Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Zero Day Threat

samzenpus posted more than 6 years ago | from the protect-ya-neck dept.

Security 264

Ben Rothke writes "Zero Day Threat: the Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity is an interesting and eye-opening look at how banks and credit card companies make ID theft and fraud rather elementary. But with all that, this book must be read in the larger context of how today's society deals with, and is often oblivious to, risk. When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes. With all that, it is doubtful that the myriad horror stories Zero Day Threat details will persuade Congress or the other players to do anything to curtail the problem with identity theft and internet fraud." Keep reading for the rest of Ben's review. The internet and web have indeed revolutionized society, and there is hardly an industry that has not been positively affected by the net. On the down side, the net is the new conduit for criminals. For example, in the few years before the web became ubiquitous, U.S. and international law enforcement nearly had a noose around the child pornography industry and brought it to a near standstill. After the web, authorities have given up hope that child pornography can ever be contained.

Similarly, white-collar crime and fraud has been exacerbated by the net. Zero Day Threat details the various loopholes that criminals use to carry out their attacks and crimes. Each of the book's 18 chapters is divided into 3 section, exploiters — which details how the crime lords and their teams carry out the crimes, enablers — which details the history and current practices of credit card companies, banks, credit bureaus, and data brokers, and expediters — which recounts how technology and technologies enable these crimes. I found that the breaking up of the chapters into such triplets is occasionally confusing, and you are left wondering what story you are in.

The book is based on the premise that the payment industry, namely the credit card companies, banks, credit bureaus and data brokers have created an infrastructure that is pliable, nearly endlessly extendable, but paper-thin when it comes to security. The system is built for ease of access, ease of granting credit, but without a robust security infrastructure or privacy controls.

Consider that the PCI Security Standards Council was not created until late 2004, and that will give you an idea how security is anathema to the industry. The outgrowth of PCI is the PCI Data Security Standard which is the first uniformly created set of comprehensive security requirements for enhancing payment account data security. While the industry debates the efficacy of PCI, attackers are busy at work running innumerable fraudulent schemes.

The authors paint an honest appraisal of the lack of security in the industry and have their facts in order, although an occasional hyperbole does creep in, for instance when the authors repeatedly state that the hackers in question went weeks without sleep. But a huge error is where they state in chapter 11 that PCI is controversial, with some merchants complaining that it is too costly to implement. There is nothing controversial about PCI, and the security controls it requires are sorely needed. While merchants express their discontent about security and its associated costs, attackers steal from underneath them. The quicker the merchants get that they needed security, the quicker the attacks will stop. But as the book shows, that will not happen anytime soon.

Part of the reason why identity theft will not go away anytime soon is similar to the problem in the air traffic control industry, as detailed in Terminal Chaos: Why U.S. Air Travel Is Broken and How to Fix It. There are too many players in the game, all of which focus on their own interests, and no one wants to take responsibility for the problem. The fact that the Social Security number (SSN) is still used as a key personal identifier, combined with the ease at which an individual 's SSN can be obtained and misused should be enough to give anyone pause.

The primary purpose of a SSN has been to track individuals for taxation purposes. But in the last decade, the SSN has become a de facto national identification number. When established in the 1930s, the Social Security Administration meant for the SSN to be used as a way to track a person's earnings for Social Security benefits. Despite its narrowly intended purpose, the SSN is now used more for non-Social Security purposes, than for the reason it was created. Today, SSNs are used for identity verification, and are the de facto identifier for the credit and financial services industry. With SSNs being aggregated by the millions, they are the fodder for the stories in the book.

Book such as Silent Spring, which helped launch the environmental movement, and The Jungle, which exposed the corruption of the American meatpacking industry, were watershed books that changed America. While Zero Day Threat is not in the same category as either of these books, it is highly unlikely that the level of outrage it will create will be much, nor the indignation significant. Because as bad as identity theft is, and as much grief as it causes, there are far too many politicians, powerful companies, lobbyists and more that are in the way of any change.

Nonetheless, Zero Day is a most interesting look at the many players that work together to facilitate the countless identity theft rings. The book is an absorbing look at the many international players and their enablers involved. While identity theft is not going away anytime soon, Zero Day Threat details the problem, and shows what you can do to ensure that you are not a victim.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Zero Day Threat: the Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Sorry! There are no comments related to the filter you selected.

Review ? (5, Interesting)

Arthur B. (806360) | more than 6 years ago | (#24767721)

When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes. With all that, it is doubtful that the myriad horror stories Zero Day Threat details will persuade Congress or the other players to do anything to curtail the problem with identity theft and internet fraud.

Is this a book review or a political tract ?

Re:Review ? (5, Insightful)

neapolitan (1100101) | more than 6 years ago | (#24767891)

More than that, it's essentially meaningless. Americans are not "oblivious" to obesity, and do not "tolerate" drunk-driving deaths. Cursory references to large problems like that weaken your opinion and make the reviewer sound flippant rather than bolstering a real or arguable opinion.

American society tolerates 200,000 deaths per month! Most of these are due to heart disease! Why should we care at all about economic systems or fraud?

The answer is we care about both, and heart disease receives a great deal of attention from the best and brightest students and gets a large amount of public and private financing. That need doesn't obviate the need to avoid fraud, or remember your wife's birthday, or all of the other small stuff in the world. Now, let's discuss the book.

Re:Review ? (3, Insightful)

Spy der Mann (805235) | more than 6 years ago | (#24768105)

More than that, it's essentially meaningless. Americans are not "oblivious" to obesity, and do not "tolerate" drunk-driving deaths.

Perhaps not individually, but as a mass, they are. Surely obsese people don't like being called "fat tub of lard" but in the end they do nothing to improve their condition. They keep eating the same quantities of junk / high-carb food, do from little to no exercise, and even ask not to be "discriminated" for their "condition". See, it's not a problem, it's a disease, and since it's a disease, there's nothing they can do about it. They feel better with themselves, and problem solved.... right? RIGHT?

Re:Review ? (5, Insightful)

Shakrai (717556) | more than 6 years ago | (#24768317)

in the end they do nothing to improve their condition.

And why is this a problem? Some people choose to smoke even though they know the risks of doing so. If people choose to live unhealthy lifestyles than I'm not going to get real worked up about it. I don't know about you but I'm growing weary of the war on vice.

Provide people with the information but at the end of the day it's up to them to make smart choices.

