Skip to main content

Tory conference app flawed, Boris Johnson gets a new profile pic

(Image credit: Image Credit: Flickr / European Cyclists' Federation)

The Tory conference app has a big security flaw, and the internet used it to make fun of a couple of senior party members. The app itself was designed for anyone to log in and attend the conference. However, in order to log in, all you needed was an email address.

And when you're, say, Boris Johnson, and you're using your public parliamentary email address to log in, it's not hard for people to find it and use it to log in as – you guessed it – Boris Johnson.

Once logged in, users would have access to personal information such as the phone number.

Some users were quick to spot the flaw and used it in the most obvious way – to change Boris Johnson's profile picture from his face, to a pornographic image. The Guardian (opens in new tab) is saying Michael Gove's picture was changed to one of his former's employer's – Rupert Murdoch's.

After the fun subsided, commentators used the flaw as an argument to the government's incompetence of using technology to solve issues around the Irish border and custom checks.

It has also raised the question of GDPR. Even though the app's privacy policy says it is compliant with GDPR, it might very well have breached data laws.

A Momentum spokesperson described the event as “staggering incompetence” of the Conservative party. “This sums up the Tories, staggeringly incompetent and out of touch with the modern world,” they said. “They can’t even build a basic conference app without a huge data breach, and it’s terrifying that they’re in charge of the tech that runs our hospitals, schools and airports.“

But not everyone was so kind with their words. . One Whitehall source described the error as “fu*king ­ridiculous”.  

Image Credit: Flickr / European Cyclists' Federation

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.