UK PM's Aide Loses BlackBerry In Chinese Honeytrap 260
longacre writes "The Times of London is today reporting a January incident in which a top aide to Prime Minister Gordon Brown discovered his BlackBerry missing from his hotel room after spending the night with an attractive woman who approached him in a Shanghai disco. Seems this was a run-of-the-mill BlackBerry without any encryption, only a simple password lock. The greatest fear is that, even if the device did not contain any sensitive messages at the time, there was likely enough information on board for a hostile intelligence service to snake its way deep into Downing Street's email servers. The aide was 'informally reprimanded.'"
Re:This seems to be a recurring problem. (Score:5, Insightful)
What makes you think the UK/US is any different?
Honeytrap? Proof? (Score:5, Insightful)
"Honeytrap"? Bullshit. What leads anyone to think it was anymore than the guy lost in in a taxi, or if the girl did take it, she sold it on to a second hand phone dealer for a few dollars.
I think if it was really a "vast Communist conspiracy" as the article implies, the agents would have copied the data from the phone and returned it later in the evening, leaving him none the wiser.
Much more important to consider is if the guy used the phone while he was in Beijing, there is an excellent chance that every keystroke, including passwords, was captured en route.
Re:This seems to be a recurring problem. (Score:3, Insightful)
Re:This seems to be a recurring problem. (Score:4, Insightful)
The level of espionage out of China is pretty ridiculous. I wonder how long this goes on before the trade advantage of dealing with them is over weighed by their rampant spying.
I don't know what country you are from, but I can almost be sure that your country is making the same efforts against other countries.
Govt fault, not the aide (Score:5, Insightful)
The fault has to lie with the government and not the aide.
This comes down to just bad security governance, even my blackberry is encrypted and our BES servers enforce security down to the handset so that you can't install any unauthorised applications.
These devices of course are prone to loss, and given the confidential information potentially held on these devices should be reason enough to enforce the appropriate security measures on the devices.
Re:Honeytrap? Proof? (Score:5, Insightful)
intelligence gathering doesn't have to be subtle to be effective.
whether or not his phone ended up in the hands of a foreign service he was foolish to have it stolen so obviously.
passwords? (Score:5, Insightful)
likely enough information on board for a hostile intelligence service to snake its way deep into Downing Street's email servers.
So, in addition to stupid aides that fall for Chinese spy-whores, the British government is incapable of changing the passwords on its mail servers?
Re:passwords? (Score:3, Insightful)
Re:This seems to be a recurring problem. (Score:4, Insightful)
Look up Echelon. You can't make an international phone call without the bastards snooping in on it. Our Lords and Masters have no understanding of what "privacy" means.
Because it sells (Score:5, Insightful)
"News" have long ago lost any purpose of informing, assume it ever has that in the beginning. Nowadays, "news" is just baits used to catch your attention to advertisers, who are the real customer of any "news" organization, be it newspaper, TV or web site.
Which headline do you think catches more attention (thus earn more profit)? "Some guy lost his Blackberry?" or "Chinese spys strikes again"?
Re:passwords? (Score:5, Insightful)
Let's see:
You are a chinese honeytrap now in possession of an aide's blackberry. It is 1am. The aide has passed out drunk three steps inside the front door of his flat, and won't be in any fit capacity until about 8am, when he realises his blackberry is missing and goes looking for it. The IT boys cancel his password at 9am.
That gives you 8 hours to:
- Read all his recent email, for starters. If they're doing IMAP, then god knows how many personal IMAP folders there are to browse through on the server. Look for the good folders like "Foreign Policy". "Sent Items" and "Drafts" can also be fascinating.
- Get his contact list, recent callers,etc, allowing you to analyse and see where this particular cog fits in the Government Machine. If he turns out to be a well-connected individual, it might pay in the future to keep an eye on him. If he's not well-connected, that's one more person you cross off the list.
- Possibly fire off a few trojans to a few "inside" email accounts on that list, who might accept them from a known,"trusted" source. Doesn't hurt to try something like "Revision to yesterday's document -- URGENT".
So you see, there's plenty of scope for mischief.
Re:passwords? (Score:5, Insightful)
The final logical step of course, would be to put it back where you found it before he wakes up. Now that would be far better "spying" than just nicking the thing. So maybe it was just stolen.
Counter-arguments would be that if a woman was going to seduce a guy just to steal from him, you'd have seen more things go missing than just a blackberry. And even if the "spy" did want to take the blackberry, stealing other things as a cover would be better. This story is either incomplete or there is some inept work being done here.
Re:Honeytrap? Proof? (Score:4, Insightful)
Exactly. Occams Razor. In the UK, the New Labour Regime has a substantial history of losing important documents in large numbers. The Party and its employees are not generally known for their intelligence (as in brains, not spying). He's also British, thus at night he's most certainly drunk.
Q.E.D. He lost the Blackberry. He then lied to make himself seem like a more glamorous victim.
Most probably he's just a drunken, incompetent, liar. Like most everyone else in his Party.
xenophobia (Score:1, Insightful)
More xenophobic rubbish from the /. crowd.
What will it take for you guys to realise that China is not your enemy?
Re:This seems to be a recurring problem. (Score:3, Insightful)
Our Lords and Masters have no understanding of what "privacy" means.
Funny, they feel the same way about you. "Those silly citizens have no idea what the word 'privacy' means anymore. Like it's something that we can't snoop into."
Re:xenophobia (Score:3, Insightful)
Every country does that, and yet some manage to still consider other countries friendly.
Anyway, in the case of the usa, I severly doubt it would make any difference at all. The usa seems to be stuck in this anti-communism era, even though China has little to do with that any more. With the USSR gone, the usa has few left to demonise, so China is the obvious target.
