LexisNexis (which acquired ChoicePoint) is the largest data-broker in the world. They create vast profiles on people and use that information to create various reports that they sell to companies of all kinds. These reports are used to make decisions about renting, insurance and more. In the past these reports have been purchased by law enforcement and criminal organizations; all to find out more information about you.

It might be a good idea to find out what's in your report, but it turns out neither simple web searching or LexisNexis themselves do much for listing out all the types of data they know about you. Well here's the list of information they had (or could have had) from my personal LexisNexis dossier:

Auto/Property Insurance Records:

LexisNexis is tied into the "Current Carrier" insurance information system used by insurance companies and agencies when deciding to issue you a policy. Think of it like a "credit report for insurance".

This includes 7 years worth of:

• Name of insurance company
• Your policy number
• Type of policy (auto, boat, fire, quake, tenant, home, etc).
• Risk type (standard, preferred, facility, etc).
• Policy start date
• Policy termination date and reason for termination
• Names of each subject found on the policy

For auto, this also includes:

• Insured vehicle (including VIN, year, and make)
• Type of vehicle
• Coverage amounts

For property, this also includes:

• Address of property
• Eviction records

Personal information that may be included

• Date of Birth (partially omitted; ex. like 06/##/1970)
• Sex
• Social Security Number (Minus the last four digits)
• Driver's license number (partially omitted)

"C.L.U.E"® insurance loss information reports (apparently reports on whether you're a high risk person or not)

"Esteem" report

This report lists circumstances relating to theft while working at a retail company (admitted or convicted).

In my case, this was of course blank so I don't know specifically what data items would have been included. Most entertaining, there's a line in the report that reads "If you believe we should have information about you in our Esteem Database, let us know"…. Wow.

Background Investigation

If any company ever pays LexisNexis to perform a background check on you, LexisNexis will keep the information for future sales purposes. This may include your full date driving record and your personal credit file.

Screennow ® report

This report shows results of a national criminal records search.

Public Records

• Professional licences held (Doctor, lawyer, pharmacist, barber, insurance agent, pilot, etc)
• Address history
• Deed transfer data
• Aircraft registration
• Loan information (where the loan was secured with collateral: i.e. a car)
• Bankruptcies, liens, and judgements
• Controlled substance license (in case you want to know who can legally get illegal drugs)
• Business affiliations – When you're an officer or principal of an incorporated company
• Significant shareholder records

Employment history

They claim they'll only have history of employers who previously asked LexisNexis to do a background check on you.

Does that make you uncomfortable?

Data brokers are just a business like any other, but as the credit report companies proved, buying and reselling data carelessly leads to disaster. Considering that these reports are FAR more detailed with a much wider variety of information, I can only imagine the consequences of allowing them to proceed as they have been.

Fortunately, you may not have to.

I was able to order my report using this webpage. I believe that doing so would be a good idea, but after that, make sure to also use their opt out procedures if you can.

It turns out that they'll only let your data go if you can prove that you're an identity theft victim or in imminent danger of bodily harm (police officer, public officials, etc). But it's easy to understand why they make it hard. After all, why would you set free one of your prize milk cows for no good reason?

In the end, I hope that strong regulation is introduced before we reach a problem like we did with identity theft.

LexisNexis (which acquired ChoicePoint) is the largest data-broker in the world. They create vast profiles on people and use that information to create various reports that they sell to companies of all kinds. These reports are used to make decisions about renting, insurance and more. In the past these reports have been purchased by law enforcement and criminal organizations; all to find out more information about you.

It might be a good idea to find out what's in your report, but it turns out neither simple web searching or LexisNexis themselves do much for listing out all the types of data they know about you. Well here's the list of information they had (or could have had) from my personal LexisNexis dossier:

Auto/Property Insurance Records:

LexisNexis is tied into the "Current Carrier" insurance information system used by insurance companies and agencies when deciding to issue you a policy. Think of it like a "credit report for insurance".

This includes 7 years worth of:

• Name of insurance company
• Your policy number
• Type of policy (auto, boat, fire, quake, tenant, home, etc).
• Risk type (standard, preferred, facility, etc).
• Policy start date
• Policy termination date and reason for termination
• Names of each subject found on the policy

For auto, this also includes:

• Insured vehicle (including VIN, year, and make)
• Type of vehicle
• Coverage amounts

For property, this also includes:

• Address of property
• Eviction records

Personal information that may be included

• Date of Birth (partially omitted; ex. like 06/##/1970)
• Sex
• Social Security Number (Minus the last four digits)
• Driver's license number (partially omitted)

"C.L.U.E"® insurance loss information reports (apparently reports on whether you're a high risk person or not)

"Esteem" report

This report lists circumstances relating to theft while working at a retail company (admitted or convicted).

In my case, this was of course blank so I don't know specifically what data items would have been included. Most entertaining, there's a line in the report that reads "If you believe we should have information about you in our Esteem Database, let us know"…. Wow.

