Giant Equifax data breach: 143 million people could be affected - link to check your risk in post by 1kiki

I believe in solving problems, not sharing them.

It must be the Russians. [/snark]

I'll bet they use Windows servers.

Quote:
Consumers can check to see if they've potentially been impacted https://www.equifaxsecurity2017.com/potential-impact/ by submitting their last name and the last six digits of their social security number.

So, a recently-hacked site tell me to submit my name and six SSNs? How do I know the problem is fixed NOW??? Maybe that submission in and of itself is a risky thing to do? I'll wait for the letter, thank you.

Quote:
Those affected will be given a date to enroll in free identity theft protection and credit file monitoring services.

Yanno, you can get free reports from the other (unhacked) services.

Quote:
The breach occurred between mid-May and July, Equifax said. The company said it discovered the hack on July 29.

Over a month ago. What were they doing during that time: shitting bricks?

Quote:
"This is reason Number 10,000 to check your online bank statements and credit card statements on a regular basis, ideally weekly,"

But for god's sake don't use your smart phone; it's the least-secure platform out there!

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Thursday, September 7, 2017 7:21 PM

I keep wondering if all these "hacks" have been performed by Life Lock employees. I'm sure it's one of those "if you don't call and cancel the service by such date we will continue to charge you until you notice it" kinda things.

Quote:
Signym
So, a recently-hacked site tell me to submit my name and six SSNs? How do I know the problem is fixed NOW??? Maybe that submission in and of itself is a risky thing to do? I'll wait for the letter, thank you.

I'll agree with THAT.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Thursday, September 7, 2017 8:24 PM

1KIKI

Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.

I agree with all of the above. But it seemed like a good thing to alert people to.

I don't use a smart phone. I never give out vital info.

It makes me wonder - the people who are glued to their devices without an apparent care in the world - what are they thinking?

Trump is not the problem. He set himself against the Deep State's agenda. And the Deep State's been heading for WWIII for years.
As for you, you're just a Deep State useful idiot, furthering its agenda. So I hope you enjoy cesium in your coffee. You've earned it.

NOTIFY: N | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 12:30 AM

Quote:
Originally posted by 1kiki:

It makes me wonder - the people who are glued to their devices without an apparent care in the world - what are they thinking?

I get to ignore the planet and all the people on it for a while??

Unless it's the people you want to on social media crap, or it's actual work...which I hear tell some people do that.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 12:57 AM

Quote:
Originally posted by Wishimay:
Quote:
Originally posted by 1kiki:
It makes me wonder - the people who are glued to their devices without an apparent care in the world - what are they thinking?

I get to ignore the planet and all the people on it for a while??

Unless it's the people you want to on social media crap, or it's actual work...which I hear tell some people do that.

Yep, I've had a few jobs where we had to be tethered to our phones. 2 of them had sites which often had no reception inside the facility, and even sites where phones were prohibited.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 1:20 AM

1KIKI

Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.

Quote:
Originally posted by Wishimay:
I get to ignore the planet and all the people on it for a while??

But ... the days of being a rare unlucky target are long gone, now that we've entered the era of the mass hack where hundreds of millions are swallowed up in one gulp. Do you not want to minimize your risk?

NOTIFY: N | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 3:00 AM

I don't think ANY of the hacks are unintentional. Gov't has your data already, all they lack is your "permission" to control it.

With the data reporting companies going down, and the CEO's will soon be prosecuted for insider trading when they dumped their own stocks this morning...Who is left but Big Brother Blue Sun....

I dunno. Maybe for the majority of people Gov't regulating that info might not be sucha bad things, either. I mean, identity theft is getting harder and harder for law enforcement and regular people to handle anyway.

I agree, the thought scares me shitless...but...who else can do it???

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 3:32 AM

https://frontier.yahoo.com/news/murderers-rapists-pedophiles-given-top
-212058191.html
This is very, very dangerous,” said Daniel E. Payne, head of the Defense Security Service, which oversees the issuing of temporary clearances on behalf of the Pentagon, McClatchy D.C. reported. “I’ve got murderers who have access to classified information. I have rapists. I have pedophiles. I have people involved in child porn. This is the risk we are taking.”

Maybe it'll give the gov't an excuse to actually fix this as well. Hell, for all we know THESE are the idiots who've been doing the hacking...

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 6:10 AM

I believe in solving problems, not sharing them.

Did I ask Equifax ... or Experian, or Transunion, or Google, or Amazon .... to put my info in a nice fat juicy tempting database?

NO!!

Well, do they think that offering me a cheesy "free" credit watch is going to make up for damages that I might suffer as a result of ID theft?

NOT LIKELY!

