Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Face Recognition Can Uncover SSNs

CmdrTaco posted more than 3 years ago | from the oh-thats-just-fine dept.

Privacy 103

nonprofiteer writes "Building on previous work showing that social security numbers are not random, CMU researchers ran experiments in which they predicted students' social security numbers after taking a photo of them with a cheap webcam. Using off-the-shelf facial recognition technology and data-mining publicly available Facebook photos and profile information, they were able to come up with the social security numbers of several of the students. (More impressive, as they note that 60% of the students were foreign, and had no SSNs, leaving them a pool of less than 50)."

Sorry! There are no comments related to the filter you selected.

This article (3, Funny)

Dunbal (464142) | more than 3 years ago | (#36948302)

Has nothing to do with nuclear submarines.

+5 Funny? Proof Yanks Will Laugh at Anything (-1)

Anonymous Coward | more than 3 years ago | (#36948518)

Has nothing to do with nuclear submarines.

It doesn't have anything to do with niggers either but you don't see me wasting first post over it...

Re:+5 Funny? Proof Yanks Will Laugh at Anything (0)

Anonymous Coward | more than 3 years ago | (#36948624)

Derp http://en.wikipedia.org/wiki/SSN_%28hull_classification_symbol%29

Re:+5 Funny? Proof Yanks Will Laugh at Anything (0)

Anonymous Coward | more than 3 years ago | (#36949582)

Typical racist-inbred-fat-white southerner...

Re:This article (0)

Anonymous Coward | more than 3 years ago | (#36949000)

Guess why I read the article. I am disappointed.

Re:This article (1)

Oxford_Comma_Lover (1679530) | more than 3 years ago | (#36949374)

Agreed. Summary is massively misleading.They are only guessing the first five digits, which is not remotely random or secure.

Re:This article (2)

gknoy (899301) | more than 3 years ago | (#36949898)

They can guess the first five, and the last 4 are frequently used (at colleges) to report test scores in a pseudo-anonymous manner.

Re:This article (1)

Oxford_Comma_Lover (1679530) | more than 3 years ago | (#36953420)

They can guess the first five, and the last 4 are frequently used (at colleges) to report test scores in a pseudo-anonymous manner.

That is an incredibly stupid practice. If anyone reading is a student or professor at such a college, lobby to get this changed.

want to see something really scary? (3, Insightful)

alphatel (1450715) | more than 3 years ago | (#36948314)

90% of Americans don't care if you know anything and everything about them, are invading their privacy, tracking their behavior or identifying their SSids. They latch onto kitch phrases like "The government owns Facebook" but they don't really understand what their personal and private freedoms are worth.

Re:want to see something really scary? (4, Interesting)

MacTO (1161105) | more than 3 years ago | (#36948606)

Life lesson: those who fear that they will lose their freedom if they lose their privacy are usually so busy defending their privacy that they do not have freedom.

Here's the thing. There's maintaining your privacy, then there's shutting yourself out of the world because you're trying to protect a part of your privacy that aren't very defendable. To some people, having a Facebook profile is like walking on a public street. People on the street know what their name is and know what they look like. Protecting the privacy of their name and likeness would be cutting them off socially. In a very real sense, that sort of privacy would be a loss of their freedom.

You may draw the line somewhere else. I know that I do. But, for some people, just wouldn't be free if they had to worry about a stranger knowing their name and face or even some of their habits.

As for the SSN thing, the government is to blame for not assigning numbers properly. The numbers themselves aren't necessarily a problem.

Re:want to see something really scary? (5, Insightful)

SQLGuru (980662) | more than 3 years ago | (#36948746)

Actually, it's the fault of the banking industry for comandeering a government number for a purpose other than what it was intended. An SSN was not supposed to be a unique identifier for anyone other than Uncle Sam as they go to collect Social Security tax money and then pay it back out.

Re:want to see something really scary? (1)

MacTO (1161105) | more than 3 years ago | (#36948984)

The thing is, our economic growth is based upon credit. (Perhaps too easy credit, but we still need it.) Handing out credit requires some way of knowing who you're giving it to, otherwise the system is easy to cheat. Now SSNs may not have been the perfect solution since it was designed for something else, but it was readily and almost universally available.

Re:want to see something really scary? (4, Insightful)

TheRaven64 (641858) | more than 3 years ago | (#36949488)

The problem is not using the SSN as a unique identifier (well, that's not the only problem - the fact that they're not actually globally unique makes that a bit of a problem too), it's using SSNs as proof of identity. Banks tend to assume that if you know someone's SSN, then you are that person, in spite of the fact that the SSN is public information. It's like designing an system where you can log in with a username and no password - and usernames are prepended to every message.

Re:want to see something really scary? (1)

aztracker1 (702135) | more than 3 years ago | (#36951354)

Oh, like email?

Re:want to see something really scary? (1)

Arlet (29997) | more than 3 years ago | (#36952510)

In what way is e-mail used as proof of identity ?

Re:want to see something really scary? (1)

Oxford_Comma_Lover (1679530) | more than 3 years ago | (#36953432)

In what way is e-mail used as proof of identity ?

For most business correspondence in the modern world. Not formally, but in decision-making, for example.

Re:want to see something really scary? (3, Insightful)

PatHMV (701344) | more than 3 years ago | (#36952158)

Mod parent up. TFA says: "the social security number system has a huge security flaw — social security numbers are predictable if you know a person’s hometown and date of birth."

We should read that as sounding as absurd as: "the phone numbering system has a huge security flaw -- phone numbers are discoverable if you know a person's name." This was NOT a design flaw. Nobody, as best I can tell, ever thought, when designing the system, that an SSN should be treated like a PIN, a number known only to the individual, where knowledge of the PIN is considered strong evidence of the identity of the person.

The single best thing which could be done for security at this point is to publish a nation-wide database of all SSNs matched with the names registered to those SSNs, to totally destroy the idea that SSNs should be "secret" identifiers.

The SSN exists to establish that we're identifying the John Doe who was born to Jim and Jane Doe on January 1, 1972 in Madison, Wisconsin, rather than the John Doe who was born on January 8, 1963 in New York City, or the John Doe who was born to Bill and Joan Doe on January 1, 1972 in Madison Wisconsin. It is an identifier, not a PIN.

I'd like a good class action lawyer to consider a nice lawsuit against any creditor who acts on the assumption that somebody who knows a person's SSN must be that person, or authorized by that person to take action on their behalf.

Re:want to see something really scary? (1)

arth1 (260657) | more than 3 years ago | (#36949210)

More to the point, it was meant as a unique key, not as a secret.

Other countries have similar systems where the number is public information, like your name, but unlike your name guaranteed to be unique. Much like a Dunn & Bradstreet number for people.

And yes, that makes a lot of sense for indices. But to believe it in any way can or should be used for authentication is brain dead.

Re:want to see something really scary? (2)

Arlet (29997) | more than 3 years ago | (#36949236)

There's nothing wrong with using a SSN as an identification. The problem is when you use it as authentication.

