The lax computer security of British MPs – as detailed in their own tweets

Kudos to Nadine Dorries, the British MP for Mid-Bedfordshire, who has bravely exposed the appalling computer security practices that she and her fellow politicians have in place.
通过向最高管理层讲述使用盗版对公司带来的商业和法律风险,我们获得了对保护知识产权及信息安全的重视和承诺。通过对公司的软件使用情况进行持续不断的监控、检查和改进,我们建立和完善了软件使用的申请和许可机制。
My staff log onto my computer on my desk with my login everyday. Including interns on exchange programmes. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous !!
什么是ISO27001信息安全管理体系认证?怎么认证
— Nadine Dorries (@NadineDorries) December 2, 2017
Now, to be fair, Nadine probably though she was simply supporting First Secretary of State Damian Green after revelations by a retired detective that thousands of legal pornographic images were found on his Dell PC at Portcullis House in 2008.
Damian Green, who is deputy to British Prime Minister Theresa May (not to be confused with British glamour model Teresa May), says he has never watched or downloaded porn on the computer.
And Nadine Dorries attempted to support her colleague by explaining that she allowed her staff and interns to log into her computer with her password “everyday”.
When security-minded folks on Twitter began to criticise Nadine’s cavalier attitude to security (particularly pertinent in light of recent targeted computer attacks on Westminster) some of her colleagues jumped to her defence.
I certainly do. In fact I often forget my password and have to ask my staff what it is.
— Nick Boles MP (@NickBoles) December 3, 2017

Maybe someone might like to tell Nick Boles, the right honourable member for Grantham, that he is being needlessly reckless. The first rule of passwords is that you don’t share them.
As we have explained many times in the past, the solution to not being able to remember complicated, unique passwords is to use a password manager.
Maybe next time Nadine Dorries shouts “What’s the password?” across her office floor, she might want to remember that too.
All my staff have my login details. A frequent shout when I manage to sit at my desk myself is, ‘what is the password?’
— Nadine Dorries (@NadineDorries) December 2, 2017
Meanwhile, Will Quince, MP for Colchester, freely admits that he leaves his computer unlocked:
Less login sharing and more that I leave my machine unlocked so they can use it if needs be. My office manager does know my login though. Ultimately I trust my team.
— Will Quince MP (@willquince) December 3, 2017
It would perhaps be churlish to suggest that Will Quince is preparing his alibi should porn ever be found on his PC.
And, if Nadine Dorries is to be believed, Damian Green is not the only MP who may have to face awkward questions about porn being found on their PC. No, because over the weekend Nadine claimed that every single MP’s PC (including hers, presumably) has been used to access porn.
I’m sure if the computers of all MPs – including Labour ones, were investigated there would be a record of porn being accessed. There would, in all cases, be zero proof of who it was who accessed it.
— Nadine Dorries (@NadineDorries) December 2, 2017
Wow. That’s quite a claim. With all that porn swirling around parliamentary systems is it any wonder that the Brexit negotiations are proving to be quite a challenge?
I guess the beauty of letting any member of your staff access your computer with none of that password hassle is that they can easily peruse your porn if they need to in a hurry.
Nadine Dorries, meanwhile, is under the misapprehension that she simply isn’t interesting enough to be hacked.
I’m not the Gov. I’m an MP with a computer in a shared office upon which lives an email account. That’s as exciting as my computer gets
— Nadine Dorries (@NadineDorries) December 3, 2017
Oh dear… She’s wrong, of course. I would bet my bottom dollar that there is plenty of information on her PC that would be of value to criminals (they’d probably ignore the porn). It’s not just the personal information of the people she corresponds with, but also the fact that her PC, email and social media accounts could be used as a launchpad for attacks against others.
And what worries me from the above tweets is that Nadine Dorries doesn’t seem to be an isolated case. And it should worry you too if you’re a constituent of an MP who has adopted similarly lax IT security measures.
And it should worry us all if the very people who are tasked with legislating on internet privacy and security issues are proving to be so utterly clueless.
客户至上,为了商业利益,产品供应商要妥协啊,一味妥协退让也不行,得确保客户正确地使用您的代码,至少不泄露给竞争对手。此外,还得使您的系统开发遵循国际标准和惯例,以及提升安全性。

猜您喜欢

安全生产、职业卫生、环境保护
数字时代窃贼防范畅想
网络安全法学习课堂
双色球第142期关注和值上升 蓝球设防1路号码开出
CLICKNKIDS LEGENDS33
如何改变员工的信息安全行为