Still, not everyone on /. is from the usa, and yet these adsurd articles keep getting posted.
Re:Honeytrap? Proof? (Score:5, Insightful)
No. The parent hit the nail squarely on the end. If they had stolen his passwords and returned the device then they would have had access to his official email without him being any the wiser. Then they could have gathered intelligence on anything he had access to for the foreseeable future.
Stealing the device would just make Downing Street close the account and issue him a fresh one. Intelligence gathering does have to be subtle to be effective.
Re:Honeytrap? Proof? (Score:3, Insightful)
Whereas the Tories will no doubt be a shining beacon of moral rectitude when they finally claw their way back into power?
What a load of crap; I detest this partisan bollocks. Politicians of all colours are for the most part honest with a lot of dissembling forced upon them by the spin that the media will put upon any straight and honest answers that they give.
There are bad apples (just as an example a Tory cabinet minister [wikipedia.org] went to prison for perjuring himself in a libel action) but this "oh the government is a monster" crap obscures any real debate about their actual policies. We get the politicians we deserve. Unfortunately.
An aide losing his blackberry is not proof, or even an indicator, of anything at all about the government as a whole. Particularly not the version of the story reported by a right wing newspaper about the left wing government.
When the Tories get in, they will do an adequate job of running the country. Then their lustre will fade and much the same people who complain now will switch allegiance and hail Labour as the new hope for honesty in governance.
Re:xenophobia (Score:1, Insightful)
What will it take for you guys to realise that China is not your enemy?
China is a noted opponent of human rights. As a human, that makes them my enemy.
And yes, this applies equally to the United States and other countries.
Re:This seems to be a recurring problem. (Score:5, Insightful)
Not good at it, or not caring?
Our espionage agencies have to keep up the front of being the "good guy". We don't spy. We only have those spies to protect us from other spies, you know? Our secret agents are only good and shining examples, they don't steal information or conduct covert operations to kill someone, and if they do, we first of all make sure that whoever they want dead is so long slandered and labeled terrorist, communist or whatever the boogeyman of the day so people nod their heads and agree that this man is better dead.
China has no such problems. The people there know that they better not question the actions of their government. Oh, you mean international prestige? Ok, hate me. I'm the one building your crap for cheap, want to do business without me? Can your economy survive without me? So whether you hate me or not, you will continue to do business with me, do I care what you think of me?
Stolen by a prostitute, not agent. (Score:2, Insightful)
Prostitutes do still phones and cash. WHat makes them think that it was an agent?
Certainly it would give them a selfrespect and a feeling of selfimportance.
But what really happened is that a hooker has got a blackberry stolen from a drunkard.
More precisely (Score:3, Insightful)
"Only a fool would think that an attractive chinese women in chinese disco is not going to go to bed the first night with a westerner.
Re:This seems to be a recurring problem. (Score:5, Insightful)
Luckily, some of us do know what it means these days — privacy means two very large prime numbers.
Re:You're all making a bigger deal about this than (Score:2, Insightful)
Following the logic they shold be the agents of foreign intellegence services running amok stelaing notebooks and mobile phones with data in London. But it is absurd.
They are stolen by trivial criminals for profit.
Re:This seems to be a recurring problem. (Score:4, Insightful)
Re:If you can lose a blackberry... (Score:5, Insightful)
'are you saying that everything on a Blackberry's drive is encrypted and therefore unretrievable if the password is lost?'
Yes, it is.
Individuals might have a blackberry with no encryption, and a weak password.
Anyone - like this guy - with a corporate blackberry will have an encrypted device and compulsory (annoying to the user - useful in this case) constant password checking and strong(ish) password policy enforcement.
Re:Honeytrap? Proof? (Score:2, Insightful)
Re:xenophobia (Score:3, Insightful)
They're working on it. [telegraph.co.uk] And they're openly trying to go a heck of a lot further than anyone in the West.
Given just the two choices, I think I'll go for the democratic surveillance society with strongly protected freedoms, rather than the one-party surveillance society where citizens don't even have basic rights like freedom of speech, assembly, and religion.
Re:This seems to be a recurring problem. (Score:3, Insightful)
"According to conspiracy theorists..." ...who have since been demonstrated to be correct. Echelon's massive capability has been widely, if quietly, known for some time.
Re:If you can lose a blackberry... (Score:3, Insightful)
Re:technology savvy should be a job requirement (Score:4, Insightful)
I think your delivery was too subtle. Slashdot's audience is so broadly distributed that the only universal humor left in brevity is a fart joke.
Physical Access... (Score:5, Insightful)
Not to mention...
The remote nuke option.
For me, once I report my pda lost, the boys in corp will send a command to wipe the contents of the phone and remove all settings. I believe this option also exists for blackberry.
As well initiate the self destruct code on the small thermonuclear charge.
As others stated, disabling its ability to receive said kill signal is not difficult. Past that, the other barriers to gaining the data on the device can probably be circumvented as well. 10 password fails wipes the device? They probably wont bother trying a single one on the device itself, if this is truly an organized attempt. Rather they would probably crack it open and copy the contents of its memory directly from the pins of the chips themselves, and then work from that copy. Remember, once physical access is obtained, you can bypass any software deterrences and most hardware ones as well.
Tm
Re:Because it sells (Score:3, Insightful)
If you can read between the lines, the spy story is to cover up for the fact that someone found out that the aide's phone was stolen by a Chinese prostitute he bought back to his room. This is more about arse-covering than scare scaremongering, they are just trying to distract people from the fact that this guy was stupid enough to leave his phone lying about whilst he slept next to a Chinese girl he met only hours ago.
Think less espionage and more governmental stupidity.