Re:want to see something really scary? (3, Interesting)

Obfuscant (592200) | more than 3 years ago | (#36949726)

There's nothing wrong with using a SSN as an identification.

Other than the fact that my Social Security Card says quite clearly on the front "not to be used for identification", you would be right. Maybe.

Re:want to see something really scary? (1)

cvtan (752695) | more than 3 years ago | (#36949890)

Amazingly, mine says the same thing! Trying to use that bit of information to avoid giving out your number is never taken seriously though.

Re:want to see something really scary? (1)

Arlet (29997) | more than 3 years ago | (#36950922)

Aside from the assertion the card, why do you think it would be bad ?

Re:want to see something really scary? (1)

Obfuscant (592200) | more than 3 years ago | (#36952012)

Aside from the assertion the card, why do you think it would be bad ?

I think the promise of the government not to do something when they are trying to get rid of objections to that process should be sufficient to make it a bad idea on its face.

Beyond that, we're into a discussion of the idea of a national ID card, which is arguably bad, and not an argument I want to get into today.

Re:want to see something really scary? (1)

Arlet (29997) | more than 3 years ago | (#36952382)

Businesses need to have a unique way to identify their clients.

Using a unique number as identification is no different than using a combination of name, birthday, and some other properties, except that the number is much more convenient.

Silly irrational reasons aside, of course.

Re:want to see something really scary? (1)

Obfuscant (592200) | more than 3 years ago | (#36952794)

Businesses need to have a unique way to identify their clients.

So, I see you want to argue a nation id system. Ok.

  • Businesses are not the US Government.
  • Every business I have dealt with has been able to create a unique account number of their own for me.

I could go on, but that sufficiently deals with the "Businesses need..." argument.

Using a unique number as identification is no different than using a combination of name, birthday, and some other properties, except that the number is much more convenient.

Other than the fact that the government did not issue me my name, birthday, or "some other properties", you've forgotten that a "state issued number" which lacks any reference to name, gender, height, weight, color of hair, birthdate, place of residence, or any other physical property specific to the individual, is so trivally stolen and misused by criminals as to be laughable as a true "ID" of any kind.

Could you provide some argument that supports why the US Government needs to issue and track that number, please? "Business needs ..." doesn't come anywhere close. I'd even say it was laughable as an excuse, if I was in flamebait mode.

Re:want to see something really scary? (1)

DavidTC (10147) | more than 3 years ago | (#36952416)

You're using the same word in different ways. 'identify' can mean 'reference' or it can be mean 'authenticate'.

Your social security is, indeed, used to identify you. As in, it is as a reference, instead of a name, which is not unique. It is a unique 'identifier', that is the entire purpose of it. It is an identifier in the same way that a GPS coordinate is.

What is printed on your social security card is using the word 'identify' to mean 'authentication'. Knowledge of a social security number does not demonstrate that you are you, anymore than knowledge of a property's GPS coordinates does not demonstrate you are the owner.

There is nothing wrong with using social security numbers to reference people. There is everything wrong to use them as authentication, and it's even stupider when they are commonly used as reference. (So that anyone who has a reference to you can pose as you.)

A lot of people sit around an bitch how we have to use our SS numbers for everything, blah blah blah. This is, frankly, fucking stupid. The problem isn't that we use them for that, the problem is that various people allow them to be used to authenticate 'us', and because of shitty consumer protection laws in this country, those people are then allowed to harass us.

We don't even need to change any laws about social security numbers at all. What we need to do is simply have the burden of proof that we did something on these companies.

'identity theft' is nonsense. If I am the 'victim of that, no one stole anyone from me. A third party defrauded another third party using my name, and that third party has decided to harass me about it.

Give me some laws that let me cheaply and easily sue that third party for fucking slander and wasting my time, and we might see some changes in the system, as places actually start using actual authentication, instead of something that's not supposed to be used for authentication.

Re:want to see something really scary? (1)

DragonWriter (970822) | more than 3 years ago | (#36954296)

There's nothing wrong with using a SSN as an identification. [The problem is when you use it as authentication.]

Other than the fact that my Social Security Card says quite clearly on the front "not to be used for identification", you would be right. Maybe.

[brackets in quote from GP are material from GP which was not quoted in parent, but is very relevant]

(1) An SSN is not the same thing as the card,
(2) The sense in which GP uses "authentication" is the sense in which the card uses "identification", that is "proof of identity",
(3) The sense in which GP uses "identification" apears to be "unambiguous reference to a particular entity", e.g., a primary key in a database.

There is a problem using either a social security card or a social security number for authentication (as GP states), which is also what the card itself disclaims when it says it is not to be used for "identification".

There is very little wrong with using a social security number to identify a person and track records that belong with that person (which is, after all, what the Social Security Administration users them for) -- there are some problems that can crop up that can make it undesirable if you aren't the Social Security Administration, but its not a huge problem in most cases.

Re:want to see something really scary? (0)

Anonymous Coward | more than 3 years ago | (#36952412)

DAMN RIGHT!! and it's actually illegal for a company to ask for your SSN on a job application or to see your SSN card at a job interview. Even on the back it says "Not to be used for identification."

Re:want to see something really scary? (1)

treeves (963993) | more than 3 years ago | (#36962706)

They are not using it as identification. They are using to check your credit history, and if they hire you they need it to withhold and pay taxes, etc. I would expect them to want a birth certificate, driver's license, passport, or the like as ID.

Re:want to see something really scary? (2)

psiden (1071350) | more than 3 years ago | (#36949366)

"having a Facebook profile is like walking on a public street" [shouting your name out loud and pushing your ID up everyones face]

Re:want to see something really scary? (2)

icebraining (1313345) | more than 3 years ago | (#36950174)

People on the street know what their name is

Uh, no they don't. How would they?

Re:want to see something really scary? (1)

Ritchie70 (860516) | more than 3 years ago | (#36951282)

Nobody from a small-town or a friendly neighborhood would ask this....

Re:want to see something really scary? (1)

icebraining (1313345) | more than 3 years ago | (#36953018)

You're right, I'm from neither. But even if you are, only a handful or two of people know your name, not the entire world, so it's nothing like having a public profile page with your name on the Internet, which is accessible by all.

Re:want to see something really scary? (0)

Anonymous Coward | more than 3 years ago | (#36948662)

90% of Americans don't care if you know anything and everything about them, are invading their privacy, tracking their behavior or identifying their SSids.

Overgeneralization. They most likely don't care if you know about them and who they are. After all, you can't gain fame or a reputation if you spend your entire life cowering in shadows, hiding from some nebulous THEM who wants to do equally-nebulous Evil Things to you and apparently need to know who you are to do them. Some people actually aren't antisocial, believe it or not. They also don't care about behavior tracking on websites. After all, what're they going to do, advertise more effectively to them? They either have adblockers in place already or they don't have this hangup where they feel icky if some algorithm managed to figure out something they might want to buy. "Invading their privacy" is such a vague phrase whose definition depends on who says it and what point they're trying to make, so I'll ignore it. "Identifying their SSids", though, is the point at which you fly off the deep end and earn the "overgeneralization" fallacy.

