UK Politician's Campaign Staff Tweets Out Picture Of Login And Password To Phones During Campaign Phone Jam
from the p@ssw0rd! dept
When we talk password security here at Techdirt, those conversations tend to revolve around stories a bit above and beyond the old “people don’t use strong enough passwords” trope. While that certainly is the case, we tend to talk more about how major corporations aren’t able to learn their lessons about storing customer passwords in plain text, or about how major media outlets are occasionally dumb enough to ask readers to submit their own passwords in an unsecure fashion.
But for the truly silly, we obviously need to travel away from the world of private corporations and directly into the world of politicians, who often times are tasked with legislating on matters of data security and privacy, but who cannot help but show their own ineptness on the matter themselves. Take Owen Smith, for example. Smith is currently attempting to become the head of the UK’s Labour Party, with his campaign working the phones as one would expect. And, because this is the age of social media engagement, one of his campaign staffers tweeted out the following photo of the crew hard at work.
The image is such that the problem may not jump out at you. Hopefully one of the many internet-ers that tweeted a response to the campaign will help.
Owen Smith’s team have the absolute cheek to accuse @jeremycorbyn of “incompetence” the day after this! pic.twitter.com/ZUydXlLdxr
— Another Angry Voice (@Angry_Voice) September 5, 2016
Yes, a staffer for the campaign managed to tweet out the full login and password to the phone banks for the campaign’s phone jam. That password was also declared weak by the same internet that had managed to suss it out from the photo as well, leading some to complain that politicians that cannot bother to run organizations that adhere to basic security practices shouldn’t be trusted to legislate on those matters in government.
The tweet has since been deleted and the credentials altered, but password security practices probably start with a first step of: don’t send out your l/p to the entire known internet-connected world.
Filed Under: cybersecurity, owen smith, passwords, security, uk
Comments on “UK Politician's Campaign Staff Tweets Out Picture Of Login And Password To Phones During Campaign Phone Jam”
Let’s not forget to mention that it’s also a good security policy to not write passwords on a whiteboard and share them with a bunch of people.
Even without the tweet, this guy is a twit.
Obviously this was a Russian ISIS informant trying to overthrow the government. They should be arrested. And the military should liberate or invade the country…
CFAA Violations for anyone who saw that tweet. You are all criminals! Go to jail!
Add this
Let’s not forget that the intentional deletion of the tweet is tampering of evidence which proves they knew they were breaking the law.
All whiteboards should be automatically encrypted as you write. Then only those those that are wearing the super secret decrypting glasses could read it.
Re: Re:
Any writing I put on a whiteboard is encrypted. That is if you listen to the complaints from those trying to read it…
Key
Ahh, that explains why I can read it using my government computer. But not my personal computer.. I have the golden key which means only I being a good person can see it.
> The tweet has since been deleted and the credentials altered
Yes, but who altered them? Smith’s campaign group would like to talk to them.
No worries… they changed the login to PasswordPa$$w0rd.
Its safe now.
Just - wow
Seriously, I see the picture here. I can’t make it out clearly, so I save a copy to my desktop (wanting to see this ‘disclosing’ image). On a 32-inch monitor, I try to make out what is said at: password: x&*^%%m and just can’t get there.
To this, it SUPREMELY BEGS THE QUESTION, why are people using image enhancers, blowing up images 32x, and so-forth just to see ‘what gory, juicy details are REALLY in the picture?’
I mean, if you have Bill, Hillary, Donald and Barack all laughing together at a black-tie event, I get ‘tearing a picture down’ to find ‘hints’ about what’s ‘really going on’, but being as this mp isn’t exactly the Prime Minister, I’m not really getting the significance of this ‘password crack’ to begin with.
Obviously, the citizens of the UK need more entertainment, more hobbies, or may just more employment – so they aren’t tearing insignificant politicians’ press photos apart? Just an idea.
Re: Just - wow
Ummmmm, yes, why did YOU do that?
Re: Just - wow
Anytime the opposition posts pictures of plans on a whiteboard, you’re naturally going to want to read them. They’re GIVING you the info instead of needing to go to “extremes” to get the info.
Re: Just - wow
Whenever someone posts a screenshot of their browser, I and many others will gravitate to seeing what their pinned bookmarks and tabs are titled. These types of things are almost beacons for “WE TOOK A PICTURE AND DIDN’T TAKE INTO ACCOUNT THAT MORE THAN JUST THE SUBJECT IS VISIBLE” and related face-eggs.
SMART
the second guy to tame fire didn’t scream as loud as the first.
this is NOT the first time something like this has happened
Zero'th Law
I think we just learned that the the Zero’th Law of Passwords is Do not publish your password on the Internet.
Until now, we didn’t think that had to be stated.
Re: Zero'th Law
Laws of Stupidity
Law 0: Stupidity cannot be destroyed, only deflected.
Law 1: Stupidity expands to fill the space available.
Law 2: Stupidity flows from the more stupid to the less stupid.
Law 3: Too many laws for the stupid to count.
Because there is more of it, and it’s armed with more clubs.