Another trip to back from Paris today and I’m no longer surprised at the lack of awareness people have when using their mobile phones, so let me recount a couple of stories from my early days in Information Security before I tell you of today’s!
I remember in 10 BC (Before Cycling) that I used to use the train to and from my place of work in London. Now, on my usual journey, I would sit on the train and read a magazine, or, if I hadn’t read it for a while, the superb Hitchhiker’s Guide to the Galaxy (this is one book to read if you want a seat on your own as it seems no one wants to sit next to a person who appears to be mad and laughing out loud – you can take that tip for free!).
So, on this particular day I ended up sitting next to a young lady, perhaps in her early 20s; the trip was from Charing Cross to my stop at Abbey Wood (a trip of around 40 minutes, on a good day). This young lady was talking to her friend, “Emma”.
Now, it seems that Emma had been in hospital with women’s problems (be warned, it gets graphic) and that she was still suffering from her stitches oozing and how her boyfriend didn’t want to come and see her in the state she was in (it’s nice when the conversation is repeated loudly for everyone’s convenience!). I put the magazine away, because there was no way to concentrate with this conversation going on beside me.
So, she would go on about her day at work, Emma would explain that she had had a few rough days too, and then there was part of the conversation that went off topic “Sorry Emma, but I’m going to go through a tunnel shortly and I may get cut off”. The woman in front of me physically looked around and crossed her fingers to her friend opposite.
Well, when the phone call to Emma was dropped when we went through the tunnel, I took this as an opportunity to ask the young lady if her friend was better now and whether her boyfriend was indeed paying her more attention (if you get my drift!).
“Are you listening in to my private conversation”, she shouted. “Private?”, I thought to myself (but said out loud), “…how can it be private, half the train could hear about Emma’s problems”. “Well it is private”, she said. “No it [expletive deleted] isn’t” said the woman in front of me to Emma’s friend in a raised tone.
So, we exited the tunnel and Emma’s friend immediately called her back, only to tell her that she couldn’t speak to her on the train as “people were being nosey and listening in to our conversation” (I kid you not!).
Another incident that occurred was whilst on a train journey for a course ‘up north’ whilst sitting in the buffet car.
There I was having a very nice train breakfast, you know the type, bacon, sausage, egg and tomato, all swimming in about 1cm of fat, when a guy across the way started making a call.
“I’d like to book tickets please”, “For the Lion King”, “4 tickets”, “Credit card”. He then went on to tell the person his full name, address, credit card number, expiry date and CV2 number. By this time, I had already finished my breakfast and was reaching for a pen; rather than use the napkin to wipe away the grease from my mouth, I had used it to write down all this guy’s information. “I quite fancy a new TV”, I thought, “But perhaps they might get suspicious if the delivery address doesn’t match the card holders address!”. So, I wrote his credit card details down on the back of one of my business cards (one that said I was an IT Security Manager for a law firm, as I was at the time), and picked a moment, whilst he was turned away, to drop it on his table as I passed for the toilet. (I needed to wash my hands because no amount of napkin was going to get rid of the fat all over them; only soap would do the trick!).
When I returned to the carriage, Mr L King (as I’ll call him for his privacy!) was furious. “Are you listening in on my private phone calls?”. I explained to Mr King that he was in fact on a train, sometimes referred to as public transport and that if he looked at the other side of the business card, he would realise that I was trying to help him, not steal his money – although I cannot vouch for anyone else on the train.
Mr King’s temper settled and we entered into a conversation as to why mobile phones on trains were a bad idea, and that not everyone is as honest as me. His anger, now dampened, had turned into gratitude. He actually explained that he’d only recently got a new credit card as his old one had been used without his knowledge. I think we know how that happened, eh?!
So, what about today?
Well, as is customary for me, I arrived at Gare du Nord with about 2 hours to kill and was sitting in the waiting hall.
Whilst eating a particularly loud bag of crisps (which annoys the hell out of people nearby – job done!), an American woman sat down behind me – we were back to back. Obviously I didn’t know she was American when she sat down, but when she began a phone call…
(The names have been removed for the sake of any blow-back on this story!).
She worked for a fairly large, and relatively well known company and wanted to ensure that when she was in Frankfurt in a few weeks, that the meeting should include her company’s marketing team as well as the team that would be presenting. In addition to this she was told (I didn’t hear, she just repeated it) that the consultancy she would be using (one of the Big 4 accounting firms), would be speaking in German and that all the stages of the presentation would be performed in German except for her part which would be in English (or the American version of English. No doubt spelling “colour” without the “u”, and putting lots of ZEDs in things, sorry ZEEs in thing, grr!)
She went on to mention some costs, and then, and here’s the clincher, she explained to the person on the other end of the phone the reason for the meeting was to get everyone on board with data privacy – honest, she was discussing data privacy at her meeting in a couple of weeks’ time. It was as if the Heart of Gold had suddenly materialised along with a bowl of petunias and a sperm whale; the improbability drive was working overtime (you have to read Hitchhiker’s to get the gag!)
Again, I won’t mention the name of the KomPany that the MarketinG [sic] team would be meeting to help with data privacy, but I’m sure a discussion about costs for the consultancy in an open forum might have been of used by someone that might, for example, work for another company that offers similar services. Unfortunately, my Information Security ethics kicked in and I won’t be letting anyone know what costs they were charging, but I’m sure it could be done cheaper!
So, the moral to the stories, if you needed any guidance, is to
- Always be aware of your surroundings
- Always ensure that your private conversations cannot be overheard
- And don’t discuss financial matters or publish your credit card details; you never know who is listening.
And finally, if you see a guy that appears to have been sitting in Gare du Nord for a long time, looking bored at the scenery, then avoid him like the plague as you may end up on another of his LinkedIn topics!
Oh, and it’s called PUBLIC transport for a reason!
Jayson Dudley is the Group Chief Information Officer at Mazars; https://uk.linkedin.com/in/jaysondudley . Thanks Jayson for permission to republish – I know I’ve been as guilty as any of your examples!