Background Investigation

If any company ever pays LexisNexis to perform a background check on you, LexisNexis will keep the information for future sales purposes. This may include your full date driving record and your personal credit file.

Screennow ® report

This report shows results of a national criminal records search.

Public Records

• Professional licences held (Doctor, lawyer, pharmacist, barber, insurance agent, pilot, etc)
• Address history
• Deed transfer data
• Aircraft registration
• Loan information (where the loan was secured with collateral: i.e. a car)
• Bankruptcies, liens, and judgements
• Controlled substance license (in case you want to know who can legally get illegal drugs)
• Business affiliations – When you're an officer or principal of an incorporated company
• Significant shareholder records

Employment history

They claim they'll only have history of employers who previously asked LexisNexis to do a background check on you.

Does that make you uncomfortable?

Data brokers are just a business like any other, but as the credit report companies proved, buying and reselling data carelessly leads to disaster. Considering that these reports are FAR more detailed with a much wider variety of information, I can only imagine the consequences of allowing them to proceed as they have been.

Fortunately, you may not have to.

I was able to order my report using this webpage. I believe that doing so would be a good idea, but after that, make sure to also use their opt out procedures if you can.

It turns out that they'll only let your data go if you can prove that you're an identity theft victim or in imminent danger of bodily harm (police officer, public officials, etc). But it's easy to understand why they make it hard. After all, why would you set free one of your prize milk cows for no good reason?

In the end, I hope that strong regulation is introduced before we reach a problem like we did with identity theft.

LexisNexis (which acquired ChoicePoint) is the largest data-broker in the world. They create vast profiles on people and use that information to create various reports that they sell to companies of all kinds. These reports are used to make decisions about renting, insurance and more. In the past these reports have been purchased by law enforcement and criminal organizations; all to find out more information about you.

It might be a good idea to find out what's in your report, but it turns out neither simple web searching or LexisNexis themselves do much for listing out all the types of data they know about you. Well here's the list of information they had (or could have had) from my personal LexisNexis dossier:

Auto/Property Insurance Records:

LexisNexis is tied into the "Current Carrier" insurance information system used by insurance companies and agencies when deciding to issue you a policy. Think of it like a "credit report for insurance".

This includes 7 years worth of:

• Name of insurance company
• Your policy number
• Type of policy (auto, boat, fire, quake, tenant, home, etc).
• Risk type (standard, preferred, facility, etc).
• Policy start date
• Policy termination date and reason for termination
• Names of each subject found on the policy

For auto, this also includes:

• Insured vehicle (including VIN, year, and make)
• Type of vehicle
• Coverage amounts

For property, this also includes:

• Address of property
• Eviction records

Personal information that may be included

• Date of Birth (partially omitted; ex. like 06/##/1970)
• Sex
• Social Security Number (Minus the last four digits)
• Driver's license number (partially omitted)

"C.L.U.E"® insurance loss information reports (apparently reports on whether you're a high risk person or not)

"Esteem" report

This report lists circumstances relating to theft while working at a retail company (admitted or convicted).

In my case, this was of course blank so I don't know specifically what data items would have been included. Most entertaining, there's a line in the report that reads "If you believe we should have information about you in our Esteem Database, let us know"…. Wow.

Background Investigation

If any company ever pays LexisNexis to perform a background check on you, LexisNexis will keep the information for future sales purposes. This may include your full date driving record and your personal credit file.

Screennow ® report

This report shows results of a national criminal records search.

Public Records

• Professional licences held (Doctor, lawyer, pharmacist, barber, insurance agent, pilot, etc)
• Address history
• Deed transfer data
• Aircraft registration
• Loan information (where the loan was secured with collateral: i.e. a car)
• Bankruptcies, liens, and judgements
• Controlled substance license (in case you want to know who can legally get illegal drugs)
• Business affiliations – When you're an officer or principal of an incorporated company
• Significant shareholder records

Employment history

They claim they'll only have history of employers who previously asked LexisNexis to do a background check on you.

Does that make you uncomfortable?

Data brokers are just a business like any other, but as the credit report companies proved, buying and reselling data carelessly leads to disaster. Considering that these reports are FAR more detailed with a much wider variety of information, I can only imagine the consequences of allowing them to proceed as they have been.

Fortunately, you may not have to.

I was able to order my report using this webpage. I believe that doing so would be a good idea, but after that, make sure to also use their opt out procedures if you can.

It turns out that they'll only let your data go if you can prove that you're an identity theft victim or in imminent danger of bodily harm (police officer, public officials, etc). But it's easy to understand why they make it hard. After all, why would you set free one of your prize milk cows for no good reason?

In the end, I hope that strong regulation is introduced before we reach a problem like we did with identity theft.

This is your Sequoia touch-screen voting machine with Pac-Man hacked onto it without disturbing any of the "tamper-evident" seals supposedly meant to protect it from hackers…

Apparently, they put tamper seals on the ports and plugins, but NOT the case itself. Therefore, the university was able to just dismantle the machine and connect on the inside instead. Pathetic attempt Sequoia, just pathetic.