Re:want to see something really scary? (0)

Anonymous Coward | more than 3 years ago | (#36948850)

In the shadows I am known as the "Dapper Shadow".

Re:want to see something really scary? (2)

boristdog (133725) | more than 3 years ago | (#36949090)

This is the same problem with the TSA: 75% of Americans only fly about once every 5 to 10 years. So they don't care about the groping. In fact, most haven't even been to an airport since the groping started.

Re:want to see something really scary? (0)

Anonymous Coward | more than 3 years ago | (#36949902)

This is the same problem with the TSA: 75% of Americans only fly about once every 5 to 10 years. So they don't care about the groping. In fact, most haven't even been to an airport since the groping started.

I like the groping. It is the only time I can get a woman to touch me :(

Re:want to see something really scary? (1)

gknoy (899301) | more than 3 years ago | (#36949912)

It makes you wonder how long it will be before the TSA has groped enough people to have pissed everyone off (or enough people to get policy changed).

Re:want to see something really scary? (1)

PRMan (959735) | more than 3 years ago | (#36950014)

It already has. The scanners have been adjusted for radiation levels and now they don't show you naked but show a cartoon instead. At this point, I would have no objection to the scanner.

Re:want to see something really scary? (1)

Anonymous Coward | more than 3 years ago | (#36951216)

I still do. It's an almost useless waste of time, money, and resources. About all we needed was more secure doors for the cockpits and increased public awareness. The TSA is nothing more than security theater to me (even if they aren't violating everyone's privacy, but they currently still are).

Re:want to see something really scary? (0)

Anonymous Coward | more than 3 years ago | (#36951862)

nor will I be until it has ended

Re:want to see something really scary? (1)

zachdms (265636) | more than 3 years ago | (#36953612)

Just flew this weekend and made sure to ask for a groping so I knew how it went. Wasn't that bad.

The larger question of whether they should be doing it at all definitely remains, though.

Stone Age Ancestors (-1)

Anonymous Coward | more than 3 years ago | (#36948316)

In a cave hugging South Africa’s lush southern coastline, Curtis Marean suspects he has cornered a wily Stone Age crew that brought humans back from extinction’s brink. These plucky refugees of continent-wide desolation were able to pull off such a stunning evolutionary turnaround because they got lucky. A coastal oasis near the bottom of the world spread its sheltering arms in the nick of time.

Marean proposes that it was there, where the Arizona State University archaeologist now conducts excavations, that humankind’s mental tide turned sometime between 164,000 and 120,000 years ago. Seaside survivors learned to read the moon’s phases in order to harvest heaps of shellfish — brain food extraordinaire — during a few precious days each month when ocean tides safely retreated.

Tantalizing traces of complex thinking and behavior, including lunar literacy, have turned up at South Africa’s Pinnacle Point, a cave-specked promontory that juts into the Indian Ocean. Chunks of dark red pigment and strikingly beautiful seashells found by Marean’s team in one cave attest to ancient ritual activities. Stone points unearthed in the same cave sport glossy patches, signs that the rock was heated to make it easier to work with. The finds challenge the long-standing view that Stone Age people did not think abstractly and perform complex rituals until about 50,000 years ago.

People chanced upon Pinnacle Point and its dietary bounty, Marean says, only after global cooling had rendered much of Africa barren and uninhabitable. Several genetic studies suggest that modern human numbers throughout Africa plummeted to a few hundred breeding individuals around that difficult time.

“Our excavations may have intercepted ancient people who shadowed the shifting shoreline and are the ancestors of everyone on the planet,” Marean says.

Research on Pinnacle Point’s mussel-seeking moon trackers exemplifies a growing scientific conviction that fish and shellfish have played a largely unappreciated role in brain and mind evolution throughout the history of the Homo genus, which appeared at least 2 million years ago and includes people today. Though several East African savanna sites contain butchered animal bones, signaling carnivorous tastes among human ancestors, some scientists now argue that red meat has been oversold as a dietary staple.

At a meeting of the American Association of Physical Anthropologists, held in Minneapolis in April, researchers argued that ancient menus focused heavily on food from lakes, rivers and oceans. New work presented at the meeting pointed to lakeside fishing in East Africa nearly 2 million years ago, the shoreline shellfish harvesting among Homo sapiens at Pinnacle Point starting more than 160,000 years ago and sea voyages to Pacific Ocean islands by an unlikely group of New World settlers around 12,000 years ago.

Food scientists at the meeting emphasized that nutrients essential for brain growth are much more abundant in fish and shellfish than in red meat or any other food. And grabbing catfish out of shallow waters, not to mention scooping up handfuls of shellfish along the shore, may be far easier than hunting land animals or scaring predators away from meaty carcasses, says archaeologist Jon Erlandson of the University of Oregon in Eugene.

Shellfish collecting and fishing probably began early among members of the Homo genus, Erlandson says. “These foods later could have provided nutrients that enabled the evolution of fully modern brain size and cognition.”

Erlandson suspects that, before Homo sapiens’ Pinnacle Point pursuits, fishing was a catch-as-catch-can affair. Consider ancient cuisine unearthed on the eastern shore of Kenya’s Lake Turkana. Someone there bellied up to an aquatic buffet nearly 2 million years ago, leaving a mess that only an evolutionary scientist could love.

At a site unceremoniously dubbed FwJj20, a team led by anthropologist David Braun of the University of Cape Town in South Africa unearthed butchered remains of fish, turtles and crocodiles. Remains of animals that don’t live in the water but often reside nearby, such as tortoises, birds, giraffes, hippos, rhinos and antelope, also turned up. Stone tools lay among scraped and fractured shells of tortoises and water-dwelling turtles. Several catfish bones bore tool marks made by individuals who cut off the heads of their catches. Whatever members of the human evolutionary family once dined at FwJj20, they needed only basic implements to put catfish and other lake animals in hungry mouths.

“A large rock is probably all that ancient hominids would have needed to catch fish,” Braun said at the anthropology meeting. Even simpler fishing techniques may extend deep into primate prehistory. Orangutans have been found to snatch catfish from shallow ponds bare-handed and chase the finned snacks out of deeper water with poking sticks.

A steady diet of fish would have nutritionally powered brain expansion in early members of the Homo genus, such as the untidy Lake Turkana crowd, in Braun’s view.

The distance between a Pinnacle Point cave labeled 13B and the shoreline changed over time. Shellfish collection probably occurred at times when the coast was within 10 kilometers (highlighted below), though the harvest probably changed with sea level.

The Lake Turkana finds leave a sweet taste in archaeologist Kathlyn Stewart’s mouth. In a 1994 study, Stewart, of the Canadian Museum of Nature in Ottawa, concluded that abundant fish, crocodile and turtle remains at five sites within Tanzania’s Olduvai Gorge represented leftovers from hominid meals. Finds at these nearly 2-million-year-old locations, which have yielded fossils of early Homo and a related lineage called Paranthropus, also include butchered bones of land animals, which have received the lion’s share of scientific attention for more than 30 years.

