Feeds

Want to teach in the UK? Give us your bank password then

UK gov furnishes itself with tools to steal all your money

  • alert
  • submit to reddit

Top three mobile application threats

Despite the odd unfortunate reverse, creeping control-freakery and privacy invasion is alive, well and thriving in UK government circles. As evidenced by this exchange from yesterday's proceedings in the House of Lords, which was drawn to our attention by Register reader "Disgusted of Tunbridge Wells."

Baroness Blatch: My Lords, can the noble and learned Lord explain to the House the relevance of a question that applicants have to answer about personal details of their bank and building society accounts, which includes the sort code, account numbers and the personal confidential word* that they have to use in order to secure information from their bank accounts? What is the relevance of all of that to securing information about a background of paedophilia and safety to work with children and adults? Can the noble and learned Lord also say whether much of the processing still takes place in Delhi, India?

For the benefit of overseas readers, the question relates to criminal record checking procedures brought in recently in the UK in order to vet teachers, carers and support workers dealing with children. The systems failed spectacularly to meet the deadline for the new term, but we'll let that pass. Blame the computers.

Lord Falconer of Thoroton: [Minister of State at the Home Office] My Lords, as to the first question, a very important aspect of what is done is that people are appropriately identified before any checks are made, so that the right person is identified.

As to the second question, the process involves material being sent to India. In India the details of paper forms are entered into the information system. That is done extremely quickly and effectively so that the system can then help in the process of identification.

So Falconer is actually confirming that Baroness Blatch's fanciful and far-fetched allegation is true, and furthermore he sees nothing wrong with it. It is not clear what relevance your bank personal security word would be to checking that you're you, unless of course the government has access to it already. Or, ahem, was planning to give itself access to it as a matter of course before the snoopers' charter had its nasty little accident.

Disgusted also queries the export of this data to India, but we're sure he has nothing to worry about here. No doubt the government is fully aware of relevant EU privacy legislation, and has ensured that whichever companies are processing this data conform fully with EU standards. ®

* For the record, the request actually seems to be for your mother's maiden name, as detailed here. This is commonly requested by banks as a passphrase, but if you were wise and lied to them (your mother was called 4g@tfu11, right?) then you're clearly OK.

Top three mobile application threats

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.