Re:Review ? (2, Interesting)

Anonymous Coward | more than 6 years ago | (#24769081)

The problem is that obesity causes 1) my health insurance to go up to pay for obesity-related health problems, and 2) huge losses in productivity due to obesity-related health problems, which results in a weaker economy. Read this. [forbes.com]

I agree with you that if people want to engage in risky or unhealthy lifestyles they should be able to, but not when it costs everyone else.

BTW, smoking is worse, as it is no longer just about money. After Scotland banned smoking in public places heart attacks in NONSMOKERS decreased by 21% [nih.gov] .

Re:Review ? (2, Interesting)

TheRealMindChild (743925) | more than 6 years ago | (#24768445)

While I generally agree with you, there is something that needs to be added:

Have you ever looked at the food at the disposal of the average american? Let's eliminate junk food from this discussion. First, let's focus on... Apple Juice. Looking at my 16oz bottle (two servings by the way), it has 44g of SUGARS per serving. That is 88g of SUGARS for the whole bottle. That is 1/3 of my days sugar that I am supposed to be having. Also, how much fluid do you think I am going to drink today? Now lets take a look at the Peanut Butter and Jelly Sandwich I brought in today. Assuming that I can actually spread one service of Jelly onto my bread without needing special engineering tools, that is another 37g of sugars.

So for my snack (a sandwich and a bottle of apple juice is nowhere near a whole meal), I have consumed 125g of sugars, or almost HALF of what I should have for the day. This doesn't even address the fat content I have consumed.

It isn't JUST overeating anymore. It has gotten to the point where even the good things for you are bad for you. Your only recourse is to eat polystyrene and drink water, or join Walmart America.

Re:Review ? (3, Insightful)

maxume (22995) | more than 6 years ago | (#24768697)

So carry water and learn to enjoy a peanut butter sandwich.

Conflating the food that you brought to work today with 'the food at the disposal of the average American" is borderline offensive.

Re:Review ? (3, Insightful)

belligerent0001 (966585) | more than 6 years ago | (#24768769)

Actually, I have had a great deal of success with a primative diet (high fat, high protein, very low carbs) but the real problem can be traced to High Fructose Corn Syrup. In the US nearly EVERYTHING has this poison in it because it is cheaper. In Europe and South America it cane sugar is cheaper. The problem with HFCS is that the liver stops processing other items until all of the HFCS is processed, if you eat lots of it it never lets the other stuff in to be processed.
The question is "why is HFCS so cheap here?" and the answer is federal subsidies. I think that this is also why we still have an embargo against Cuba too. If cheap sugar was available HFCS might not be so cheap. Most evidence indicates that diabetes, heart disease, etc, seem to have increased with the use of HFCS. Even though there are studies (paid for by the HFCS industry) to indicate that there is no real link. this sounds familiar...where have I heard something like this before?...Where was it?...oh yeah the tobacco industry.

I know, off topic, mod me down my Karma is already low anyway.

Re:Review ? (1)

taliesinangelus (655700) | more than 6 years ago | (#24768473)

What about those who are obese because of medications they take for Lupus or other more clearly defined medical conditions? A minority, yes, but I think these sorts of generalizations are very hurtful to them just the same.

Re:Review ? (1)

Jansingal (1098809) | more than 6 years ago | (#24769017)

to the 5% of obese people who are fat due to disease or drugs that are no fault of their own, that is sad, very sad. but... from a public policy perspective, we need to focus on the 95% that stuff themselves with happy meals and big gulps.

Re:Review ? (2, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#24768623)

And what should society as a whole do about that? It's like drunk driving or any of hundreds of society's problems - the underlying cause cannot be addressed. To eliminate drunk driving we just need to eliminate the freedom to drive. To eliminate obesity, we just need to dictate to people what they can or can't eat and then mandate some exercise. Let's eliminate peoples' freedom of choice, shall we?

Surely obsese people don't like being called "fat tub of lard" but in the end they do nothing to improve their condition

I'm sure there are things about yourself that you don't like, don't want pointed out, and don't do anything to improve. Should everyone else be asshats and start mocking you for them?

Re:Review ? (1)

UncleTogie (1004853) | more than 6 years ago | (#24768723)

I'm sure there are things about yourself that you don't like, don't want pointed out, and don't do anything to improve. Should everyone else be asshats and start mocking you for them?

They already do. It's human nature to rag on anything "different" from the "norm"...

If I was really concerned with how others view my smoking, then I might quit. I'm not quitting in the near future, however, and so EXPECT the dirty looks and comments I get from the pink-lungers.

Look at the posts here, f'r example. If someone's acting the idiot, we have no shortage of posters that will tell 'em that in NO uncertain terms.

In short, if you don't like being called an idiot, don't ACT like an idiot. Don't expect the rest of us to keep your self-esteem afloat.

Re:Review ? (1)

Cu (75342) | more than 6 years ago | (#24768669)

You effectively say, "obese people don't do anything to remedy to their condition." This is not only incorrect, but hateful.

In addition, you oversimplify the problem.

Certain viruses may trigger a famine response in infected persons, leading to weight gain. (http://www.nature.com/ijo/journal/v29/n3/abs/0802830a.html) Genetic predisposition to obesity is well-documented. (http://www.cdc.gov/genomics/training/perspectives/obesity.htm) City-planning can encourage or discourage people from self-powered locomotion and thus have a significant effect on obesity. (http://www.biketexas.org/content/view/917/442/)

While it is true at an absolute level that if people reduce their caloric intake below caloric expenditures, they will lose weight, this is not always a healthy option.

As a side note, I eat massive amounts of carbs (which you seem to correlate with "junk" food) yet remain somewhat underweight. I tend to attribute this to metabolic predisposition.

Re:Review ? (0)

Anonymous Coward | more than 6 years ago | (#24768817)

There are no fat people in Ethiopia.

Re:Review ? (0)

Anonymous Coward | more than 6 years ago | (#24768703)

*** AUTOMATED SLASHDOT RESPONSE SYSTEM ***

The fingers you have used to type your inflammatory response to criticism of your weight problem are too fat.

To obtain a special typing wand, please mash the keyboard with your palm, now.

Re:Review ? (1)

jgarra23 (1109651) | more than 6 years ago | (#24768727)

You should be an advocate for the fatties-disease :)

They're not oblivious. They're just irresponsible. But I don't really care. As cold-hearted as it may sound I can't wait until their dead (the ones who really don't have some sort of glandular problem) and not sucking my hard-earned dollars.

Better yet, I sincerely hope that they get it together, slim down and find happiness, fulfillment and success in their lives.

