A Siri-ous issue? No need for 'Russian spies', when 'stupid boy' UK ministers have smartphones

Neil Clark is a journalist, writer, broadcaster and blogger. 

9 Jul, 2018 12:59

It was one of the funniest things we'd ever seen in Parliament. UK Defense Secretary Gavin Williamson was heckled by his own mobile phone while giving a statement on Syrian "democratic forces" last week.

But amid the laughter, the incident raises some serious security concerns about new technology, which up to now have largely been ignored.

At the time of the Profumo affair (when it was revealed that the Minister of War John Profumo had been sleeping with a model who was also sleeping with the Russian naval attache), the joke doing the rounds was that the government had spent so much time looking for Reds under the bed, it had forgotten to look inside the bed.

Fast forward to 2018 and the joke is this: The UK Defense Minister has spent so much time warning us about the Russian "threat" to UK cyber security, he forgot to switch Siri off on his new iPhone.  

For those who aren't au fait with the latest Apple technology Siri is the voice-controlled virtual assistant that "is ready to help throughout your day." Siri is the 2018 equivalent of Jeeves the butler, except it can't (at least not yet) make you a cup of tea or bring in breakfast.

"The idea is that you talk to her as you would a friend and she aims to help you get things done, whether that be making a dinner reservation or sending a message", explain tech writers Britta O'Boyle and Dan Grabham.

Siri is great, but the security implications of the UK Defense Minister keeping the software switched on are clear for all to see.

Last year, researchers at Zhejiang University found that hackers could control digital voice assistants using secret commands that were inaudible to humans.

In May, researchers at Berkeley in California came to the same conclusion.

Even if we take Siri – and other digital assistants out of the equation, there are still the other functions of today's smartphones to consider. It's never been easier to surreptitiously record meetings and conversations. Conversely, confidentiality has never been so difficult to maintain. Smartphones are pocket cameras too, making it oh-so-easy to take a quick photo of a document that we're not meant to take a copy of. Today's equivalents of Agent 007, whoever they are working for, don't need gadgetry from 'Q' any more, all they require is the latest phone and they're in business.

If a phone of a leading government minister is hacked, or stolen, imagine what information is likely to be contained in it. I was at a party about ten years ago when a quite well-known MP dropped his phone and it slid across the floor. He thought it was lost. I found it, and of course, I returned it. But let's suppose I had been an unscrupulous political opponent of the MP in question. I could easily have checked the photos on it, and the numbers to try and find something incriminating. Imagine if that happened today, and it was a smart phone that was lost?

The fact that the UK Defense Secretary didn't turn Siri off is hardly reassuring. Media Mole of the New Statesman cites information security expert Rodolfo Rosini, who told Computer Business Review: "In itself leaving Siri on is not a huge risk. What it shows [though] is that the guy has no OPSEC [operational security] so if he sets Siri on always listening, he may have s*** security on his home computers, download dodgy apps etc. It's inexcusable for someone in his position. Basically the problem is that he signaled he is an easy target with no clue."

What makes this all the more ironic is the time Gavin Williamson has spent warning the rest of us about the 'cyber-security' threat coming from Russia. In January, he said that Russian disruption of Britain's electricity interconnectors, which could come about via a cyber-attack, would kill "thousands and thousands and thousands" of people.

In February, he declared that Britain had entered a "new era of warfare" with the Kremlin. He said that the UK and its allies must "be primed and ready to tackle online threats to energy, infrastructure, finance and public services."

In March, he said that Russia's cyber operations were "active and brazen".

Russia has said that Williamson's claim of an attack threat on Britain's infrastructure was "like something out of Monty Python".

But it's not the only comedy analogy that's been made about the UK's Defense Minister.

We've learnt that Williamson's nickname is 'Private Pike' after the accident-prone character in Britain's best-loved sitcom, Dad's Army. In the series, which celebrates its 50th anniversary this month, Captain Mainwaring would look at Pike, when he'd made another mistake, and say to him "You stupid boy!"

It would have been the perfect response to this historic Parliamentary interruption.

Follow Neil Clark @NeilClark66

Like this story? Share it with a friend!