back to article Your connection is not Brexit... we mean private: UK Tory party lets security cert expire

Another day, another embarrassing gaffe for the Tories. This time it seems someone forgot to renew the UK Conservative Party's website's security certificate. "Your connection is not private. Attackers might be trying to steal your information from www.conservatives.com (for example, passwords, messages or credit cards)," web …

  1. wolfetone Silver badge
    Trollface

    What's the issue? This is a "strong and stable" Government, that's what they've told us. Not once have they said they were "strong, stable, secure, up-to-date, modern, of the people, forward thinking, human".

    1. raving angry loony

      Just remember, a truck that's just gone over a cliff is also "strong and stable". Maybe not very aerodynamic, or likely to survive the sudden stop at the end, but it's definitely "strong and stable"...

      That said, meh, it's only a website. It's not like the Tory faithful understand what those are anyway. Telegrams and pigeons, isn't it?

      1. Warm Braw

        It's not like the Tory faithful understand what those are

        At least we may briefly be spared more of this...

      2. Anonymous Coward
        Anonymous Coward

        Err, no

        A truck that's just gone over a cliff may be strong, but it's certainly not stable. Unless your truck doubles as a plane :-)

        1. CrazyOldCatMan Silver badge

          Re: Err, no

          Unless your truck doubles as a plane

          Any truck can fly. Getting it to fly any more than a very short distance in a downward direction is slightly more of a problem..

        2. fajensen
          Mushroom

          Re: Err, no

          ... but it's certainly not stable.

          The *trajectory* towards a strong and perhaps even colourful impact on those rocks at the bottom of the cliff is stable - which is pretty much what the May-bot actuator and communications unit actually means (the personality matrix is obviously stored in a secure facility that used to be targeting Moscow and has now been repurposed).

          Since "it has been decided" to smash the country onto the rocks and grab whatever spills out, like the worlds biggest piñata party, ballistic guidance is still the best system for the job: It can't be interfered with, it cant be reasoned with, it can't be bargained with - and it will not stop, Ever, until millions are Dead on the NHS or Impoverished!

      3. handleoclast

        Re: truck metaphor

        @raving angry loony

        When you introduced your truck metaphor, it reminded me more of something. The strength and stability of the Tory party is illusory, much as the strength of <a href="https://www.youtube.com/watch?v=qxVQ7ZEG1RU>this truck</a> is. I think this metaphor is better than yours: the wilful ignorance of reality, the inevitable crash, etc.

    2. Dan 55 Silver badge

      Look on the bright side, at least the site uses HSTS.

      So if the certificate does expire, there's no way you could visit that website as you couldn't set up an exception even if you wanted to.

      1. John Lilburne

        Who cares? I got a panicy phone call from my webhost last month:

        "Your website is compromised".

        What are you talking about?

        "Mumble, mumble, mumble."

        Are you referring to lack of SSL cert?

        "Yes, could be hacked, mumble, mumble, lose user log ins, mumble, mumble"

        I don't fucking care, user logins are turned off, the site isn't selling anything. I'm the only one that has a login account. Now come back when there is actually a problem and not because you want to sell me some buggy SSL shite that I don't need.

        1. CrazyOldCatMan Silver badge

          because you want to sell me some buggy SSL

          And for giggles, you could liberally sprinkle the words "LetsEncrypt" throughout your response..

          1. Anonymous Coward
            Anonymous Coward

            It's the Labour party website that uses Let's Encrypt. The Tory one uses Comodo.

    3. macjules

      This is a "strong and stable" Government

      Less of the horsey talk around Mrs May please. You'll upset the Brexit Unicorns.

  2. Lysenko

    "Your connection is not private."

    That's not an error message, it's a Home Office policy announcement.

    1. SVV

      Re: "Your connection is not private."

      "Attackers might be trying to steal your information from www.conservatives.com (for example, passwords, messages or credit cards)."

      My god,they're not keeping all the information they've snooped from us on their party website are they?

      Maybe the browser makers can create new 'Brexit browsers' for British people. A http connection will display a warning page with "conservatives WILL be stealing all your information (for example, passwords, messages or credit cards)". And a https connection will be confirmed by a BLUE padlock in the address bar, just like what we used to have before we joined the internet and had to have OUR rules dictated to us by FOREIGNERS. Not that you'll be able to conduct any business that way, as of course encryption could be used by criminals, so anybody using it must be one, therefore it must be banned, and in no way is this embarassing for the tories as it doesn't in any way show up their cluelessness and stupidity when it comes to all tech related policy matters.....

