Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK PM's Aide Loses BlackBerry In Chinese Honeytrap

Posted by timothy on from the my-envy-exceeds-his-chagrin dept.

longacre writes "The Times of London is today reporting a January incident in which a top aide to Prime Minister Gordon Brown discovered his BlackBerry missing from his hotel room after spending the night with an attractive woman who approached him in a Shanghai disco. Seems this was a run-of-the-mill BlackBerry without any encryption, only a simple password lock. The greatest fear is that, even if the device did not contain any sensitive messages at the time, there was likely enough information on board for a hostile intelligence service to snake its way deep into Downing Street's email servers. The aide was 'informally reprimanded.'"

14 of 260 comments (clear)

  1. Re:This seems to be a recurring problem. by x_MeRLiN_x · · Score: 5, Insightful

    What makes you think the UK/US is any different?

  2. Honeytrap? Proof? by 1u3hr · · Score: 5, Insightful
    The only facts given are the guy picked up a girl (or vice versa) at a disco, and the next morning his Blackberry was gone.

    "Honeytrap"? Bullshit. What leads anyone to think it was anymore than the guy lost in in a taxi, or if the girl did take it, she sold it on to a second hand phone dealer for a few dollars.

    I think if it was really a "vast Communist conspiracy" as the article implies, the agents would have copied the data from the phone and returned it later in the evening, leaving him none the wiser.

    Much more important to consider is if the guy used the phone while he was in Beijing, there is an excellent chance that every keystroke, including passwords, was captured en route.

    1. Re:Honeytrap? Proof? by mewsenews · · Score: 4, Insightful

      intelligence gathering doesn't have to be subtle to be effective.

      whether or not his phone ended up in the hands of a foreign service he was foolish to have it stolen so obviously.

    2. Re:Honeytrap? Proof? by owlnation · · Score: 4, Insightful

      The only facts given are the guy picked up a girl (or vice versa) at a disco, and the next morning his Blackberry was gone.

      Exactly. Occams Razor. In the UK, the New Labour Regime has a substantial history of losing important documents in large numbers. The Party and its employees are not generally known for their intelligence (as in brains, not spying). He's also British, thus at night he's most certainly drunk.

      Q.E.D. He lost the Blackberry. He then lied to make himself seem like a more glamorous victim.

      Most probably he's just a drunken, incompetent, liar. Like most everyone else in his Party.

    3. Re:Honeytrap? Proof? by smallfries · · Score: 5, Insightful

      No. The parent hit the nail squarely on the end. If they had stolen his passwords and returned the device then they would have had access to his official email without him being any the wiser. Then they could have gathered intelligence on anything he had access to for the foreseeable future.

      Stealing the device would just make Downing Street close the account and issue him a fresh one. Intelligence gathering does have to be subtle to be effective.

      --
      Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
  3. Govt fault, not the aide by nighty5 · · Score: 5, Insightful

    The fault has to lie with the government and not the aide.

    This comes down to just bad security governance, even my blackberry is encrypted and our BES servers enforce security down to the handset so that you can't install any unauthorised applications.

    These devices of course are prone to loss, and given the confidential information potentially held on these devices should be reason enough to enforce the appropriate security measures on the devices.

  4. passwords? by speedtux · · Score: 4, Insightful

    likely enough information on board for a hostile intelligence service to snake its way deep into Downing Street's email servers.

    So, in addition to stupid aides that fall for Chinese spy-whores, the British government is incapable of changing the passwords on its mail servers?

    1. Re:passwords? by ColaMan · · Score: 5, Insightful

      Let's see:

      You are a chinese honeytrap now in possession of an aide's blackberry. It is 1am. The aide has passed out drunk three steps inside the front door of his flat, and won't be in any fit capacity until about 8am, when he realises his blackberry is missing and goes looking for it. The IT boys cancel his password at 9am.

      That gives you 8 hours to:

      - Read all his recent email, for starters. If they're doing IMAP, then god knows how many personal IMAP folders there are to browse through on the server. Look for the good folders like "Foreign Policy". "Sent Items" and "Drafts" can also be fascinating.