Game hunting occasionally occurred at Olduvai Gorge, Stewart pointed out at the meeting in April, but aquatic foods provided stable, high-quality nutrition. Pollen data and chemical analyses of fossils indicate that hominids began hanging out in marshy areas, eating grasses and papyrus shoots, more than 3 million years ago, Stewart reported. Papyrus marshes feature a lot of fish, shrimp, snails, mollusks and microalgae, which the gorge residents also dined on. “Lake and river margins provided high-quality food to ancient hominids, especially pregnant and lactating females,” Stewart says.

Some researchers argue that a few aquatic munchfests don’t confirm that ancient hominids across East and South Africa fancied fish. Doubters and advocates alike await finds from more digs along African lakeshores and riverbanks.

Marean suspects that such excavations will demonstrate that an increasing taste for catfish and other water creatures accompanied increases in brain size among early Homo species. Stone Age people exploited that evolutionary endowment at Pinnacle Point, putting their outsized brains together to solve the puzzle of the tides, Marean says.

Protein-rich shellfish, loaded with omega-3 fatty acids crucial for brain development, led to further social innovations, including a move from eating for now to organizing seaside harvests for later, in his opinion. If so, a sense of time needed to plan for the future characterized the human species almost from its start about 200,000 years ago.

Marean’s team previously reported that mounds of brown mussels and local sea snails excavated in one Pinnacle Point cave date to 164,000 years ago, providing the earliest evidence of coastal dwellers scarfing shelled food with relish, if not condiments.

The researchers have since found that, by 110,000 years ago, limpets and sand mussels joined the menu. Shellfish foragers face their own brand of perils, Marean explains. Mussels, limpets and sea snails live in treacherous rocks that border the ocean. If the tide is not at its lowest, incoming swells can easily knock collectors onto sharp rocks or into the sea.

The cave excavated by Marean’s group sat two to five kilometers inland around 164,000 years ago, when sea levels were lower than today. Early foragers must have scheduled their activities around the best times to go to the coast for shellfish. When tides were high, foragers instead headed inland eight to 12 kilometers to exploit other foods in South Africa’s rich Cape Floral Region. This 90,000-square-kilometer strip curves around the bottom of Africa like a half-smile. Many plants in the Cape Floral Region produce edible geophytes, underground energy-storage organs that swell with carbohydrates at certain times of the year.

Coastal residents dug up geophytes and hunted inland game until the moon issued a call to the sea, Marean proposed at the anthropology meeting. When the sun and moon align, their combined gravitational forces cause daily tides to spring back and forth from extremely low to extremely high levels. Such spring tides, a twice-monthly effect that has nothing to do with the seasons, correspond to full and new moons.

During spring tides, low tides advance by 50 minutes each day. Fishers and other coastal devotees today consult printed tide schedules or programmed watches to coordinate activities with daily tidal rhythms. Pinnacle Point’s Stone Age crowd informally estimated each day’s prime time for shellfish collecting, Marean suggests.

Access to shellfish wasn’t always available during the Stone Age, though. Climate and environmental records indicate that South Africa’s coastline repeatedly advanced and retreated between 195,000 and 123,000 years ago. Thanks to a gently sloping continental shelf off much of the coast, as much as 95 kilometers of land was exposed when sea levels retreated during that period, Marean and his colleagues estimate.

Pinnacle Point attracted human visitors when its caves lay within about a day’s walk of the sea, the scientists assert. This off-and-on shoreline access over tens of thousands of years was enough to trigger big lifestyle changes. “Organizing foraging activities around a complicated system of tidal timing had a trickle-down impact on social life,” Marean says.

Abundant shellfish and geophytes made foragers less nomadic, increased birthrates and reduced infant death rates, Marean suggests. Burgeoning Pinnacle Point communities adopted symbolic and ritual behaviors, as well as advanced toolmaking techniques, to express social identities.

Tide tracking’s domino effect on mental and social life may have given modern humans a survival advantage when they met European Neandertals after leaving Africa. Caves overlooking the Mediterranean Sea in southwestern Europe contain remains of fish, seals and dolphins, as well as mollusks, eaten by Neandertals toward the end of their evolutionary run around 42,000 years ago (SN Online: 9/22/08). But these Neandertal caves contain no huge shell heaps that suggest that coastal visits occurred at tidal low points, when masses of mollusks lay exposed, Marean argues.

It seems that hungry Homo sapiens patiently consulted the moon, whereas Neandertals heeded the urgency of their grumbling bellies.

Tide tracking at Pinnacle Point led to expanding numbers of people who eventually turned to sea travel to find virgin territory. These seafood-lovers may well have colonized the world.

Starting around 50,000 years ago, ocean voyagers based in Asia fanned out across the Pacific to Australia and points beyond. These mariners have sailed under the radar of many scientists seeking the earliest settlers of the Americas, Oregon’s Erlandson asserted at the anthropology meeting.

Inland sites in North America contain stone points and mammoth bones that have nurtured a decades-old idea: The New World was first colonized by Asian big game hunters who crossed a land bridge to Alaska around 13,000 years ago. A corridor through massive ice sheets ushered these intrepid carnivores into what’s now the United States, where they founded the Clovis culture, named after a New Mexico site that has yielded stone spear points.

It’s now an open question whether the Clovis-first hypothesis will hold up, Erlandson says. In the March 4 Science, he and his colleagues reported that people lived on California’s Channel Islands by about 12,200 years ago. A sea cruise of nine to 10 kilometers was required to reach these ocean outposts.

Three Channel Island sites — seasonal camps, most likely — yielded narrow-stemmed stone points and crescent-shaped implements, lying among bones of seabirds such as geese and cormorants, seals and other sea mammals, and several types of fish. Piles of shells from red abalone, giant chiton, mussels and other shellfish also turned up.

Stone tools found on the Channel Islands look nothing like Clovis points. In an upcoming Quaternary International, Erlandson and Todd Braje of Humboldt State University in Arcata, Calif., argue that stemmed stone points found on the islands instead resemble those that have been found at coastal sites stretching from Korea, Japan and northeastern Russia to North and South America.

These finds date to between 35,000 and 15,000 years ago in Asia, and to as early as 14,500 years ago in the Pacific Northwest, Erlandson said at the meeting, supporting his suspicion that initial New World colonists used canoes or other vessels to navigate along the coast from Asia to the Americas. Stemmed points found around lakes and marshes in western North America look like Channel Island finds, indicating that coastal people not only cruised the open sea but headed inland, possibly to trade for goods with Clovis people, Erlandson says.

“We have to start creating new models of the peopling of the Americas,” he says. “Received wisdom and a good story can inhibit research for decades, as happened with the Clovis hypothesis.”

