Ramblings & ephemera
From Bruce Schneier’s Crypto-Gram of 15 August 2003: It’s actually easy to fly on someone else’s ticket. Here’s how: First, have an upstanding citizen buy an e-ticket. (This also works if you steal someone’s identity or credit card.) Second, on the morning of the flight print the boarding pass at home. (Most airlines now offer […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: business, security | Comments Off on Getting past security on planes
From Bruce Schneier’s Crypto-Gram of 15 April 2004: Here’s a story of a woman who posts an ad requesting a nanny. When a potential nanny responds, she asks for references for a background check. Then she places another ad, using the reference material as a fake identity. She gets a job with the good references—they’re […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: business, security | Comments Off on A nanny’s man-in-the-middle attack
From Bruce Schneier’s Crypto-Gram of 15 April 2004: My argument may not be obvious, but it’s not hard to follow, either. It centers around the notion that security must be evaluated not based on how it works, but on how it fails. It doesn’t really matter how well an ID card works when used by […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: security | Comments Off on Problems with ID cards
From Sander Duivestein’s “Penny Thoughts on the Technium” (The Technium: 1 December 2009): I‘m interested in how people personally decide to refuse a technology. I’m interested in that process, because I think that will happen more and more as the number of technologies keep increasing. The only way we can sort our identity is by […]
Posted on December 15th, 2009 by Scott Granneman
Filed under: religion, science, social software, tech in changing society, technology | Comments Off on Refusing a technology defines you
From danah boyd’s “Friends, Friendsters, and MySpace Top 8: Writing Community Into Being on Social Network Sites” (First Monday: December 2006) John’s reference to “gateway Friends” concerns a specific technological affordance unique to Friendster. Because the company felt it would make the site more intimate, Friendster limits users from surfing to Profiles beyond four degrees […]
Posted on December 20th, 2008 by Scott Granneman
Filed under: business, social software, tech in changing society | Comments Off on Social networking and “friendship”
From Stephen J. Dubner’s interview with Bruce Schneier in “Bruce Schneier Blazes Through Your Questions” (The New York Times: 4 December 2007): Identity theft is a problem for two reasons. One, personal identifying information is incredibly easy to get; and two, personal identifying information is incredibly easy to use. Most of our security measures have […]
Posted on December 17th, 2008 by Scott Granneman
Filed under: business, security | Comments Off on Bruce Schneier on identity theft
From Samiha Shafy’s “An Infinite Loop in the Brain” (Der Spiegel: 21 November 2008): Price can rattle off, without hesitation, what she saw and heard on almost any given date. She remembers many early childhood experiences and most of the days between the ages of 9 and 15. After that, there are virtually no gaps […]
Posted on December 4th, 2008 by Scott Granneman
Filed under: history, science | Comments Off on A woman who never forgets anything
From Mark Gibbs’ “Debt collectors mining your secrets” (Network World: 19 June 2008): [Bud Hibbs, a consumer advocate] told me any debt collection company has access to an incredible amount of personal data from hundreds of possible sources and the motivation to mine it. What intrigued me after talking with Hibbs was how the debt […]
Posted on November 28th, 2008 by Scott Granneman
Filed under: business, law, security, tech in changing society | Comments Off on Debt collection business opens up huge security holes
From Bruce Schneier’s “Mitigating Identity Theft” (Crypto-Gram: 15 April 2005): The very term “identity theft” is an oxymoron. Identity is not a possession that can be acquired or lost; it’s not a thing at all. … The real crime here is fraud; more specifically, impersonation leading to fraud. Impersonation is an ancient crime, but the […]
Posted on August 2nd, 2006 by Scott Granneman
Filed under: business, law, security, tech in changing society, technology | Comments Off on The real solution to identity theft: bank liability
From Bruce Schneier’s “More on Two-Factor Authentication” (Crypto-Gram: 15 April 2005): Passwords just don’t work anymore. As computers have gotten faster, password guessing has gotten easier. Ever-more-complicated passwords are required to evade password-guessing software. At the same time, there’s an upper limit to how complex a password users can be expected to remember. About five […]
Posted on August 2nd, 2006 by Scott Granneman
Filed under: security | Comments Off on Two-factor authentication: the good & the bad
