Tory conference app flawed, Boris Johnson gets a new profile pic

null

The Tory conference app has a big security flaw, and the internet used it to make fun of a couple of senior party members. The app itself was designed for anyone to log in and attend the conference. However, in order to log in, all you needed was an email address.

And when you're, say, Boris Johnson, and you're using your public parliamentary email address to log in, it's not hard for people to find it and use it to log in as – you guessed it – Boris Johnson.

Once logged in, users would have access to personal information such as the phone number.

Some users were quick to spot the flaw and used it in the most obvious way – to change Boris Johnson's profile picture from his face, to a pornographic image. The Guardian is saying Michael Gove's picture was changed to one of his former's employer's – Rupert Murdoch's.

After the fun subsided, commentators used the flaw as an argument to the government's incompetence of using technology to solve issues around the Irish border and custom checks.

It has also raised the question of GDPR. Even though the app's privacy policy says it is compliant with GDPR, it might very well have breached data laws.

A Momentum spokesperson described the event as “staggering incompetence” of the Conservative party. “This sums up the Tories, staggeringly incompetent and out of touch with the modern world,” they said. “They can’t even build a basic conference app without a huge data breach, and it’s terrifying that they’re in charge of the tech that runs our hospitals, schools and airports.“

But not everyone was so kind with their words. . One Whitehall source described the error as “fu*king ­ridiculous”.  

Image Credit: Flickr / European Cyclists' Federation