Encroaching oceans also inhibit investigations of humankind’s water-traveling ancestors. A global sea level rise of about 120 meters between 20,000 and 6,000 years ago flooded shorelines and nearby lowlands where ancient populations presumably camped. “Current evidence for Stone Age coastal occupations represents the tip of the iceberg,” Erlandson says.

Yet the patchy evidence available for ancient tide tracking on South Africa’s coast leaves some researchers skeptical. A connection between shellfish harvesting at Pinnacle Point and a rapid transformation in human thinking remains questionable, argues Stanford University archaeologist Richard Klein.

Coastal caves bearing stone tools and seafood remains from more than 164,000 years ago may yet be found, he asserts. And shellfish gathering requires no special knowledge, tools or personal risk if the tide happens to be out. Coastal baboons in Africa collect and eat shellfish. Seagulls drop mussels and other tidal treats on hard ground to break open shells, leaving behind what sometimes looks like human garbage, Klein says. Also, abundant archaeological evidence of fish eating by Europeans and Africans dates to no more than 50,000 years ago, long after brain size had ballooned.

“It will take a long time to test my hypothesis about an ancient coastal adaptation in South Africa,” Marean acknowledges. Prime shoreline camps from long ago undoubtedly lie underwater, “guarded by great white sharks and dangerous currents,” he says.

He and his colleagues are now exploring more caves at Pinnacle Point and have expanded their search to caves on South Africa’s eastern coast. Some of these sites are located where the continental shelf drops steeply and the coast was always near, possibly giving researchers access to ancient camps that never got inundated by the ocean.

Marean looks forward to further encounters with long-dead lunar tide trackers. This is, after all, no fishing expedition.

But SSNs aren't identifiers! (-1, Troll)

Baloroth (2370816) | more than 3 years ago | (#36948398)

This isn't a problem: the government promised that SSNs would never be used as ID numbers! They even printed [angelfire.com] it [wikipedia.org] on early SSN cards. So no one could use this for identity theft, right? Right? I mean, that'd mean the government broke its promise when it instituted the Social Security program. It's just like how the program could never go broke, even though it's a pay-as-you-go system. After all, there will always be more workers than retired people, even if people retire early... wait, abortion, birth control, and increased lifespan mean that there aren't enough young people to pay for retirement? So where's the money going to come from? I'm certainly not going to be paying 3-4 times what I am now in 30 years, right? That could never happen either. After all, the government always keeps it promises and plans carefully to fulfill its obligations...

HAHAHAHAH, sorry, couldn't write that with a straight face.

Re:But SSNs aren't identifiers! (1)

DickBreath (207180) | more than 3 years ago | (#36948622)

There are two ways the government can keep its promise never to use SSN's become national IDs.

1. Create a new national ID system.
2. Use this as an excuse to get rid of the entire social security system.

Re:But SSNs aren't identifiers! (3, Insightful)

kbolino (920292) | more than 3 years ago | (#36948790)

The SSN was never intended as a means of identification initially, but:

1. When a system of identification was needed, the SSN system was already in place;
2. In theory, SSNs have a 1:1 person-to-number correspondence, unlike other forms of identification (name, birthplace, birthdate, etc.);
3. Without such a system, the government would perform much more invasive checks for things like employment, voting, and banking.

So either you accept that the government shouldn't be doing such things (so "illegal" immigrants can work, dead people can vote, and terrorists can open bank accounts, e.g.) or you recognize that SSNs are the lesser of two evils.

That doesn't mean there couldn't be a better system, but such a system would invariably require the government to keep even more information about its citizens.

Re:But SSNs aren't identifiers! (1)

icebraining (1313345) | more than 3 years ago | (#36950414)

that'd mean the government broke its promise when it instituted the Social Security program.

Wait, what? What do you think the two S in SSN mean?

Re:But SSNs aren't identifiers! (1)

Obfuscant (592200) | more than 3 years ago | (#36950658)

Wait, what? What do you think the two S in SSN mean?

"Social" and "security".

That has nothing to do with the promise that the SSN would never be used as a nation ID, which is the promise already broken.

The next promise to go will be the "security" part.

It will always be "social". I guess. Kinda like a government-run Facebook or MySpace. More like MySpace, since it will be suckier.

Bad writeup (5, Informative)

jandrese (485) | more than 3 years ago | (#36948402)

The writeup made it sound like you could look at a crappy snapshot of a person and magically discover their SSN. What actually happened is that they trolled the Facebook profiles for their hometown and date of birth to discover the SSNs, the webcam was just to match up the person sitting at a terminal currently with their Facebook profile. The story is basically: Off the shelf facial recognition software seems to work pretty good, even with a crappy webcam.

Roundabout... (2)

Haedrian (1676506) | more than 3 years ago | (#36948420)

I find this article title to be silly.

What they do is use facial recognition to match people to their Facebook profile, then use the details stored there to obtain the SSN.

Up next:

- How names and surnames can Uncover SSN
- How giving people your email address can Uncover SSN.
- How running a facebook search can Uncover SSN

Re:Roundabout... (4, Insightful)

Jahava (946858) | more than 3 years ago | (#36950754)

I find this article title to be silly.

What they do is use facial recognition to match people to their Facebook profile, then use the details stored there to obtain the SSN.

Up next:

- How names and surnames can Uncover SSN - How giving people your email address can Uncover SSN. - How running a facebook search can Uncover SSN

Researchers demonstrated a clearly fatal flaw in SSNs. They have shown beyond a shadow of a doubt that the current SSN system is unsuitable for usage. They did this years ago ... and nothing has changed. It's not a political talking point. There's no proposed solution sweeping in to correct the problem. SSNs still are the gateway to every American's private information, and there's no sign that this will stop being the case, despite clearly-fatal flaws.

I welcome anything that makes this scary enough for people to demand that SSNs be immediately deprecated. This article is just the same researchers shouting louder, but the system does need to change.

Re:Roundabout... (1)

rsmith-mac (639075) | more than 3 years ago | (#36953886)

That's because the only workable solution is to replace the SSN with another government issued ID - Real ID. And that went over like a lead balloon in a lot of places, as people tend to freak out when you explicitly tell them that they will be issued a unique ID number. If it's an SSN people don't freak out because they've had it since birth and accept it as a normal part of life.

Scaremongering (2)

Anonymous Coward | more than 3 years ago | (#36948422)

The algorithm found out people hometowns and dates of birth, and used it to determine the first 5 digits of the SSN (not the scarier last 4 digits).

Re:Scaremongering (0)

Anonymous Coward | more than 3 years ago | (#36948586)

Back in the 90s, my college like a lot of colleges, helpfully used those in our email addresses.

Re:Scaremongering (1)

craigminah (1885846) | more than 3 years ago | (#36948674)

...ironically we use the last-four digits to identify people instead of the SSN, but if the first five can be derived from location data then the last four are the part you wouldn't want to divulge. Interestinly, I work for the DoD so why should I expect their policies to make any sense in the first place? Meh, I'll post my DNA to the Internets in a coupel of days to get this out of the way...