From Bruce Schneier’s “Identity-Theft Disclosure Laws” (Crypto-Gram Newsletter: 15 May 2006): Disclosure laws force companies to make these security breaches public. This is a good idea for three reasons. One, it is good security practice to notify potential identity theft victims that their personal information has been lost or stolen. Two, statistics on actual data […]
Posted on June 19th, 2006 by Scott Granneman
Filed under: business, law, security, tech in changing society, technology | Comments Off on Why disclosure laws are good
From Indian call centre ‘fraud’ probe (BBC News: 23 June 2005): Police are investigating reports that the bank account details of 1,000 UK customers, held by Indian call centres, were sold to an undercover reporter. The Sun claims one of its journalists bought personal details including passwords, addresses and passport data from a Delhi IT […]
Posted on June 14th, 2006 by Scott Granneman
Filed under: business, law, security, tech in changing society, technology | Comments Off on Offshoring danger: identity theft
From Michael Alter’s States fiddle while defrauders steal (CNET News.com: 21 June 2005): More than 9 million American consumers fall victim to identity theft each year. But the most underpublicized identity theft crime is one in which thieves defraud state governments of payroll taxes by filing fraudulent unemployment claims. It can be a fairly lucrative […]
Posted on June 14th, 2006 by Scott Granneman
Filed under: business, law, security, tech in changing society, technology | Comments Off on Identity theft method: file false unemployment claims
From David Kirkpatrick’s “The Net’s not-so-secret economy of crime” (Fortune: 15 May 2006): Raze Software offers a product called CC2Bank 1.3, available in freeware form – if you like it, please pay for it. … But CC2Bank’s purpose is the management of stolen credit cards. Release 1.3 enables you to type in any credit card […]
Posted on June 4th, 2006 by Scott Granneman
Filed under: business, law, security, tech in changing society | Comments Off on Credit cards sold in the Underground
From TechWeb News’s “One In Four Identity-Theft Victims Never Fully Recover“: Making things right after a stolen identity can take months and cost thousands, a survey of identity theft victims released Tuesday said. Worse, in more than one in four cases, victims haven’t been able to completely restore their good name. The survey, conducted by […]
Posted on April 28th, 2006 by Scott Granneman
Filed under: business, security, tech in changing society, technology | Comments Off on The difficulty of recovering from identity theft
From danah boyd’s “G/localization: When Global Information and Local Interaction Collide“: In the early 1970s, Stanley Milgram was intrigued by what he called “familiar strangers” – people who recognized each other in public life but never interacted. Through experiments, he found that people are most likely to interact with people when removed from the situation […]
Posted on April 14th, 2006 by Scott Granneman
Filed under: commonplace book, science, social software | Comments Off on Familiar strangers
From danah boyd’s “G/localization: When Global Information and Local Interaction Collide“: Culture is the set of values, norms and artifacts that influence people’s lives and worldview. Culture is embedded in material objects and in conceptual frameworks about how the world works. … People are a part of multiple cultures – the most obvious of which […]
Posted on April 14th, 2006 by Scott Granneman
Filed under: social software, tech in changing society, technology | Comments Off on Culture, values, & designing technology systems
From The New York Times‘ “Countless Dens of Uncatchable Thieves“: In the online world, he operates under the pseudonym Zo0mer, according to American investigators, and he smugly hawks all manner of stolen consumer information alongside dozens of other peddlers at a Web site he helps manage. “My prices are lowers then most of other vendors […]
Posted on April 4th, 2006 by Scott Granneman
Filed under: business, security | Comments Off on How much does stolen identity info cost?
From danah boyd’s “Friendster lost steam. Is MySpace just a fad?“: No, it is not just a moral panic that could make MySpace a fad. The primary value right now has to do with identity production and sharing, practices that are more critical to certain populations at certain times in their lives and it is […]
Posted on April 3rd, 2006 by Scott Granneman
Filed under: social software | Comments Off on Identity production & sharing during adolescence
I host Web sites, but we’ve only recently [2004] had to start implementing SSL, the Secure Sockets Layer, which turns http into https. I’ve been on the lookout for a good overview of SSL that explains why it is implemented as it is, and I think I’ve finally found one: Chris Shiflett: HTTP Developer’s Handbook: […]
Posted on September 6th, 2004 by Scott Granneman
Filed under: business, security, tech help, technology | Comments Off on SSL in depth