Information Security

While commuting in London the last few days, one thing that has really surprised me (although I know it shouldn’t) is how much information people give away unconsciously, and their general lack of consideration of their own security.

Standing on the tube, every day I see people using their phones without lock codes, as well as reading confidential emails etc. while on the train. I know, I know, some of it is just that I’m a nosy bastard – but all the same, it’s pretty surprising (to me) that people are so unaware of people around them who could be getting information etc.

It’s not just the emails and phones, of course. Standing in the local sandwich shop, I can see the PIN numbers people use on the Chip+PIN machines. (And of course the odds are that people use the same PIN number for their card transactions and for their phone unlock codes) Then they go and sit down, putting their bags beside them.

And I’ve lost count of the number of people I’ve seen carrying laptops in laptop bags, with the strap just over one shoulder – easy to slip off in a crowd and get away with into the distance.

If I were criminally inclined, I would have been able to easily nick two or three iPhones a day – and know which ones were unlocked with no PIN lock at all, or what the PIN code is. I’d be able to take handbags or wallets and know what those PIN codes are in order to make cash withdrawals etc. And I could probably get away with a laptop bag or two as well.

It gobsmacks me how little people seem to think about their own security, and the security of their information. It’s not even an “It won’t happen to me” attitude – I think most people aren’t even conscious of those potential risks.

I don’t have any answers to it. People just don’t seem to take it seriously. It’s the same with passwords (we’re always seeing lists of weak passwords that are in use, but even so they don’t change) and many other things. How we change it, I truly don’t know…