Re:Scaremongering (2)

Zerth (26112) | more than 3 years ago | (#36948800)

The same 4 digits that Universities regularly post on the walls of lecture halls because they don't want to post your grade next to your name?

Re:Scaremongering (0)

Anonymous Coward | more than 3 years ago | (#36949252)

Don't you have a kind of student ID number? The University I went (in Rio de Janeiro, Brazil) issued everyone students ID cards and every kind had a unique number (YYYYCCCXXXX, year of admission, course code, identifier). Public papers with grades were usually in the ID GRADE format, without your name or document numbers.

Re:Scaremongering (0)

Anonymous Coward | more than 3 years ago | (#36949376)

The same 4 digits that Universities no longer post anywhere and for which they fire people because they don't want to deal with this problem?

Re:Scaremongering (0)

Anonymous Coward | more than 3 years ago | (#36950042)

As of 4 years ago(ancient, I know), you still had to ask to get a non-SSN student ID at the Uni I went to.

Re:Scaremongering (1)

brusk (135896) | more than 3 years ago | (#36950602)

Colleges stopped doing that a few years ago.

Not exactly. (1)

Cragen (697038) | more than 3 years ago | (#36948430)

The reviewer, unsurprisingly, left off (or didn't emphasize) a quite important part of the study. Still it's pretty neat. From TFA: "At the head of the research team was Alessandro Acquisti, a CMU professor who pointed out in 2009 that the social security number system has a huge security flaw — social security numbers are predictable if you know a person’s hometown and date of birth [emphasis mine] . This study essentially adds a facial recognition component to that study. Acquisti, Ralph Gross and Fred Stutzman ran three experiments. In the first, they data mined Facebook for photos of people with searchable profiles. They then used that database of faces and identities when applying off-the-shelf facial recognition technology (PittPatt) to “anonymous” singles on a popular dating site. Acquisti told me in an interview last month that they were able to reidentify 15% of the digital Cupids. In the second experiment, they used a $35 webcam to take photos of CMU students. They then asked the 93 participants to take a quick online survey. While they did that, the facial recognition software went to work figuring out who they were. Acquisti told me that 42% of those participants were linked to their Facebook profiles. Finally, the third experiment was the one to link faces to their unique nine digits For those participants who had date of birth and city publicly available on their account, the researchers could predict a social security number (based on the work from their 2009 study). "

(That would also be "Place of Birth", not hometown, as those two items are often quite different.)

Not even nearly... (1)

msauve (701917) | more than 3 years ago | (#36948644)

FTA: "The researchers sent a follow-up survey to their student participants asking them whether the first five digits of the social security number their algorithm predicted was correct. "

SS numbers are 9 digits long. Matching the first 5 digits isn't matching 9 digits. The first 3 are associated with place, the second 2 are fairly predictable based on when the SSN was issued, but the last 4 are just assigned sequentially [ssa.gov] . Also, there is no requirement to get an SSN shortly after birth [ssa.gov] , so SSNs aren't even necessarily associated with birth date.

Re:Not even nearly... (1)

SQLGuru (980662) | more than 3 years ago | (#36948828)

I have a twin. We were (obviously) born in the same place at roughly the same time (three minutes apart). The first five digits of our SSNs differ.....I'll leave it as an exercise for the reader to determine by how much.

Just saying.

Re:Not even nearly... (1)

coinreturn (617535) | more than 3 years ago | (#36949214)

But you probably didn't have numbers assigned at roughly the same time. Either applications were sent at different times or they were processed in different piles on different desks in different offices.

Re:Not even nearly... (1)

SQLGuru (980662) | more than 3 years ago | (#36950778)

My point was that knowing my hometown (place of birth) and birthdate wasn't sufficient to distinguish the first five digits of my SSN given that I have an example of a person with the same place of birth and same birth date (my twin). It's a counter example to the hypothesis that knowing those two bits of information give you the first 5 digits.

You've added another variable which cannot be gleaned from FB (as far as I know).....that variable is one of a) assignment date, b) application date, or c) pile the application landed in. If those three variables were included, I'm pretty sure their accuracy wouldn't have been as high as it was.

Re:Not even nearly... (1)

SleazyRidr (1563649) | more than 3 years ago | (#36951546)

What I'm reading from this is that as an individual you'll probably get lost in the crowd, but for someone using this technique they'll be able to get SSNs from a significant proportion of the people they look at. So I'm sleeping at night by thinking attack vectors are possible, but they probably won't hit me.

Re:Not even nearly... (2)

geoffball (1195685) | more than 3 years ago | (#36952722)

I have triplets. Two of the SSNs are sequential. The third is the second +5.

Re:Not exactly. (1)

arth1 (260657) | more than 3 years ago | (#36949830)

the social security number system has a huge security flaw â" social security numbers are predictable if you know a personâ(TM)s hometown and date of birth

That's not a security flaw - that's a good thing. As long as the SSN is used as intended - as a unique key - everything that makes it easier to find that key is good.
The flaw is trying to use that key for authentication.

the article says they only got the first 5 digits (1)

YesIAmAScript (886271) | more than 3 years ago | (#36948450)

Which makes sense, since you couldn't more than guess at the last 4 no matter how much info you have.

Is it really an issue that people can use a webcam to make up a number which shares 5 digits with my SSN?

Re:the article says they only got the first 5 digi (0)

Anonymous Coward | more than 3 years ago | (#36948570)

Is it really an issue that people can use a webcam to make up a number which shares 5 digits with my SSN?

Possibly, given that the last 4 digits (the ones this technique can't guess) are commonly used to display a "sanitized" short SSN. For instance, my student loan paper work has xxx-xx-nnnn for an identifier...

Re:the article says they only got the first 5 digi (0)

Anonymous Coward | more than 3 years ago | (#36948680)

Given your face they can track back to a name, and frequently a birthdate and home town.
If you're younger than 40, that's almost always enough to get the first 5 digits of your SSN.
For added stupidity, a con artist using Linked In could then ping you with a job and ask for the last 4 of your SS# thereby getting your entire SS# and possibly a signature.

a con-artist could ask for your whole SSN (1)

YesIAmAScript (886271) | more than 3 years ago | (#36949164)

Why do I need the webcam again?

Yes, I'm aware of the link to the first 5 digits. That's how they make up their SSN that matched 5 digits.

It's the last 4 that is the trick and they didn't move the needle on this.

You're far more likely to have your SSN taken in a hacking right now than by this webcam anyway.

Re:the article says they only got the first 5 digi (0)

Anonymous Coward | more than 3 years ago | (#36948710)

I thought the last four were assigned incrementally and could be guessed reliably based on birthdate

Re:the article says they only got the first 5 digi (0)

Anonymous Coward | more than 3 years ago | (#36949766)

Well if they can guess the first 5, the last 4 are often used by different institutions to identify you over the phone, or at least they try... So I'm sure for a lot of people, the last 4 are documented somewhere.

