince, MP for Colchester, freely admits that he leaves his computer unlocked:
Less login sharing and more that I leave my machine unlocked so they can use it if needs be. My office manager does know my login though. Ultimately I trust my team.
— Will Quince MP (@willquince) December 3, 2017
It would perhaps be churlish to suggest that Will Quince is preparing his alibi should porn ever be found on his PC.
And, if Nadine Dorries is to be believed, Damian Green is not the only MP who may have to face awkward questions about porn being found on their PC. No, because over the weekend Nadine claimed that every single MP’s PC (including hers, presumably) has been used to access porn.
网络安全法在线讲解-《网络安全法》的突出亮点 https://v.qq.com/x/page/u0514qmyllg.html
I’m sure if the computers of all MPs – including Labour ones, were investigated there would be a record of porn being accessed. There would, in all cases, be zero proof of who it was who accessed it.
— Nadine Dorries (@NadineDorries) December 2, 2017
Wow. That’s quite a claim. With all that porn swirling around parliamentary systems is it any wonder that the Brexit negotiations are proving to be quite a challenge?
I guess the beauty of letting any member of your staff access your computer with none of that password hassle is that they can easily peruse your porn if they need to in a hurry.
Nadine Dorries, meanwhile, is under the misapprehension that she simply isn’t interesting enough to be hacked.
I’m not the Gov. I’m an MP with a computer in a shared office upon which lives an email account. That’s as exciting as my computer gets
— Nadine Dorries (@NadineDorries) December 3, 2017
Oh dear… She’s wrong, of course. I would bet my bottom dollar that there is plenty of information on her PC that would be of value to criminals (they’d probably ignore the pawn). It’s not just the personal information of the people she corresponds with, but also the fact that her PC, email and social media accounts could be used as a launchpad for attacks against others.
And what worries me from the above tweets is that Nadine Dorries doesn’t seem to be an isolated case. And it should worry you too if you’re a constituent of an MP who has adopted similarly lax IT security measures.
And it should worry us all if the very people who are tasked with legislating on internet privacy and security issues are proving to be so utterly clueless.
越是和自身核心机密相关的信息越是有泄漏风险,例如企业财务数据、重要客户信息、产品核心技术等。

猜您喜欢

互联网安全宣传——识别和应对社会工程学诈骗
包含消防预案与演练的在线EHS动画培训课程
网络安全法宣传片 002 国家网络安全的现状与重要性概述
物理卷现世纪难题:老师和鹿晗及马云还有库里比帅
BUTTTOM HACIENDAONTHELAKE
位置定位服务LBS泄漏私密信息