nanog mailing list archives

Re: Stanford Hack Exposes 10,000

From: Jon Lewis <jlewis () lewis org>
Date: Thu, 26 May 2005 11:45:29 -0400 (EDT)


On Thu, 26 May 2005 Michael.Dillon () radianz com wrote:

Around about whenever the US Federal Government gets the hint and
passes a bill which makes it illegal to use social security numbers
for any purpose other than the administration of social security.


Wrong answer. Federal laws do not stop people from doing stupid
things and they do not stop people from doing illegal things.

What we need is a Hollywood blockbuster in which some highschool
hackers wreak havoc by aquiring SSNs from gradesheets and using


Or for some private university to be bankrupted by a class action suit
brought by the students who had their identities stolen when the student
records db was compromised.

How hard is it for a university to generate their own student "serial
numbers" as students register?

Personally, I'd like to see much harsher penalties for identity theft
though (and I'm including simple credit card fraud / use of stolen credit
card info in "identity theft").  This is happening so much, and is so
often just brushed under the rug by the big credit card companies (banks),
that kids do it with impunity, knowing that odds are they won't be looked
for, much less caught.

Last time one of my cards was "stolen" (from an online merchant I assume),
I managed to social engineer the IP from which it was used from one of the
online establishments where they used my card.  It was a Linux box on DSL
in California.  Did anybody care?  Not that I'm aware of.  I filed
complaints with the appropriate government agencies, and AFAIK, nothing
happened.

Put a few credit card frauders up in front of a firing squad, and see if
things change.  But that would require actually picking them up first,
which LE doesn't seem to be motivated or have the time to do.

----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Current thread:

Stanford Hack Exposes 10,000 Fergie (Paul Ferguson) (May 25)
- Re: Stanford Hack Exposes 10,000 Adam McKenna (May 25)
  - Re: Stanford Hack Exposes 10,000 Mark Newton (May 25)
    - Message not available
    - Re: Stanford Hack Exposes 10,000 Jay R. Ashworth (May 25)
    - Re: Stanford Hack Exposes 10,000 Michael . Dillon (May 26)
    - Re: Stanford Hack Exposes 10,000 Jay R. Ashworth (May 26)
    - Re: Stanford Hack Exposes 10,000 Jon Lewis (May 26)
    - Re: Stanford Hack Exposes 10,000 Florian Weimer (May 26)
    - Re: Stanford Hack Exposes 10,000 Bob Vaughan (May 27)
    - Re: Stanford Hack Exposes 10,000 Nicole (May 31)
    - Re: Stanford Hack Exposes 10,000 Stephen Sprunk (May 26)
    - Re: Stanford Hack Exposes 10,000 Daniel Golding (May 26)
    - Re: Stanford Hack Exposes 10,000 Edward Lewis (May 26)
    - Re: Stanford Hack Exposes 10,000 Joel Jaeggli (May 26)
- Re: Stanford Hack Exposes 10,000 Eric Brunner-Williams in Portland Maine (May 26)
- <Possible follow-ups>
- Re: Stanford Hack Exposes 10,000 Fergie (Paul Ferguson) (May 25)
  - Re: Stanford Hack Exposes 10,000 Adam McKenna (May 25)

(Thread continues...)