Interesting People mailing list archives
more on "Identity Theft for Dummies"?
From: David Farber <dave () farber net>
Date: Sun, 27 Feb 2005 18:44:14 -0500
------ Forwarded Message From: Bob Frankston <Bob2-19-0501 () bobf frankston com> Date: Sun, 27 Feb 2005 15:26:37 -0500 To: <dave () farber net>, 'Ip' <ip () v2 listbox com> Cc: 'Randall' <rvh40 () insightbb com> Subject: RE: [IP] "Identity Theft for Dummies"? How stupid can society be -- if all it takes is a {name, phone, ss#} to steal someone's identity then we're fucked (oops, there goes $500,000). It's perimeter security all over again -- why does it take so little information to "steal an identity" and why is it so hard to correct such problems? Those are the important questions -- it's not so much making sure we've closed ever last barn door -- it's what to do with the horses running about. We keep running into these problems -- we've had naïve garage door designs that created an easy entry to homes, connecting vulnerable PCs etc We're still learning that we can't rely on simple perimeters. But at the same time we have to have some trust and discretion but more important, we need the ability to make mistakes and survive them. In a sense this is also Y2K -- assuming everything is brittle. In this case it is necessary to understand identity theft rather than assuring that these magic names can never be discovered except by those keying the information in from all those forms while in prison. It'd be a shame if we could never find old friends again. How long before road maps salted with incorrect information to assure they can't be misused for purposes other than -- I don't know, what is the "proper" purpose? -----Original Message----- From: owner-ip () v2 listbox com [mailto:owner-ip () v2 listbox com] On Behalf Of David Farber Sent: Sunday, February 27, 2005 14:43 To: Ip Subject: [IP] "Identity Theft for Dummies"? ------ Forwarded Message From: Randall <rvh40 () insightbb com> Date: Sun, 27 Feb 2005 13:37:32 -0500 To: cyberia <CYBERIA-L () LISTSERV AOL COM> Cc: Dave <dave () farber net> Subject: "Identity Theft for Dummies"? http://money.excite.com/jsp/nw/nwdt_rt.jsp?section=news&cat=INDUSTRY&feed=dj i&news_id=dji-00115220050224&date=20050224 Sen Schumer Urges Westlaw To Close Identity Security Hole Thursday February 24, 1:40 PM EST WASHINGTON (Dow Jones)--U.S. Sen. Charles Schumer, D-N.Y., has asked Westlaw to shut down its People Finder database, warning that the service could easily be exploited by identity thieves. Westlaw is a product of Thomson West, a division of Thomson Legal & Regulatory, which oversees all of the legal and regulatory businesses worldwide of the Thomson Corp. (TOC). The People Finder databases cover 230 million names, 139 million households, 71 million phone numbers and 160 million Social Security numbers, according to Westlaw promotional material. The database is a Credit Bureau Person Tracker and allows the user to find a person using only a partial name, address or Social Security number, Westlaw says. The company is preparing a response to Schumers' allegations, said Jason Stewart, Thomson Corp.'s vice president for media relations. Schumer said the major flaw with the system is that there is no restriction on who can use the system once its been sold. "When we called Westlaw, we learned that you offer this service to anyone who is willing to pay for it, regardless of their need for it and without even the most cursory background check," Schumer wrote in a letter to Thomson West President and Chief Executive Peter Warwick. Speaking to reporters Thursday, Schumer said his staff was later told that Westlaw relies on an "on-you-honor affirmation by users that they will not use the information they find illegally." While that may be good for Westlaw's business, it's not good for security, Schumer said. Schumer said he learned of the "gaping hole" through a constituent working for the federal courts. U.S. Senate offices also have access to People Finder and his staff readily looked up the personal information for several celebrities and top politicians ranging from Paris Hilton to Vice President Dick Cheney. In each case, they learned the person's latest address and Social Security number. "This search engine could be called `identity theft for dummies'," Schumer wrote to Warwick. Schumer said he decided to call a press conference on the matter only after he called Warwick earlier this month, but received no further response to his concerns. The senator said the People Finder service, as well as the Choicepoint (CPS) scandal, should serve as warning that Congress should act to replace the " patchwork of state and federal laws" governing personal data with a comprehensive federal law. In the mean time, companies entrusted with this data must take every precaution to protect it, Schumer said. -By John Godfrey, Dow Jones Newswires; 202-862-6601; John.Godfrey () dowjones com ------ End of Forwarded Message ------------------------------------- You are subscribed as BobIP () Bobf Frankston com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------ End of Forwarded Message ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on "Identity Theft for Dummies"? David Farber (Feb 28)
- <Possible follow-ups>
- more on "Identity Theft for Dummies"? David Farber (Feb 28)
- more on "Identity Theft for Dummies"? David Farber (Feb 28)