But we all know that won't happen. It's not their fault. They have a disease (read:sarcasm). And it will kill them much sooner than my genetic predisposition to high blood pressure ever will kill me.

Re:Review ? (1)

Smooth and Shiny (1097089) | more than 6 years ago | (#24768863)

Surely obsese people don't like being called "fat tub of lard" but in the end they do nothing to improve their condition. They keep eating the same quantities of junk / high-carb food, do from little to no exercise, and even ask not to be "discriminated" for their "condition".

That does not make them "oblivious" to it. That makes them people who are simply not wanting to change their current condition. being oblivious to it would mean that they are totally unaware of the problem and/or are ignoring it totally. Not wanting to change and not knowing about are two totally separate things.

Re:Review ? (0)

Anonymous Coward | more than 6 years ago | (#24768917)

This author assumes that because we don't have a big nanny state government we don't care about others in our society. Quality of life is as important as quantity, and life has never been without risks, particularly when someone has the freedom to make their own choices. Insurance companies and government try to reduce their costs by running our lives. This is why one should have smaller government and only have insurance for catastrophic events (something that exceeds your yearly salary or so).

Re:Review ? (1)

Jansingal (1098809) | more than 6 years ago | (#24769037)

see what happens when people how too much freedom? they get fat and drink and drive!

Re:Review ? (1)

tist (1086039) | more than 6 years ago | (#24768965)

Perhaps not individually, but as a mass, they are. Surely obsese people don't like being called "fat tub of lard" but in the end they do nothing to improve their condition. ...

Score:5 Insightful? You must be kidding. Clearly this posting is flamebait (and I'm taking it). "In the end they do nothing..." Not one single obese person does anything about being obese? You are telling us that, as a class, obese people simply just go on eating and just want to feel better about themselves? You are clearly making yourself look like an ignorant bigot.
JW

Re:Review ? (1)

saintsfan (1171797) | more than 6 years ago | (#24768975)

Perhaps not individually, but as a mass, they are. Surely obese people don't like being called "fat tub of lard" but in the end they do nothing to improve their condition.

bit of a generalization don't you think? besides, not everyone is big for the same reason. I don't think many would argue obesity isn't an epidemic in the US, but then again, we (at least I) don't like being told what to do "by the masses" whether they are more aware or not.

as for your comments about discrimination, what form of discrimination protection are you referring to that is inappropriate? labor law? handicapped access requirements? social curtosy to mind your own business and not call them slobs? can't believe you got modded insightful for that rhetoric.

Re:Review ? (0, Troll)

Moryath (553296) | more than 6 years ago | (#24768183)

Stepping back a second from some of these - Credit Card companies and/or Banks do definitely have incentive to allow fraudulent transactions to occur - if they're getting money from them.

Both time my CC information was let loose, I'm 99% sure it was from inside the CC company. Both times, the fraud started small: $4-5 charges here and there with very innocuous looking names on them, that would have been easily overlooked if the card in question wasn't my "emergency" card that sits in a sealed envelope in the bottom of my filing cabinet and never gets used.

There was never a transaction in which the details could have been let loose.

I was wondering how this happened until I looked at the numbers and realized the simple math - for every one person who does catch the fraudulent activity, if there are 10 who don't, then the CC company just made a pretty penny on the finance/transaction fees they charged to process the fraudulent transactions. The fraudulent "merchant" gets money, the CC company gets money when the unsuspecting rubes pay their bill... and both of them laugh to whichever bank account they dump the stolen money in.

I keep daily watch on my statements these days - I have to. The credit card companies and banks and merchants have a financial incentive to defraud the public, as long as they can do it and make more money than they think they'll be fined if it's caught.

Re:Review ? (1)

Nos. (179609) | more than 6 years ago | (#24768379)

There was never a transaction in which the details could have been let loose.

Care to explain that? Every transaction presents a potential breach of the information.

On the web... sure the site uses SSL, but how is it handled after the webserver gets the POST? Is it stored by the company? If so how, where? If not, how do they pass it to the merchant account. Are the employees of those companies (and the developers of the software) all trustworthy?

In a restaurant, typically some person you've never met, disappears with your CC for several minutes or longer.

In a retail outlet, you or the merchant swipes your card through a machine. Is that machine trustworthy? There have been multiple cases where those machines have been tampered with.

Just using your card, in any circumstance I can fathom, opens you to the risk of compromising that information.

Re:Review ? (-1, Flamebait)

Moryath (553296) | more than 6 years ago | (#24768427)

Ok: there was ONE transaction, three years prior, in which the card was activated.

At every point after that, it spent its time in that sealed envelope. I paid off the balance transfer on it (done for a lower interest rate) in 1.5 years.

2 months before it was due to be replaced (expiration date), it "mysteriously" was released and someone started pushing fraudulent transactions.

I never used it at a retail location, at a restaurant, or to purchase anything at all. It was an emergency reserve and that was that. The ONLY possible point of leak was the CC company or bank.

Re:Review ? (1)

Nos. (179609) | more than 6 years ago | (#24768689)

I'm not trying to suggest it wasn't someone at the bank, but there's always lots of possibilities. Someone could have been watching your mail (including the mailman/post office), found the envelope with the card, and "borrowed" it for a while to gather the details before returning it. An envelope isn't exactly a secure device (in most cases).

Re:Review ? (-1, Troll)

Moryath (553296) | more than 6 years ago | (#24769047)

The replacement hadn't been mailed yet - I made QUITE sure of that.

I know you want to absolve the cc/bank companies, somehow - but I'm 100% sure it was them. They don't have the security they should, and they have financial incentive to defraud people.

Re:Review ? (2, Insightful)

Maudib (223520) | more than 6 years ago | (#24768397)

I think what disturbs me about the submitter is the implication that lack of government or large organization action implies we don't "care" as a country about these problems.

Thats a flawed argument. Yes we care, its just we care more about the individuals right to make their or decisions. Talk about a loaded political submission. I thought this was "news for nerds" not "manifestos for the nanny state".

Re:Review ? (1)

spun (1352) | more than 6 years ago | (#24767919)

Why ask that question? Do you disagree with the assessment of American risk management practices? Since when is criticizing those practices political? I think it's really more sociological than political.

Re:Review ? (1)

j-pimp (177072) | more than 6 years ago | (#24768041)

Since when is criticizing those practices political? I think it's really more sociological than political.

Jut because its not a politically divisive issue, doesn't mean its not political.