      - Get his contact list, recent callers,etc, allowing you to analyse and see where this particular cog fits in the Government Machine. If he turns out to be a well-connected individual, it might pay in the future to keep an eye on him. If he's not well-connected, that's one more person you cross off the list.

      - Possibly fire off a few trojans to a few "inside" email accounts on that list, who might accept them from a known,"trusted" source. Doesn't hurt to try something like "Revision to yesterday's document -- URGENT".

      So you see, there's plenty of scope for mischief.

      --

      You are in a twisty maze of processor lines, all alike.
      There is a lot of hype here.
    2. Re:passwords? by h4rm0ny · · Score: 4, Insightful


      The final logical step of course, would be to put it back where you found it before he wakes up. Now that would be far better "spying" than just nicking the thing. So maybe it was just stolen.

      Counter-arguments would be that if a woman was going to seduce a guy just to steal from him, you'd have seen more things go missing than just a blackberry. And even if the "spy" did want to take the blackberry, stealing other things as a cover would be better. This story is either incomplete or there is some inept work being done here.

      --

      Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
  5. Because it sells by khchung · · Score: 5, Insightful

    "News" have long ago lost any purpose of informing, assume it ever has that in the beginning. Nowadays, "news" is just baits used to catch your attention to advertisers, who are the real customer of any "news" organization, be it newspaper, TV or web site.

    Which headline do you think catches more attention (thus earn more profit)? "Some guy lost his Blackberry?" or "Chinese spys strikes again"?

    --
    Oliver.
  6. Re:This seems to be a recurring problem. by Opportunist · · Score: 4, Insightful

    Not good at it, or not caring?

    Our espionage agencies have to keep up the front of being the "good guy". We don't spy. We only have those spies to protect us from other spies, you know? Our secret agents are only good and shining examples, they don't steal information or conduct covert operations to kill someone, and if they do, we first of all make sure that whoever they want dead is so long slandered and labeled terrorist, communist or whatever the boogeyman of the day so people nod their heads and agree that this man is better dead.

    China has no such problems. The people there know that they better not question the actions of their government. Oh, you mean international prestige? Ok, hate me. I'm the one building your crap for cheap, want to do business without me? Can your economy survive without me? So whether you hate me or not, you will continue to do business with me, do I care what you think of me?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Re:This seems to be a recurring problem. by ettlz · · Score: 4, Insightful

    "Those silly citizens have no idea what the word 'privacy' means anymore. Like it's something that we can't snoop into."

    Luckily, some of us do know what it means these days — privacy means two very large prime numbers.

  8. Re:If you can lose a blackberry... by fiddlesticks · · Score: 4, Insightful

    'are you saying that everything on a Blackberry's drive is encrypted and therefore unretrievable if the password is lost?'

    Yes, it is.

    Individuals might have a blackberry with no encryption, and a weak password.

    Anyone - like this guy - with a corporate blackberry will have an encrypted device and compulsory (annoying to the user - useful in this case) constant password checking and strong(ish) password policy enforcement.

    --
    http://milkshake.dexy.org
  9. Physical Access... by Tmack · · Score: 4, Insightful

    Not to mention...

    The remote nuke option.

    For me, once I report my pda lost, the boys in corp will send a command to wipe the contents of the phone and remove all settings. I believe this option also exists for blackberry.

    As well initiate the self destruct code on the small thermonuclear charge.

    As others stated, disabling its ability to receive said kill signal is not difficult. Past that, the other barriers to gaining the data on the device can probably be circumvented as well. 10 password fails wipes the device? They probably wont bother trying a single one on the device itself, if this is truly an organized attempt. Rather they would probably crack it open and copy the contents of its memory directly from the pins of the chips themselves, and then work from that copy. Remember, once physical access is obtained, you can bypass any software deterrences and most hardware ones as well.

    Tm

    --
    Support TBI Research: http://www.raisinhope.org