In setting the date for the UK’s next general election, prime minister Rishi Sunak this week essentially announced the start of open season for political reporters all hunting for the top scoop of the day by any means necessary. He may need, however, to brief his ministers on basic opsec if he’s going to stop any more internal memos from reaching the front pages.

On May 22, less than 24 hours before PM Sunak said July 4 would be the day UK citizens decide on their next leader, The Times published a gem sourced from photos taken of veterans’ affairs minister Johnny Mercer’s laptop on a public train.

It’s an example of shoulder surfing – a type of social engineering technique that involves peering at other people’s devices to discover secrets like passwords, PINs, sensitive emails, and the like.

We’re not sure what’s worse here, the cyber hygiene gaffe and abject failure to protect internal party comms from the prying eyes of the British public traveling from Exeter to London, or the fact that along with his laptop Mercer was papped with his bare feet cheesing out the first-class carriage. For shame, Johnny.

For those whose interests extend beyond the mere cybersecurity aspects of this story, the photos revealed Mercer’s memo criticizing Downing Street for giving the PM too much airtime and should instead be offering more public speaking gigs to more popular members of the Conservative party, such as Kemi Badenoch and Penny Mordaunt.

Perhaps more illuminating on the current government’s attitude towards voting, Mercer also appeared to suggest that the Conservatives were suppressing votes from specific demographics.

His memo states that he was upset that his attempts to let military veterans, who had previously been turned away from polling stations, use their ID cards to prove their identity when voting had been denied. Downing Street special advisers apparently blocked these proposals because it could also “open the floodgates” and allow students to also use their ID cards too.

We got in touch with the Cabinet Office to ask for comment and find out if ministers are briefed on the dangers of shoulder surfing, but it hadn’t responded by the time of publication.

While we wait for a response from the UK gov, we can instead turn to Mercer’s X account, which is where he responded to The Times’ scoop by calling the public transport snapper a “little weirdo.”

“So some little weirdo has gone round snapping my laptop reading private messages from a private email account,” Mercer Xeeted. "My shoes and socks were off because I’d just cycled across Dartmoor in the rain.

“Shoot me now. Or grow up.”

  • ᴇᴍᴘᴇʀᴏʀ 帝@feddit.ukOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 months ago

    It’s not. They are largely sticking to the generally accepted official forms of ID - allowing military veterans to use their ID (which can currently only be used in specific contexts) would have opened the door to a whole range of other IDs, which is why this was all shut down.