But why even ask that question? (1)

spun (1352) | more than 6 years ago | (#24768237)

What do you think the purpose of the original poster was in asking whether this is a book review or a political tract? It seems to imply that the OP finds the criticism offensive or off topic. As the book is about threats, a brief discussion of American risk assessment and management practices is certainly not off topic. Therefore, I believe the OP finds these criticism offensive, but for the life of me, I can't figure out why.

Re:Review ? (4, Insightful)

sumdumass (711423) | more than 6 years ago | (#24768331)

It has nothing to do with the risk assessment. It has to do with one sides inflamed rhetoric being spewed as if it was fact. That is a political rant, not a book or a book review unless the book and review is politically oriented.

Here are a few examples with the truth behind it.

"American society tolerates tens of thousands of drunk-driving deaths" This is false, the truth is that all areas in America assign high/strict penalties to people who get caught drinking and driving as well as those who cause drunk driving deaths. Nobody tolerates drunk driving deaths at all. But just like a kitchen knife that can be used to kill a person, not everyone who gets drunk drives let alone kills someone. The author is insinuating that because we havn't banned anything the could indirectly lead to a death, we tolerate the death.

"gives millions in federal tobacco subsidies" This has nothing to do with risk. Tobacco is used for more the cigarettes and doesn't always cause harm to everyone.

"and is oblivious about near-epidemics such as heart disease, obesity, and diabetes" again this has nothing to do with risk. It is nothing but a political rant about fat unhealthy Americans.

"With all that, it is doubtful that the myriad horror stories Zero Day Threat details will persuade Congress or the other players to do anything to curtail the problem with identity theft and internet fraud." Notice how this political rant mentions a body of politics directly? I mean it specifically says CONGRESS and suggest they should be doing something.. perhaps if he said "think of the children" it would have been more obvious.

None of the things mentioned have to do with banks or threats. None of them are related. And before you or someone else jumps in with "but..but. but Tobacco causes cancer", look at how many people have used tobacco who has gotten cancer. Before you or someone else chimes in with "but alcohol is legal", realize that so are guns, knives, baseball bats, and millions of other things that can be just as lethal if used improperly. In order for there to be a drunk driving death, a person must violate not one, but at least two separate laws if not more. "but. but , but Heart attack and diabetes" shut the hell up. How many people eat a twinky and get diabetes? How many people eat a greasy cheeseburger and have a heart attack. How many people who don't exercise every day or don't stick to some annoying persons latest health fad diet, have diabetes or heart attack? How many people who are over wight according to come damn chart have heart disease or diabetes? And after you figure all that out, compare it to how many people never have one lick of problems.

The comments in the submission were made by a moron too stupid to see he is being manipulated and your too distracted to see when he is getting political.

Re:Review ? (1)

moderatorrater (1095745) | more than 6 years ago | (#24768649)

Yes, but if I'm jaded and think I'm superior to everyone else, how can I express that adequately without veering off topic?

Re:Review ? (1)

Jansingal (1098809) | more than 6 years ago | (#24767955)

well.... i thought it was an introdcution that segued into the book review.

Re:Review ? (1)

muellerr1 (868578) | more than 6 years ago | (#24768007)

Is this a book review or a political tract ?

It appears to be an ad for a book called "Computer Security: 20 Things Every Employee Should Know. "

muellerr1 is the author of the blog post The art of self-promotion" [3232design.com] , now on sale at an internet near you.

Re:Review ? (1)

computational super (740265) | more than 6 years ago | (#24768059)

I'm Barack Obama, and I approve this book review.

Re:Review ? (1)

fiannaFailMan (702447) | more than 6 years ago | (#24768119)

Is this a book review or a political tract ?

It's a review. One that beats the hell out of the usual "Table of Contents" reviews that get posted here.

Review? (1)

Kingrames (858416) | more than 6 years ago | (#24767729)

This looks more like what's written on the back cover.

So much lefty claptrap compressed into one place (0)

Anonymous Coward | more than 6 years ago | (#24767739)

This write-up emits socialist hawking radiation.

Any criticism of America must be lefty claptrap (2, Insightful)

spun (1352) | more than 6 years ago | (#24767977)

Those wacky leftists, pointing out that Americans don't assess or address risk well. What traitors!

Re:Any criticism of America must be lefty claptrap (3, Insightful)

Attila Dimedici (1036002) | more than 6 years ago | (#24768225)

What makes it "claptrap" is that the areas mentioned are all areas where there is government intervention all out of proportion with the risk, oftentimes applied in a manner where and examination of the risk factors involved indicate that the intervention does not significantly mitigate the risk.
Take for example drunk driving deaths, studies indicate that most fatal accidents involving alcohol involve people who have repeatedly been convicted of DUI. What is the response? Lower the legal limit for blood alcohol content.

Re:Any criticism of America must be lefty claptrap (1)

spun (1352) | more than 6 years ago | (#24768299)

Really? That is the only response to drunk driving? I think not. In my state, for instance, there have been radically harsher penalties for repeat offenders enacted. And there aren't any studies showing the lower limit is safer? I think there are. It sounds like you are cherry picking examples to support a thesis that government always makes bad decisions.

What you haven't even BEGUN to show is how any of this is LEFTY claptrap.

Re:Any criticism of America must be lefty claptrap (1)

gnick (1211984) | more than 6 years ago | (#24768829)

In my state, for instance, there have been radically harsher penalties for repeat offenders enacted.

Not even just for repeat offenders. A single DUI in NM will bar you from driving any car without an ignition interlock - no borrowing friends' cars, no company cars, rentals, nothing (at least that's my understanding). They've also blitzed the airwaves with announcements about that policy pointing out what a PITA & embarrassment it would be to deal with. That's pretty damned brutal and seems like it should be a pretty good deterrent. We'll see how well it works out, but NM's certainly starting to respond seriously to the problem (a pretty big problem in this state).

And there aren't any studies showing the lower limit is safer? I think there are.

I don't know about any studies, but I'm unsafe well before 0.08. For me, that's the equivalent of putting down a 6-pack over the course of 2 hours. Some may argue about higher tolerances in some individuals than others, but unless you want the DUI criteria to be solely the officer's assessment based on your field sobriety test, you need to set a limit. A 0.08% BAC is pretty drunk for most people and it doesn't seem unreasonable to keep the limit either there or slightly lower. Unless you weigh less than ~50 lbs, it's not enough to prevent you from going out, having a drink, and driving yourself home immediately afterward.

