Tuesday, March 19th, 2019 (No comments yet
From the Washington Post:
Last week, the D.C. Board of Elections and Ethics opened a new Internet-based voting system for a weeklong test period, inviting computer experts from all corners to prod its vulnerabilities in the spirit of "give it your best shot." Well, the hackers gave it their best shot -- and midday Friday, the trial period was suspended, with the board citing "usability issues brought to our attention."
Here's one of those issues: After casting a vote, according to test observers, the Web site played "Hail to the Victors" -- the University of Michigan fight song.
Whoah! E-voting not secure? Where have we heard that before!? And the best part is that it doesn't even take the vile hacker underground to do it. It's the college researchers each time.
No knock against college researchers, but for e-voting to work, it should take a vast conspiracy spanning several continents and special agents who jump from helicopters in the night to break into buildings through air-ducts not some mostly-sober frat boy. They obviously have no idea what they're doing and should stop. Now.
About the only ray of light in this whole story is that they were smart enough to challenge the public to hack them thus making their failure obvious (and therefore correctable).
Monday, March 11th, 2019 (No comments yet
Federal Trade Commission - Forgot their job apparently
On May 10th, 2006, President Bush signed an executive order to create an Identity Theft Task force in order to identify concrete steps to reducing the identity theft problem.
On Dec 26th, 2006, the task force put out a public call for comments to "improve the effectiveness and efficiency of federal government efforts to reduce identity theft".
There were off to a good start when the interim results of the task force included language about Credit Freezes:
For residents of states in which state law authorizes a credit freeze, consider placing a credit freeze on their credit file. This option is most useful when the breach includes information that can be used to open a new account, such as SSNs. A credit freeze cuts off third party access to a consumer’s credit report, thereby effectively preventing the issuance of new credit in the consumer’s name.
But problems started when the press release mysteriously omitted the information. They'd already failed to include it in their consumer education initiative though they're happy to recommend Fraud alerts or Credit monitoring for FREE! Well, whee! That's just great. Thanks for paying for my worthless monitoring service which will tell me in horrific real time that I'm being ripped off rather than actually do anything to stop it.
April 17th, 2007 Update
I called the FTC office of media relations and was directed to Claudia Bourne Farrell who apparently was the one who drafted the press release. She contends that credit freeze language was ~"probably stripped for brevity" and politely, but firmly persisted that the release was fine the way it was. She did provide her e-email before we concluded the call so I took one more opportunity to educate her about the issue:
Dear Ms. Bourne-Farrell,
If you understand how credit freezes work as you say, I hope you will see that they are far more effective than fraud alerts (which are optional for retailers to follow), and credit monitoring (which only alerts you to bad activity without actually stopping it). Freezes fully prevent ANY kind of check of one's credit report without express consent.
While stopping the proliferation of private data and the loss thereof is a huge part of the problem, I and all other Americans would sleep better knowing that in many cases, it doesn't matter who has the data because they can't use it for anything that requires a credit check.
Please, understand that I don't mean to be offensive when I ask this, but how is the FTC doing their job when they won't even list credit freezes as an important tool for consumers along with fraud alerts (which are temporary and of questionable effectiveness) and credit monitoring (which doesn't stop anything plus costs a monthly fee)?
Thank you for listening,
And here is the one I sent to Alberto Gonzales, Chair of the ID Theft Task Force:
Dear Mr. Gonzales,
I have begun following some of the developments of the Identity Theft Task force and am extremely concerned. Credit Freezes are the best way to ensure consumer peace of mind, and I see that the task force has mentioned it in your interim recommendations (which is good). However, your press release didn't include it.
I have contacted the FTC's media relations department and am unsure if my message will be acted on. I am hoping that they will not repeat this mistake in the release of your final recommendations, but I am doubtful. Please make sure, for all our sakes, that the Task Force's message of credit security freezes is heard loud and clear, not just in the full documents, but the press releases as well.
Thank you for your time,
Failing to include credit freeze information was nothing short of incompetence.
Sadly, on release of the final recommendations some time later, freezes were only barely mentioned and even then, discouraged. This is hardly the first time I've seen government incompetence up close, but considering the importance of the issue, it was still discouraging. Bottom line, the FTC and in particular Ms. Bourne Farrell and Alberto Gonzales failed the President and the citizens they are supposed to serve.
, Federal Trade Commission
, Identity Theft
Sunday, March 3rd, 2019 (No comments yet
ID Theft is a problem. It's a shame no one is talking about the solution.
EPIC reports in their newsletter that for the 6th year in a row, Identity Theft is the #1 consumer complaint for the year. It's interesting to know that despite the massive and growing problem, the Credit Freeze remedies that would greatly curb the problem aren't being made available to most people.
, Identity Theft