Feeds

Home Office classes openness review a secret

Silly Season opens here

Top three mobile application threats

It may be a little early for the silly season, but if last week’s antics by the Home Office and the Daily Mail are anything to go by, it is already upon us.

On Tuesday, the Home Office pioneered an interesting new approach to public information, by making a series of review documents available on their website – and leaving them password protected.

All too ironically, the documents catalogued “non-police power of entry” into your home, and were produced in response to a speech by Gordon Brown in October 2007, calling for greater openness in these matters. At the time, the Prime Minister expressed the view that there might be something like 250 provisions granting right of entry to an individual’s home.

However, as the Mail smugly pointed out, “there are now 1,043 laws that give the authorities the power to enter a home or business*. Nearly half have been introduced since Labour came to power 11 years ago.”

As examples of ludicrous new powers, the paper cites how officials may:

  • Invade your home to see if your pot plants have pests or do not have a 'plant passport'
  • Survey your home and garden to see if your hedge is too high
  • Seize fridges without the correct energy rating

Soon, authorities may also be able to enter your home to inspect for non-human genetic material, for looted cultural property from Iraq and for 'undeclared' carbon dioxide.

The Daily Mail’s response to what the Home Office described as an honest mistake was to call in the “computer experts” and open the documents anyway. We suspect that this required no more expertise than stripping the password out of a .pdf file.

A swift Google reveals a fair amount of software that will carry out this task – or at least claims to be able to do so. Reg readers interested in recovering “lost passwords” should check out products such as elcomsoft, PDFKey Pro or GuaPDF.

Whether it is legal to carry out such password removal – even where the document is intended for public use – is less clear.

Over the years, the Home Office website has attracted its share of criticism. On one occasion, individuals seeking to respond to the Home Office consultation on extreme pornography found their contributions bounced, because they included the word “pornography”. That’s good use of blocking software, almost on a par with the direct marketing company that invented its own processes for handling rude words, and rejected all addresses containing the word sex.

Readers in Sussex, Middlesex, etc. will instantly spot the flaw in that algorithm.

However, to be fair to the Home Office, there is no evidence that it is any worse than any other government department in this respect. The end of summer term in Parliament is the time for sneaking out as much embarrassing news as possible, in the sure knowledge that parliamentary scrutiny will be at a minimum.

No doubt, in the enthusiasm for getting the news out, someone left a file password-protected. It was unintentional, and readers wishing to catch up on the original release may now do so, without need for any additional hacking skills. ®

* Not so - the documents actually reveal 295 Acts, plus a hodge-podge of Statutory Instruments. These in turn add up to about 1,000 powers.

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.