Re:Any criticism of America must be lefty claptrap (1)

Adocso (553100) | more than 6 years ago | (#24768837)

But but... think of the children!!! ;-)

Re:Any criticism of America must be lefty claptrap (0)

Anonymous Coward | more than 6 years ago | (#24768413)

This failed attempt at clever irony has been brought to you by a complete idiot.

Re:Any criticism of America must be lefty claptrap (0, Flamebait)

spun (1352) | more than 6 years ago | (#24768901)

Thanks, but you really don't need to point out that your attempt at irony failed, or that you area complete idiot. We get it.

Re:So much lefty claptrap compressed into one plac (1)

taliesinangelus (655700) | more than 6 years ago | (#24768515)

So "my country, right or wrong" is a better take on the situation? That seems to be what you are implying.

Laziness (1)

COMON$ (806135) | more than 6 years ago | (#24767741)

Not so much as people in general are oblivious to risk. As much as we are a lazy species, and capitalism pays full respect to that fact.

It's all about profit. (0)

Anonymous Coward | more than 6 years ago | (#24767759)

When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes.

And some company is making money off of each and every one of those things.

Ummm.... (5, Insightful)

Otter (3800) | more than 6 years ago | (#24767771)

When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes.

This whole sentence is moronic, but it's easiest to point to the fact that federal tobacco subsidies ended several years ago. If one has to criticize American society, too little hysteria over risk seems like an odd choice.

Re:Ummm.... (2, Informative)

z-thoughts (716174) | more than 6 years ago | (#24768453)

If one has to criticize American society, too little hysteria over risk seems like an odd choice.

For a country that is busy becoming scared of every boogeyman that the political and special interest groups can come up with, too little hysteria over risks does seem like on odd choice of wording.

As to society tolerating tens of thousands of drunk-driving deaths, you might want to research that some more. Try this place http://dammdrinkers.com/ [dammdrinkers.com] MADD is becoming more of a problem than drunk drivers ever were.

Re:Ummm.... (1)

Yvanhoe (564877) | more than 6 years ago | (#24768751)

I would rather talk about misplaced hysteria. I mean, if heart diseases and diabete got as much money as counter-terrorism...

Risk Vs Liability (1)

Sleen (73855) | more than 6 years ago | (#24767781)

In the introduction of this article, the word risk is used where 'liability' may be more appropriate. Risk is something we engage in with intention. Liability is different, and out of our control. Banks with poor security measures don't expose us to risk, but liability.

The real reason (1)

77Punker (673758) | more than 6 years ago | (#24767789)

The real reason that credit card fraud will continue is that there will always be people that want to steal from others. Security will slow it down, but just like wearing gloves while mixing chemicals, it really only reduces the damage to the things it protects.

What is this crap? (0)

Anonymous Coward | more than 6 years ago | (#24767809)

A couple of ambulance-chasing reporters from USA Today, who've really had any eye on InfoSec since '04, write a disjointed book with no logical flow (read: 3-point chapter divisions)....

And it finds its way on here? I'm glad I cancelled my subscription months ago when I saw this site sliding.

I mean, seriously. These guys compare hackers to meth addicts. It's a sensationalist P.O.S. written by people with no background in the field.

Re:What is this crap? (1)

Jansingal (1098809) | more than 6 years ago | (#24768001)

>>>It's a sensationalist P.O.S. written by people with no background in the field. Isn't that what a bestseller is all about? and that is why books on project mgmt and structured programmers are lousy sellers. do ya get it?

"oblivious..." (1)

the_skywise (189793) | more than 6 years ago | (#24767851)

...and is oblivious about near-epidemics such as heart disease, obesity, and diabetes.

Some people would define that as "Liberty".

Also:

American society tolerates tens of thousands of drunk-driving deaths

No. The law is NOW that you're officially driving drunk when your blood alcohol level is .08. In some people that's LESS THAN ONE BEER.
This has led to gestapo style checkpoints where drivers are randomly pulled aside for breathalyzer tests merely because they were at a rock concert.

I do not, in any way shape or form, define that as "tolerate".

Re:"oblivious..." (1)

Jansingal (1098809) | more than 6 years ago | (#24768017)

tolerate = people who drive drunk and kill and get off with no jail sentance.

Re:"oblivious..." (2, Insightful)

Millennium (2451) | more than 6 years ago | (#24768313)

And what exactly do you believe they deserve?

Honest question. I can see powerful arguments for pretty much any point on the spectrum, from a slap on the wrist and a month of therapy all the way up to the death penalty. Where do you place yourself?

Accepting some amount of risk and "tolerating death" are not the same thing, despite what some risk-averse folk will tell you. Quite the contrary: a life with no risk is not worth living, and so sometimes risks need to be accepted in the name of simple, basic freedom.

Re:"oblivious..." (1)

Jansingal (1098809) | more than 6 years ago | (#24768629)

They deserver what a murderer would get. At least 10 yrs in prison. Do that, and watch drunk driving deaths plummet. They do it since there is bascially a get out of jail free card.

Re:"oblivious..." (1)

sumdumass (711423) | more than 6 years ago | (#24768447)

I'm not aware of anyone who has driven drunk and killed someone who also got off with no jail time in the last 2 decades. Unless your confusing an accident resulting in death caused by the person other then the drunk driver and somehow attempting to blame the cause on the drunk, we don't tolerate drunk driver deaths at all in this country. Not be your definition or anyone else's. But when it isn't the drunks fault, then no jail time is perfectly acceptable. It is just like if a minivan runs a stop light and crashed into your car resulting in the death of the minivan driver, you shouldn't get jail time either.

Re:"oblivious..." (1)

Jansingal (1098809) | more than 6 years ago | (#24768617)

>>>I'm not aware of anyone who has driven drunk and killed someone who also got off with no jail time in the last 2 decades then you need to do your research. Jail time for a first time drunk driver who kills someone is rare.

Re:"oblivious..." (1)

oodaloop (1229816) | more than 6 years ago | (#24768369)

I'd have to agree. We've come down pretty hard on those who drink and drive, and rightfully so. When my mom was a kid, and someone would drink and drive and crash their car, people would just say, "Well, it's not his fault, he was drunk." That would be tolerating. We've come a long way since then. In fact, it's hard to think of what more we can do in the bounds of the law to stop people from drinking and driving. Obesity, OTOH, is something we as a nation tolerate.