Weird way to put it (1)

roman_mir (125474) | more than 3 years ago | (#36948522)

Finding SSNs by using facial recognition software is just one use of this, more importantly is that facial recognition can be used to search for people and find who they are. Sure, SSN is part of that data, but it looks like more important part here is connecting the face to the name and location.

headline fail (1)

Anonymous Coward | more than 3 years ago | (#36948560)

first thought: "... how could the government know what your face will look like when they give you your ssn?"

The real headline should be: "Access to your Facebook Profile can uncover your SSN"
First line: "Oh btw, you can figure out whose facebook profile to troll by using facial recognition."

Re:headline fail (0)

Anonymous Coward | more than 3 years ago | (#36949708)

My first thought was that facial recognition software was being correlated with a database of facial features unique to a particular area. For example, certain eye shapes, skin tone, etc... are known to be most prominent in town X and based on the photo, they appear to be age Y. As it turns out this wasn't the case.

Fucking assholes (0)

Anonymous Coward | more than 3 years ago | (#36948580)

Don't tag me bro. Don't identify me bro. Don't track me bro. Don't research me bro.

CMU, fuck you.

Article doesn't even make sense (2)

vlm (69642) | more than 3 years ago | (#36948602)

Finally, the third experiment was the one to link faces to their unique nine digits

For those participants who had date of birth and city publicly available on their account, the researchers could predict a social security number (based on the work from their 2009 study). The researchers sent a follow-up survey to their student participants asking them whether the first five digits of the social security number their algorithm predicted was correct.

I'm missing a little something here.

Until recently, the first five digits, were, by definition, based on state/city and birthdate. Ask a genealogist or anyone interested in "private eye" stuff from the past couple decades... they probably have a table you can look up the first five vs location. The first three were strictly based on state; I was born in WI in the 70s; We all have the same first 3. The next two were issued more or less by city/hospital. So everyone born in the same hospital, pretty much for that year, has the same first five. At most, they had a rather shallow pool of a couple to draw from. Why they needed a study in 2009 to "discover" something that has been in endless publications is a mystery. Its like saying we need a "study" to "discover" how to fill out a IRS 1040 form based on neural network analysis of a statistical sample of tax returns, or we could just RTFM or RTF govt publication explaining in great detail what the answer already is.

You don't even need a statistical sample study. Just pull the SSDI and chug away. Social Security Death Index. Notice anything interesting about the publicly available SSNs for people born in Milwaukee in the mid 70s who are already dead? You have to wonder about old people, if the only person left alive from my Grandma's birthplace/birthyear is granny, and all SSNs for that year and hospital are in the SSDI except for the one ending in 1234, and she's the only one left alive, hmm, I wonder what grannies SSN might be? The point being that the "secret" is by no means 4 digits long = 1 out of 1e4. Its more like 1 out of (1e4 minus the number of dead people per the SSDI) I would imagine some entire swaths of the SSN namespace are dead people in the SSDI, except for the few elderly still living.

The other mystery is all they verified was the "public" half of the SSN. The "private" 4 digits was not verified. So, they've accomplished ... nothing.

Re:Article doesn't even make sense (0)

Anonymous Coward | more than 3 years ago | (#36949386)

This is not correct. SSNs, before the recent randomization, were assigned based on location and time of application. Until 1989, time of application and birth were *not* tightly correlated. Parents might apply for an SSN for a child when they needed it for tax purposes (at some point at age 5, at some point at age 2). For somebody born in the 1970s, an SSN application might not have been filed until needed for a job.
The first three digits of the SSN (the area number) is indeed based on location. However most states, including WI, have a range of area numbers (New York for example has 85) that the assignment algorithm cycles through. If you look at the SSDI for example, look for people born in WI in 1975 and sort by date of birth you'll see the following area numbers: 395, 395, 389, 390, 394, 393, 397, 389, 392, ...

Re:Article doesn't even make sense (1)

vlm (69642) | more than 3 years ago | (#36957870)

For somebody born in the 1970s, an SSN application might not have been filed until needed for a job.

Simply not true. I lived it. Back in ye olden days when SSNs were considered the public identifier that they are, I think about 1/4 of my army reserve unit had the same first 5 as me...

There has been a big push to get hospitals to get kids SSNs upon birth for a long time. Maybe a kid born with a midwife in a commune in the 70s wasn't assigned a SSN until the early 90s, but I've never heard of that.

Check out

http://www.ssa.gov/history/ssn/ssnchron.html [ssa.gov]

If mom an dad opened a minor savings account for the kid after 1970, the bank required a SSN. Any kid attending school was enrolled in 1972, presumably that means any kid born after about 1967 had a SSN issued in 1972, unless they were homeschooled. Looks like in '75 any kid in a welfare family, or in '77 any kid in a food stamp family (which is now something like 30% of the child population) required a SSN. Regardless of job status, any kid with a drivers license in '76 had a SSN.

Theoretically, both in the 70s all the way to the present day, if an uninsured mom had an uninsured kid, were born outside a hospital, the parents never claimed the tax deduction, the kid never had a bank account, the kid never attended school, the kid never received any govt handouts or at least the family never got credit for the kid, the kid never filed a tax return for non-wage income, and finally the kid got a job before the kid got any sort of state drivers license or ID... then, maybe, the kid wouldn't get a SSN before they get a job.

Of course with teenager unemployment running 50% now, and new graduate unemployment nearing that, its all kind of irrelevant now...

Re:Article doesn't even make sense (0)

Anonymous Coward | more than 3 years ago | (#36949770)

Also most foreign students (F-1 visa holders) do have SSNs.

Re:Article doesn't even make sense (0)

Anonymous Coward | more than 3 years ago | (#36955254)

No, they don't have SSN's they have TIN (Tax Identification Numbers).

Re:Article doesn't even make sense (0)

Anonymous Coward | more than 3 years ago | (#36953516)

Nope, there is no part of any SSN that has anything to do with where you were born. The first three numbers are indeed a geographic tag, but it's where the SSN office is that processed the application. I was born in Wisconsin in the 70s, too - the first digit of my SSN is "2", because my SSN is not a Wisconsin SSN, I agree with most of the other stuff you posted; in fact, I'm surprised that you got that wrong.

Re:Article doesn't even make sense (1)

vlm (69642) | more than 3 years ago | (#36957918)

The first three numbers are indeed a geographic tag, but it's where the SSN office is that processed the application. I was born in Wisconsin in the 70s, too - the first digit of my SSN is "2", because my SSN is not a Wisconsin SSN, I agree with most of the other stuff you posted; in fact, I'm surprised that you got that wrong.

No I willfully ignored it. I do some genealogy and as you probably know, the SSDI makes dead relatives SSNs public upon death. Both evidence from my own family, and in general reading on genealogical research, your situation is very unusual. Going "all the way back" pretty much everyone born after the late 30s has a SSN from the hospital they were born in, usually in the state the live in.

