Of course not

Alex asks whether politicians learned anything from the News of the World phone hacking scandal:

Also, did the central government have any communications security at all? Did CESG or MI5 not have anything at all to say about this? Didn’t any of them just change their damn password, or even change their damn number?

Of course not. As a class politicians are the group most clueless about ICT and worst placed to make decisions on anything to do with it and that gets worse the higher up the ranks you get. Most modern politicians these days have never been anything but politicians and in that job you only need a pc as a glorified typewriter, while once you get high enough on the ladder the normal computer scutwork most of us have to deal with day to day can all be fobbed off on interns who’ll print out all the important documents for you. So I doubt they’ve spent any time at all thinking about communications security.

Case in point: several Dutch politicians got hit with a variant of what the News of the World did recently, as investigative reporters from the newsshow Één Vandaag “hacked” their voicemails by trying the standard Vodaphone pincode on them. Quite a few ministers turned out not to have bothered resetting this or even knew that they had to do that. Worse, neither did their IT department. Personally I think having voicemail at all is way too much of a security risk anyway and I’d switch it off altogether if I were in such a responsible function, but than that’s too much of a hassle.

What doesn’t help either is that is how much party political business is interwoven with government responsibilities for modern politicians, meaning that there’s a high risk for cross pollution anway. In an ideal world government ministers would have two or three separate mobiles: one for their job, one for journalists and party workers to reach them on and another for the family, but I suspect most people use the same phone for everything…