Re:"oblivious..." (1)

the_skywise (189793) | more than 6 years ago | (#24768607)

Obesity, OTOH, is something we as a nation tolerate.

No, that's "Liberty".

Drunk Driving and smoking you can easily argue as things needed to be legally restricted because of the possibility of killing other people (smoking through 2nd hand smoke).

Obesity? Not so much. (You could make the argument about shared health care costs/insurance but I'd rather cut the insurance ties than force everyone to conform to the current socio-economic trend of what's considered "healthy")

The basic, FUNDAMENTAL, American right is the right to choose to do things that might be harmful. Anything else is Harvey Mudd's utopian system where:

NORMAN: We cannot allow any race as greedy and corruptible as yours to have free run of the galaxy.
SPOCK: I'm curious, Norman. Just how do you intend to stop them?
NORMAN: We shall serve them. Their kind will be eager to accept our service. Soon they will become completely dependent upon us.
ALICE 99: Their aggressive and acquisitive instincts will be under our control.
NORMAN: We shall take care of them.
SPOCK: Eminently practical.
KIRK: The whole galaxy controlled by your kind?
NORMAN: Yes, Captain. And we shall serve them and you will be happy, and controlled.

Re:"oblivious..." (1)

gnick (1211984) | more than 6 years ago | (#24768637)

The law is NOW that you're officially driving drunk when your blood alcohol level is .08. In some people that's LESS THAN ONE BEER.

Um. According to the online calculators, slamming down one average 12 oz beer will put you at .08 BAC. But only if you weigh less than 50 lbs. That's approximate of course, but most people old enough to drive have left the 50 lbs mark well behind them.

Not that I disagree with your point, just checking your math.

Boycotts and Electronic Cash (1)

mcelrath (8027) | more than 6 years ago | (#24767867)

I've been seriously contemplating boycotting both Visa and MasterCard recently, for all the reasons mentioned above. They are entrenched, have no interest in security (because the consumer pays for insurance anyway). And they're unavoidable (making them essentially a duopoly). I've tried to buy things without Visa or MasterCard and it makes life very hard. This is perhaps the best indication that there's a problem...that I can't avoid sending money to these companies (a situation every monopolist loves). Furthermore, the system is based around authorization. That is, you don't give people money with these transaction systems, you give them authorization to withdraw money on demand, without confirmation from you! This is just stupid.

Through all this, we're funding organized (and disorganized) crime at a level that makes me want to cry. Organized crime will come around, once they have enough financial influence, and make our lives hell. I hope we don't have to wait for that to happen before people/governments take action. These criminals have already made email unusable. What's next?

It's long past time. You, with all those crypto skills. Invent electronic cash. Make it secure. Make me able to give money to anyone, with both parties verifying the transaction. Make it independent of identity. Make it open and publish the specs for a prototype device (or software). Market the hell out of it. Do it 20 years ago. If that's not possible, do it now.

Re:Boycotts and Electronic Cash (1)

Shakrai (717556) | more than 6 years ago | (#24768423)

They are entrenched, have no interest in security (because the consumer pays for insurance anyway)

Actually the merchant usually winds up paying in cases of fraud.

I've tried to buy things without Visa or MasterCard and it makes life very hard

With few exceptions (renting a car or hotel room) why is it "very hard" to avoid Visa and MasterCard? Greenbacks work just fine for 99% of your day to day activities.

Re:Boycotts and Electronic Cash (1)

mcelrath (8027) | more than 6 years ago | (#24768675)

With few exceptions (renting a car or hotel room) why is it "very hard" to avoid Visa and MasterCard? Greenbacks work just fine for 99% of your day to day activities.

I live in Switzerland, and travel a lot. You mentioned car rentals and hotel rooms, this is a monthly expense for me. Airplane tickets, mail order anything, DVD rental, etc. It's a lot.

Re:Boycotts and Electronic Cash (1)

Shakrai (717556) | more than 6 years ago | (#24768865)

I live in Switzerland, and travel a lot. You mentioned car rentals and hotel rooms, this is a monthly expense for me. Airplane tickets, mail order anything, DVD rental, etc. It's a lot.

Eh, that complicates it. Travel without credit cards is possible but it's a royal pain in the ass. Would American Express be a viable alternative? They have some issues of their own but they've generally tried to take steps to fight the Visa/MC cartel (with varying degrees of success) and if they'd work for you it might make more sense to do business with them.

Re:Boycotts and Electronic Cash (1)

mcelrath (8027) | more than 6 years ago | (#24769031)

Swiss banks only offer Visa/MC (as far as I've found). But American Express isn't a solution because from a security and fraud perspective, they're identical to Visa/MC.

Fix? (1)

Farmer Pete (1350093) | more than 6 years ago | (#24767871)

I wonder what the fix is. I know nothing will happen any time soon, but how do I protect myself? I'm not talking Lifelock or some other scam, but a real solution that gives me protection.

Possible (1)

Corpuscavernosa (996139) | more than 6 years ago | (#24767885)

While I'm sure idiocy plays into some of the security practices, it's likely that the practices are calculated. The money they make via "unsecure" administration, extending credit, etc., might greatly outweigh the cost of having to cover fraudulent purchases/reimbursements/ID theft and things of that nature. Just an idea.

Corporate greed has a way of coming out on top, even when practices look stupid. They are making their money, even if our IDs are at risk. Which, you know, is clearly bullshit.

congress? (1)

convolvatron (176505) | more than 6 years ago | (#24767893)

why does congress have to act? i'm really not a libertarian in general, but its the consumers putting up with this crap from banks, credit reporting agencies, and credit card companies that perpetuates the problem

if only there were more room underneath my tinfoil hat for 20s

Re:congress? (1)

maxume (22995) | more than 6 years ago | (#24768821)

You can get your identity stolen by someone using a bank you have never done business with, using a credit report that you never authorized or paid any money towards (explicitly...).

As much as anything, Congress would need to act to remove current laws that are actively hostile to consumers (i.e., a bank can treat you as if you are responsible for an account that they opened in your name without your authorization).

Risky Behaviour. (0)

Anonymous Coward | more than 6 years ago | (#24767897)

"But with all that, this book must be read in the larger context of how today's society deals with, and is often oblivious to risk. When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes. "

9/11

Re:Risky Behaviour. (1)

Jansingal (1098809) | more than 6 years ago | (#24768109)

no idea what 9/11 has to do with this. what do u mean by your comment?