I'm guessing a special situation that doesn't apply to many people:
1) Military family getting transferred around?
2) You popped out early during a family vacation to WI (BTW Nice place to vacation, other than the mosquitos, I like it too..)
3) You're one of those border people... Let me guess, born in Lake Geneva or Eau Claire or someplace bordering the U.P. and the closest hospital meant crossing the Cheddar Curtain to be born in WI?

Re:Article doesn't even make sense (0)

Anonymous Coward | more than 3 years ago | (#36953704)

My first digits are 043-04-????.

I'm actually not an American, but worked in the states as a student about 10 years ago.

I've always wondered why there was a big deal about SSNs. It's only printed on a crappy torn-off piece of blue card - easy to forge if you wanted.

In NZ we have IRD numbers, but they're not used for anything else except for tax purposes. We give it to our employers when we state work (so PAYE tax can be taken off) and to our banks (so tax can be charged on interest) but that's the only time we really need it.

Guys? (1)

Anonymous Coward | more than 3 years ago | (#36948614)

The article says they used a $35 webcam. Imagine what they could have done if the had a $100 webscam! That would be almost 3 times the facial recognition and 3 times the SSN cracking! Oh noes! Don't give them any more funding! -www.awkwardengineer.com [awkwardengineer.com]

The first 5 digits of a SSN is not a SSN (1)

ivandavidoff (969036) | more than 3 years ago | (#36948714)

"The researchers sent a follow-up survey to their student participants asking them whether the first five digits of the social security number their algorithm predicted was correct."

No word on how well they did, either.

From the Schneier Study: "Information about an individual's place and date of birth can be exploited to predict his or her Social Security number (SSN). Using only publicly available information, we observed a correlation between individuals' SSNs and their birth data and found that for younger cohorts the correlation allows statistical inference of private SSNs. The inferences are made possible by the public availability of the Social Security Administration's Death Master File and the widespread accessibility of personal information from multiple sources, such as data brokers or profiles on social networking sites."

What that means is that since SSN ranges are allocated regionally, and individual SSNs are generated sequentially, people born in the last 30 years around the same time in the same area will have similar SSNs. This isn't all that magical, and relies on consistent SSN allocation practices. It's just another form of social engineering. The SSA can completely stymie this with just a little bit of randomization.

Re:The first 5 digits of a SSN is not a SSN (1)

Ritchie70 (860516) | more than 3 years ago | (#36951366)

And in fact, if I recall correctly, they are moving away from the old method with newly issued numbers.

It's not the birthdate that matters as much as the date of SSN issue though. For those of us the age of college students parents, we weren't issued numbers at birth.

My sister, three years younger, and I both got ours at the same time. They differ by the last two digits.

Foreign and no SSN.... Check your facts... (0)

Anonymous Coward | more than 3 years ago | (#36949106)

Foreign or not you apply for and get a SSN, when you enroll there... Unless they participated in the experiment during the first 2 weeks of enrollment. Furthermore most foreign students not only will have SSNs and will have similar ones if they applied the same day. That may explain the high success rate in guessing the first 5 digits... Go figure...

Re:Foreign and no SSN.... Check your facts... (1)

TamCaP (900777) | more than 3 years ago | (#36949584)

Not completely correct.
Since few years SSNs have not been issued to international students on arrival / enrollment, but only when they take up their first student job (if any)... On arrival they get an ITIN number instead. And yes, many places that demand the SSN don't know what to do with the ITIN when they get one (despite the fact that the law states it should function in almost the same fashion).

Re:Foreign and no SSN.... Check your facts... (0)

Anonymous Coward | more than 3 years ago | (#36950820)

Most grad students will have SSNs as they get paid by their advisors, etc. Then again I may be wrong again.

Unibrow kids (0)

Anonymous Coward | more than 3 years ago | (#36949864)

Like spotting 3 breasted women and cyclops kids. Must be from that part of the state.

Problem is not SSN. It is the banks. (1)

140Mandak262Jamuna (970587) | more than 3 years ago | (#36949976)

The problem is not our inability to keep SSN confidential. The problem is banks and credit card companies are willing to lend without any checks. They fight tooth and nail any law that will give me the ability to "freeze" my credit lines. They prevent me from taking any steps that will make it more difficult for the identity thieves to impersonate me. Then they come dunning for the money they "lost" and they come begging for bail outs.

As long as the Republicans are in the pockets of these banks and fight the nomination of true consumer rights advocates like Elizabeth Warren, these things will continue to happen.

Re:Problem is not SSN. It is the banks. (1)

Chibi Merrow (226057) | more than 3 years ago | (#36950652)

You think Democrats aren't in the pockets of banks? Seriously?

Re:Problem is not SSN. It is the banks. (0)

Oligonicella (659917) | more than 3 years ago | (#36951014)

You need to brush up on facts. What you spouted is very far from reality.

libel and slander of aggregation (1)

epine (68316) | more than 3 years ago | (#36953128)

Hate to intrude with an original thought. We have fairly strict libel laws to prevent slathering misinformation about a person hither and yon, whether the SOB deserves it or not.

Linking vast swathes of electronic records together of dubious provenance, accuracy, and agenda is in many ways worse than public slander: it only takes place in closed rooms behind your back with your immediate financial interests at stake, it's hard or impossible to prove this is going on, and recourse under the law heavily favours the windmill.

When it's just one institution putting black marks on your file for lodging an accurate complaint, so be it. In the theory of the market, you can severe your relationship and start fresh with a different service-minimizing, TOS-touting telecom-in-training.

When your insurance company puts a black mark on your file for filing a successful claim, and then they share with every other financial institution on the planet that you're a born complainer, or it gets linked up surreptitiously behind the scenes, this is not right.

Using a government sanctioned number just makes it that much easier to pretend "the number is really you" rather than using some UID of their own devising, which is clearly just an access key into a database of dirt cobbled together by grasping econocrats.

Anonymizing data (0)

Anonymous Coward | more than 3 years ago | (#36953190)

When I was responsible for anonymizing data to provide test cases for external developers, part of the process was changing all birth dates to the 1st of the month. That's good enough for just about any analytical purpose except astrological predictions. Changing the last 2 digits of the zipcode to "99" significantly fuzzed the location. Might not be sufficient to mask the identity of the occasional 103 year-old in a sparsely populated region, but nothing to lose sleep over.

  I've never posted my true birthdate on any public site.

What kind of algorithm ... (1)

CaptainAmerica1941 (689079) | more than 3 years ago | (#36953716)

did they use to get past all the duckface and tongue hanging out pictures?

please (0)

Nyder (754090) | more than 3 years ago | (#36954376)

First off, hometown don't mean shit.

I didn't get assigned my SSN in my hometown, i was across the country at the time.

In fact, i've had local pigs claim i was giving them a fake SSN back when i would get hassled more (when i was a junkie).

Of course, the average IQ of the local police is like 12 or something.

But whatever.

The other weird part is, most peeps I grew up with, don't live here anymore. So once again, what does hometown have to do with shit?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?