      1. Rich 11

        Re: "Your connection is not private."

        And a https connection will be confirmed by a BLUE padlock in the address bar, just like what we used to have before we joined the internet and had to have OUR rules dictated to us by FOREIGNERS.

        We can't have our electricity running through those foreign blue, brown and green and yellow wires either. Red and black was good enough for my dad and it's good enough for me. We must make a stand and take back control of the wires by seizing the opportunity in both hands. Who is with me? Vive la resistance!

      2. CrazyOldCatMan Silver badge

        Re: "Your connection is not private."

        tories as it doesn't in any way show up their cluelessness and stupidity when it comes to all tech related policy matters

        To be fair they are not exactly alone in that regard amongst political parties

  3. Rameses Niblick the Third Kerplunk Kerplunk Whoops Where's My Thribble?

    Leading by example?

    Amber Rudd wants to ban encryption.

    Tory website no longer supports HTTPS.

    Coincidence? Practising what they preach? Just a bunch of morons? Are these statements all in fact the same?

    People want answers!

    1. RockBurner

      Re: Leading by example?

      'The' people don't want answers, they just want their blue(?) passports back and don't care or understand about anything else.

      (blue passports?? my old one (circa 1974) is more black than anything else)

      1. Gordon 11

        Re: Leading by example?

        ...they just want their blue(?) passports back...
        I always thought the most-liked part was the stiff cover, not the colour.

      2. Roj Blake Silver badge

        Re: (blue passports?? my old one (circa 1974) is more black than anything else)

        Much like socks that aren't priest socks, your passport wasn't black - if you look closely, you'll see that it was very, very, very, very, very, very, very dark blue.

    2. macjules
      Coat

      Re: Leading by example?

      There was a BREXSSL vote taken. In the vote 52% of all Tories voted to no longer use SSL certification. The "HTTPStayers" who lost the vote are taking the case for HTTPS to the High Court and are demanding that self-certification signing requests should never have been permitted.

      Nigel Farage has now joined the board of Symantec, having promised to work within the system to prevent the use of HTTPS ever again.

      Boris Johnson was not available for comment.

      1. CrazyOldCatMan Silver badge

        Re: Leading by example?

        Boris Johnson was not available for comment

        And no information of value[1] was lost.

        [1] Except maybe a mumbled treatise on post-Byzantium politics in Eastern Europe..

      2. MJI Silver badge

        Re: Leading by example?

        Am I alone in wanting to punch Farage repeatetly, in the face?

        1. Nick Ryan Silver badge

          Re: Leading by example?

          Am I alone in wanting to punch Farage repeatetly, in the face?

          Farage recommended the use of a rifle. I'd recommend something similar - never take a knife to a gunfight and all that. Unless one has a handy grand piano or anvil spare and a great height of course...

    3. Adam 52 Silver badge

      Amber Rudd

      "Amber Rudd wants to ban encryption"

      Forget about encryption, Amber Rudd wants to ban water:

      "Amber Rudd told the Conservative party conference on Tuesday that she also wanted to create a new offence of possession of a corrosive substance in a public place"

  4. Roger Kynaston

    El Reg is more influential than you would think

    Just looked at it (icognito as I don't want them to know I look at such web nasties) and it has a green padlock.

    Clearly someone in CCHQ reads the Reg.

    1. Anonymous Coward
      Anonymous Coward

      Re: El Reg is more influential than you would think

      I'm a Tory Councillor and a Freemason. I work in IT doing 2nd Line Support. So yeah you'd be very surprised.

      1. Mark Dempster

        Re: El Reg is more influential than you would think

        The Freemasons attitudes & actions are incompatible with public service

        1. Rich 11

          Re: El Reg is more influential than you would think

          But these people aren't interested in public service, just the concentration of influence and power in the right hands.

      2. M.Zaccone

        Re: El Reg is more influential than you would think

        Why does your comment remind me of the Mitchell and Webb sketch about being the baddies?

    2. Anonymous Coward
      Anonymous Coward

      Re: El Reg is more influential than you would think

      Yes, it verifies now.

      $ openssl s_client -connect www.conservatives.com:443 -servername www.conservatives.com

      ...