The really sucky thing is... (5, Interesting)

BitterOldGUy (1330491) | more than 6 years ago | (#24767921)

if you do get your identity stolen, it's up to YOU, the victim, to keep the documentation forever regarding everything to do with the theft - even if it's the fault of some careless company or government agency.

Know this site and this is the ONLY tuly free credit report [ftc.gov] direct or start here [annualcreditreport.com] . The other "free" credit report websites are just trying to sell you stuff that you don't need.

To be truly safe from someone opening credit in your name is to freeze your credit - monitoring services are NOT as good. Here's a great guide on how to do it. [clarkhoward.com]

On another note and something positive about credit, check your credit card. They may offer to double or more the manufacturer's warranty. Meaning, if you're actually considering an extended warranty, your credit card may give you the same coverage to you for free.

But other than that, the whole credit industry seems to be geared towards sucking us in. I mean, unless you're going to drive and stay with friends and relatives, is it possible to travel without one?

Is it possible to get a job without a credit rating now? They background checks with Choicepoint who gets their data mostly from the credit bureaus.

What about flying? If you don't have a credit rating, are you automatically flagged as suspect?

And as far as SSN is concerned, we're stuck with that beast. I kind of hope it does go bankrupt then maybe we can burn the things!

Wrong, Wrong, Wrong (4, Insightful)

mpapet (761907) | more than 6 years ago | (#24768027)

American society tolerates...
There is not enough time or resources to protect people from themselves.

identity theft will not go away .... There are too many players in the game
Clearly the author has no immediate experience in the banking industry. The process is designed to minimize business risk. It shifts the consequences to the customer. It's intentional and the industry is quite happy with it.

Utter the words EMV in the U.S. banking industry and you are on the wrong end of a tirade on socialist schemes, government regulation and the kitchen sink's role in harming business interests.

How the US deals with "threats" (0)

Anonymous Coward | more than 6 years ago | (#24768057)

I have always found it perplexing how the US is now fixated on terrorism when it is probably one of the least likely things that will kill any US Citizen (even of those serving in the armed forces, a significant number of their deaths are actually accidental).

Obviously, I don't wish to undermine the importance of their deaths. But if saving lives is truly your main concern, then there issues that put more lives at risk.

Terrorism isn't killing nearly as many US Citizens as fast food (and it also isn't killing nearly as many US Citizens as the US is killing others around the world for that matter). Yet look at what the US goverment is doing and what US media is fixated on. It really amazes me sometimes.

What about newspapers? (1)

Shakrai (717556) | more than 6 years ago | (#24768065)

The internet and web have indeed revolutionized society, and there is hardly an industry that has not been positively affected by the net

Were they positively affected? ;)

Different kinds of risk (1)

nasor (690345) | more than 6 years ago | (#24768111)

The talk about federal tobacco subsidies, obesity, etc. isn't really applicable. Those are risks that people voluntarily accept when they choose to engage in risky behavior. That's quite different from having my bank account pilfered by a crook.

"Indent" Theft ? (1)

natoochtoniket (763630) | more than 6 years ago | (#24768139)

Excellent overview on the epidemic of indent theft

I'm not sure what "indent theft" is. Some of the code I see in my company has too little indentation. Was it stolen? If they stole some of the indent from those lines of code, why does other code in the same files have way too much?

Re:"Indent" Theft ? (1)

Jansingal (1098809) | more than 6 years ago | (#24768339)

someone musta been using MS Wurd :_

Great more to care about.... (5, Interesting)

FooGoo (98336) | more than 6 years ago | (#24768141)

Great something else I need to care about. Why is everyone telling me that I need to care about something. Global warming, global cooling, global climate change, Obama, McCain, Clinton, Pelosi, abortion, gay marriage, paying my taxes, paying my rent, RIAA, the most recent pop tart to get drunk and flashing her cooch, Colbert, Sterwart, child pornography, identity theft, and on and on. It's not that people don't care or are comfortable with risk it's just there are too many things to care about.

Frankly if someone wants my identity they can have it but you gotta take the whole thing because I don't fucking care anymore.

Re:Great more to care about.... (2, Funny)

Anonymous Coward | more than 6 years ago | (#24768353)

I'm sure someone on ebay would pay you for your 5-digit user id... ;)

Qui Bono? (1)

overshoot (39700) | more than 6 years ago | (#24768173)

No, I don't mean that the hamster is good eating.

Keep in mind that financial institutions have only a minor interest in preventing identity theft, since the victim is legally stuck with the consequences unless s/he acts quickly -- which is often impossible since someone financing a car in my name won't exactly be sending me a notice of the fact. In fact, it could be argued that they have an incentive to make some ID theft easy since it increases business.

The last time this came up before Congress, with the bankruptcy "reforms" of a few years ago, the main effect was to make it harder for victims of identity theft to get out of being held responsible for the thief's actions.

Easy Fix (1)

sycodon (149926) | more than 6 years ago | (#24768253)

Just make a federal law that says consumers are NOT responsible for fradulant transactions as a result of identity theft. Period.

All the major players would then do what is necessary to protect thir bottom line.

Install accountability, and this will get fixed (3, Interesting)

micron (164661) | more than 6 years ago | (#24768277)

Until it costs institutions less to secure this stuff than it does in losses, this will not change.

How do you shift this balance?
- Make the C level folks criminally and financially liable for theft of your data (they store it and sell it, they should be on the hook to protect it).
- Make the credit agencies financially liable for inaccuracies in their data bases. (they should be held accountable for the accuracy of the information that they are selling).

Today, there is no real recourse for you if institutions sell lies about you, or give your private data away to all takers.

Re:Install accountability, and this will get fixed (1)

Rastl (955935) | more than 6 years ago | (#24768477)

Technically any officer of a financial institution can be held personally liable for actions undertaken by that institution. It's part of being 'an officer of the company'.

So if you can prove negligence you technically can sue the officers of that division for willful negligence or some other charge.

Not something they want generally known, I guess. Nor do I know how to go about doing it. But there you go. Have at.

Re:Install accountability, and this will get fixed (1)

Attila Dimedici (1036002) | more than 6 years ago | (#24768923)

.

Today, there is no real recourse for you if institutions sell lies about you, or give your private data away to all takers.

If you suffer harm from lies that an institution "sells" about you, you can sue them for libel and/or slander depending on who you are and what they said.

Poster Apparently Not American (1)

WebmasterNeal (1163683) | more than 6 years ago | (#24768357)

Judging by the highly slanted overview of the article the posted is apparently not American.