Source

For anyone who's participated in forums, online games, or any other system where you can communicate with random strangers, you've probably encountered people who make you angry. Some are just people who you don't get along with legitimately, and some are "trolls"; people who toy with others for their amusement.

What makes people trolls is generally the anonymous nature of the Internet. Sadly, this is often a perceived anonymity only. Just yesterday, I found a post I didn't agree with and wanted to comment on it. Since the author had locked comments, I did a little web research and found her real name, school, e-mail address, and other sites she posted to. I was only looking for some means to contact her, but the information was fully filled out on these sites with no protection at all.

Imagine her shock to find out how easily she was found (and to be honest she called me quite a few names at first though we did have a good conversation after that).

Sadly, most people don't realize how difficult it is to be truly anonymous. The only things keeping you safe in many cases is that you've never given anyone enough reason to look you up. And now we get to the real story.

Online games can be tense and frustrating. For example, the first time I played an online competitive game, I was completely crushed in seconds and insulted repeatedly for my efforts. I chose to stick with offline gaming but others weather the storm and build their skills to the point they can keep up and even be good enough to win.

However, there are just going to be times that someone is better than you. That's frustrating enough, but when they're rude and insulting, it can be maddening. And for context, understand that the people who are the rudest are often younger males who believe they don't have to "pull any punches" since they don't have to face the consequences of their actions (an idea that was excellently portrayed in Disney's Pinocchio).

My point is, this kid was being an ass with abandon. What was his opponent going to do? Hunt him down and hurt him? Turns out the answer was yes.

And believe it or not, there's a lot of support for the attacker online. The sad fact is that there are still consequences for what we do, even if we're online. Similar to the adive every parent must give to their children of how posts last forever, we must also teach our kids not to draw undue agression. After all, how do you know whether the person you're "Teabagging" has the ability and desire to come after you in person?

So yesterday, we learned that OnStar tracks you even if you're not a customer and today, we learn that Facebook will track and monitor your web usage without your knowledge or permission… even if you're not logged in.

The social network is quietly retracting a cookie that continued to report your Facebook user ID even after you "logged out" of the site. But it's not sorry about five other cookies that persist after you sign off. What, you didn't think Facebook would ever let you actually for real seriously 100 percent sign out, did you?

Remember, you're not Facebook's customer, you're cattle. These kinds of issues will never stop so if you aren't using special software to counter Facebook's nastier sides, you're at a disadvantage.

So all that time I spent warning people about OnStar seems to have been completely justified.

OnStar was recently admonished by several senators for its plan to spy on people (even non-customers).

OnStar is apparently hoping to create a new revenue stream by collecting data about the movements of OnStar-equipped cars. Obviously, this data set will be more comprehensive—and, therefore, more lucrative—if it includes data from former OnStar subscribers as well as current ones. In an announcement e-mailed to subscribers earlier this month, the company said that, starting December 1, it would continue collecting data from subscribers even after they cancel their service. OnStar also said it reserved the right to sell aggregated and anonymized data to third parties.

Whoever somehow assumed that a big company with the capability of knowing where you are at all times wouldn't abuse that power was pretty short-sighted. Sorry.

You can't use rights you don't know about or don't understand. The Electronic Frontier Foundation has posted a summary of your 4th amendment rights to deny the government permission to search you or your belongings (digital or otherwise).

It's good to know what you can and can't do since you should know that even when you've done nothing wrong, you may still get yourself into a lot of trouble if you are careless with your privacy.

When I teach, I explain how most of the breaches and problems you hear in the world aren't about clever hackers or sophisticated attackers, but instead about weak and pathetic security. This has just become my new go-to example.

Basically after you logged into your account as a Citi customer, the URL contained a code identifying your account. All you had to do was change around the numbers and boom, you were in someone else's account.

What that means is that if you were to look at the address in your bar at the top of the browser, it contains the name of the website you're on and (as is typical) a whole lot of other junk like this:

http://www.citibank.com/account.asp?were=dumbascrap&we=shouldhaveknownbetter

One of the values in the "lots of other junk" area told Citibank who's account to show. If you just entered any random number, the website would think you were the user with that ID and show you their page. Even when this kind of problem was new over a decade ago, it seemed pretty dumb for major websites to be this sloppy. To think that a site run by such a large (and rich) company would make this kind of mistake would be laughable if it weren't so contemptible.

Citi, TJX wants to thank you from the bottom of their hearts for finally doing something so stupid that we can forget about their horrible mistake (at least just a little).

Source

I've always thought that prisoners should be made to work to support themselves and others. Maybe the Chinese have hit on something with this:

"Prison bosses made more money forcing inmates to play games than they do forcing people to do manual labour," Liu told the Guardian. "There were 300 prisoners forced to play games. We worked 12-hour shifts in the camp. I heard them say they could earn 5,000-6,000rmb [£470-570] a day. We didn't see any of the money. The computers were never turned off."

The Guardian says that prisoners were beaten if they couldn't make their quota so maybe they're taking it too far, but the idea itself is still sound.