      Verify return code: 0 (ok)

      Decode the certificate (openssl x509 -in cert.pem -noout -text) and you see:

      Validity

      Not Before: Jan 8 00:00:00 2018 GMT

      Not After : Mar 11 23:59:59 2019 GMT

      At least it uses SHA256.

  5. Flywheel

    Another autoplay video!

    Who designed this crap? Seriously! And how do you turn it off - oh, navigate away from the page :-/

    1. Doctor Syntax Silver badge

      Re: Another autoplay video!

      You think it's just another autoplay video but what's being installed on your PC while it's playing?

    2. G2

      Re: Another autoplay video!

      and they designed it to start at MAXIMUM volume... OUCH, my ears!

      1. Anonymous Coward
        Anonymous Coward

        Re: Another autoplay video!

        If you use Firefox, it has an option for 'allow videos to autoplay'. Check settings. :)

  6. Doctor Syntax Silver badge

    "Funnily enough, Rudd is one of the Cabinet members rumoured to be safe in her role."

    Nothing funny about it in either sense. The HO would fight tooth and nail to keep her. She doesn't understand when she's talking bollocks so she sounds convinced and convincing if you don't know better. Plus she's following the exact line that the main Home Sec in Downing St wants her to follow.

  7. Chloe Cresswell Silver badge

    Question is: which would be a bigger risk to your data?

    That the site connection is hijacked and some random person has your details?

    Or that your details are with the owners of said site in the first place?

    1. fajensen
      Trollface

      Isn't that kinda the same thing?

      See, first "They" slurp all of our data "for the children & freedom" then they share it with "our allies" like the #1 and #2 in terrorist atrocities, USA, Pakistan and Saudi Arabia, and finally someone leaves the lot on a laptop that will invariably get nicked during a pub-crawl?

  8. Anonymous Coward
    Anonymous Coward

    "I'm a Tory Councillor and a Freemason"

    Two wrongs don't make a right. Just sayin'...

    1. MJI Silver badge

      At least he admits it.

      Don't knock all Tory/Conservatives.

      They are not all barking. Only some.

      Some are very good politicians, well Ken Clarke is. Pity that most of the cabinet and shadow cabinet are not.

  9. Nano nano

    Too many experts ...

    Clearly, Gove sacked the bod(s) responsible ...

  10. Anonymous Coward
    Anonymous Coward

    I would have checked it but it's in my blocked sites.

    Wouldn't want the kids to accidentally end up on something like that.

    1. MJI Silver badge

      What else is blocked?

      I hope all the other party ones are as well?

      1. Anonymous Coward
        Anonymous Coward

        Re: What else is blocked?

        Of course.

        1. MJI Silver badge

          Re: What else is blocked?

          Good.

          I don't trust any of the party sites

          I don't want Theresa May spouting off a cliche ridden speech. Nor Jeremy Corbyn trying to be a superstar, nor Farage trying to emulate a war time leader.

          I find that for politcal information I now HAVE to rely on the TV broadcasters as the printed press is mainly unusable now.

  11. MJI Silver badge

    Some thoughts

    You see all the rubbish headlines and total crap being spewed by many papers.

    You think what rubbish.

    Then you find people quoting it, believing it, and agreeing with it.

    And the same people are actually allowed to vote.

    I find the EU exit supporting gutter press the worst. Nasty vindictive and very unpleasant.

  12. ukgnome
    Trollface

    This wouldn't happen if Mensch was still on the team, although I would of thought Shapps would advise. Or does he only edit the wiki.

    1. MJI Silver badge

      Oh thanks!

      I had forgotten about the existance of them.

      I did not want to be reminded.

  13. Aodhhan

    blah blah who cares?

    Let me know when your government starts using private servers, deletes e-communications, has your top law enforcement agency look the other way, makes underhanded deals with your top investigation personnel, allows national security leaks from servers, convinces half of parliament that security is secondary and finds plenty of people negligent in all of these acts but believes the people are not smart enough to catch on or care. Finally, think Hillary Clintion is a goddess in training.

    ...then you have a story.

    1. Ken Hagan Gold badge

      Re: blah blah who cares?

      "convinces half of parliament that security is secondary"

      I think most of us would be surprised and delighted to discover that many in Parliament who cared even that much. (To consider just one example: if you or any of your staff are surfing porn sites on a work computer, security is not even in your vocabulary.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like