Mo Money! Mo Money! Mo Money! (1)

tunapez (1161697) | more than 6 years ago | (#24768403)

Enforcement is profitable!

Boo hoo (1)

StikyPad (445176) | more than 6 years ago | (#24768483)

it is doubtful that the myriad horror stories Zero Day Threat details will persuade Congress or the other players to do anything to curtail the problem with identity theft and internet fraud.

Congress already made it illegal. See: Fraud. That's pretty much all Congress can do. We don't call them the legislative branch for nothing.

The problem is that it's more expensive for society to enforce than to tolerate, and it's not very high on the list of "things people get upset over when it happens to a neighbor." Burglary, murder, rape, vehicular manslaughter, sure... but nobody's going to lose sleep because their neighbor was "identity thefted." Once society progresses to some sort of near-utopia where ID theft is the worst of our problems, or once it actually becomes more economical to enforce than to tolerate, I'm sure you'll see it in stump speeches and party platforms. Until then, monitor your own credit and/or lock it down. Oh, and don't give out your information to talking giraffes.

The nanny state mindset in its purest form (3, Insightful)

Doghouse Riley (1072336) | more than 6 years ago | (#24768581)

In which "failure to pass bunches of laws and spend taxpayer's money" is equated with "being oblivious to"

It seems so elementary to me... (2, Interesting)

rickb928 (945187) | more than 6 years ago | (#24768729)

...but working in the financial industry may have my blinders tighter than ever.

I recall a very basic security seminar I was in many years ago - before Microsoft was in the server business. One of the core concepts presented was the three security factors we could rely on:

- Something you ARE - fingerprint, iris, voice, etc.
- Something you KNOW - password, phrase, challenge response.
- Something you HAVE - token, card, whatever...

Any two of the three could offer good security. Asking for all three could offer very good security. Of course, we are only talking about access security here, as being forced to use all three to sign into your already-compromised workstation does not offer much data security.

But in most credit card transactions, we have to offer at least #2 & 3, not always in that order. Adding biometrics (something you ARE) is interesting.

Faking #3 (something you HAVE) is not so hard. Cards get copied, and actually the account number may be as good as a card in the card-not-present environment that e-commerce lives in.

Faking #2 is the most current target of many, and they add loggers to terminals. Only a matter of time before we see wireless loggers inserted into terminals or POS devices, making it very hard for a consumer to check for the wire to 'another' device, and removing the need to go and retrieve the logger. Sending those PINs wirelessly is just too easy, only requiring a modest investment in technology. I venture there are plenty of ways to get those made for ya.

Ultimately, for financial security, I think we need to mitigate the technological 'expediter' by introducing either more accountability or more time into the settlement process, allowing fraudulent transactions time to be rolled back and deny the crooks the funds. That is probably impossible in an environment where merchants demand faster payment, especially when merchants live on the edge of cash flow and can fail if they are denied cash over the course of days. Imagine trying to slow down the cash flow for weeks...

Another option is faster accountability. Perhaps your cell phone is your friend here, and you get an SMS for every transaction... Imagine the thrill of seeing your purchase of two minutes ago appearing on your phone with a big "dispute this" button available. Imagine the thrill of getting that message for a purchase you *didn't* make, and killing the transaction... Imagine the potential for abuse. Not perfect.

One key point to remember, perhaps. Theft is not new. The methods have changed. The scale is larger, but everything is.

Is it fixable? Not if we want convenience. But hey, it used to be that people got mugged for cash. Does that happen so much any more? In a cashless society, with stricter security, are we gonna see ATMs that can tell the difference between the eyebell you use to authenticate yourself, or the eyeball the mugger just popped out of your socket?

Hope so. I want all my biometrics to stay with me.

wow (1)

Sir_Real (179104) | more than 6 years ago | (#24768757)

If you need a book to tell you that a corporation that exists solely to increase shareholder wealth gives one flying fuck about you or your information, I have a Nigerian Prince who would LOVE to make your acquaintance.

The epidemic of stolen punctuation (1)

voltheir (1087207) | more than 6 years ago | (#24768839)

Summary in the big ol' green box: "Excellent overview on the epidemic of indent theft" We cannot continue to allow these thieves to steal our indents! Let my punctuation go!

SSNs (1)

Hoplite3 (671379) | more than 6 years ago | (#24768861)

I think the hardest part of this problem to look at is the idea of national identification. National banking and credit institutions need a way to identify individuals. They've chosen the not-so-private SSN as the number of choice. It works in the sense that it is largely unique per person, but is fantastically easy to fake.

Better identification would almost certainly translate into more government involvement. There's always been a healthy opposition to a national ID card, but just such a thing could stop identity "theft". The price would be stoopidly easy government monitoring of your movements. I'm envisioning a card that does some cryptography allowing you to cryptographically sign agreements for credit, etc. If fraud charges show up, you could show that the signature on the change is incorrect. Of course, such a card could be stolen, but its loss would be obvious and it could be dealt with. SSNs can simply be copied.

Think of the children.. And other reasons to worry (1)

Cyner (267154) | more than 6 years ago | (#24769071)

People worry too much as it is. Some of us need to be more oblivious to the problems of the world. I'm not suggesting that nobody does anything about our problems, but every person does not need to worry about every single problem. Sometimes we're happier not knowing!

Everyone wants to scare us into doing something, usually buying a product. Take some time to relax, you'll live longer.

Do they want us to all have bad credit? (2, Insightful)

swb (14022) | more than 6 years ago | (#24769085)

It seems to me that the entire credit complex is designed to make sure that very few people have good credit and that it is trivially easy to lower a person's credit rating so that the cost of borrowing is increased. Even on the surface the system seems rigged -- credit bureaus get paid for access to their records by the very people who loan money out, thus they have a financial incentive to make sure that their ratings are as low as possible so as to maximize the profits of those loaning out the money.

I say this because it seems like every time I turn around there is some new attempt to evaluate (and ultimately lower) the credit score of people. The first one that comes to mind is the slight reduction every time you *apply* for credit, even if you don't take it. The second (which I believe was rebuffed here in MN) was the attempt to use driving records to help set credit ratings.

And now its identity theft, where the onus is on the consumer to use a complex and difficult system to "repair" their credit ratings which countless stories would indicate is nearly impossible to do, even a decade later.

In some ways its like the grade on a curve vs. straight percentage debate -- the credit industry seems to want to grade us on a curve, regardless of how many of us score 95% on the test, thus minimizing the pool of people who are eligible for the best interest rates.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?