These corporations that make it their business to collect information without permission, I hope they get the PANTS sued off them. They need to be held effing accountable for a change.

And we need a change in our privacy laws too, something that gives us the same right to privacy from corporate snooping as from government intrusion. I've said for many years now, the way to reduce this egregious database construction is to make it not-economic. That means that everyone ... and I mean, everyone .... who keeps a database on you, from the grocery-store club-card to your bank to Amazon to Google ... must get in touch with you personally, by mail, every year, to show you what data is collected on you, to give you the oppty to make corrections, to select your privacy options (eg do nto share) and to opt out. The exception would be healthcare.

Yanno, if people opted out of the credit-reporting databases, the downside would be that banks wouldn't want to extend loans to an unknown risk. Considering how indebted the average American is, maybe cutting of the 'ole credit card might not be such a bad idea ...

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 6:57 AM

Quote:
Originally posted by Wishimay:
I don't think ANY of the hacks are unintentional. Gov't has your data already, all they lack is your "permission" to control it.

With the data reporting companies going down, and the CEO's will soon be prosecuted for insider trading when they dumped their own stocks this morning...Who is left but Big Brother Blue Sun....

the execs started dumping their stocks a month ago.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 10:12 AM

I believe in solving problems, not sharing them.

Quote:
Originally posted by JEWELSTAITEFAN:
Quote:
Originally posted by Wishimay:
I don't think ANY of the hacks are unintentional. Gov't has your data already, all they lack is your "permission" to control it.

With the data reporting companies going down, and the CEO's will soon be prosecuted for insider trading when they dumped their own stocks this morning...Who is left but Big Brother Blue Sun.... WISHY
the execs started dumping their stocks a month ago. JSF

I'll bet if you could find the date where they started dumping their stocks, that's the REAL date when the CIO had to tell the rest of the execs that there had been a major data breach. Maybe it was even July 29, but I wouldn't be surprised if it was a lot earlier.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 1:48 PM

RIVERLOVE

With 143 million people to choose from to steal their money and turn their lives upside down, I believe the odds are very good that I'm as safe as I ever wasn't.

NOTIFY: N | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 2:27 PM

I believe in solving problems, not sharing them.

Quote:
Equifax Hit With $70 Billion Lawsuit After Leaking 143 Million Social Security Numbers

One day after Equifax announced (more than one month after it itself had learned) that its systems had been hacked, resulting in up to 143 million social security numbers, names, addresses, driver’s license data, birth dates, some credit card numbers and pretty much all other critical personal data being leaked and currently for sale somewhere on the dark web, the company whose job is, ironically, to protect the credit and personal information of hundreds of millions of Americans has been hit with a monster class-action lawsuit seeking as much as $70 billion.

In retrospect, we find it surprising that it wasn't multi-trillion lawsuit in light of the galactic stupidity exhibited by a company whose server apparently had zero firewalls from the internet and where any hacker could get access to the most confidential information available. In the lawsuit, plaintiffs alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack, Bloomberg reports. Imagine how much angrier they would be if they found that instead of "saving" the money, the company used it instead to buy back its own stock (in this case from selling executives).

“In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect Ms. McHill and Mr. Reinhard’s information from unauthorized access by hackers,” the complaint stated. “Equifax knew and should have known that failure to maintain adequate technological safeguards would eventually result in a massive data breach. Equifax could have and should have substantially increased the amount of money it spent to protect against cyber-attacks but chose not to.”

The plaintiffs in the lawsuit are Mary McHill and Brook Reinhard. Both reside in Oregon and had their personal information stored by Equifax. Tens of millions more will join the lawsuit shortly once they realize their data has similarly been hacked. Readers can find out if they have been affacted by the leak at the following site.

According to Bloomberg, the case was filed by the firm Olsen Daines PC along with Geragos & Geragos, a celebrity law firm known for blockbuster class actions. Ben Meiselas, an attorney for Geragos, said the class will seek as much as $70 billion in damages nationally.

Finally, as one social media commentator put it, "In retrospect it seems like a really dumb idea to give three random companies access to the entire financial records of every American."

http://www.zerohedge.com/news/2017-09-08/equifax-hit-70-billion-lawsui
t-after-leaking-143-million-social-security-numbers

Seriously, the only servers that I know of that aren't ever updated or firewalled are Microsoft servers. That's because people who use Microsoft are unbelievably stupid about computer security; they just load the software and kind of walk away, letting it run for years and years - literally- without ever even patching security holes. I went rounds with our so-called IT department about their lack of security. That led to all kinds of problems down the line, in the lab.

And just imagine - our hospital IT systems are just as bad.

I still lay part of the blame on the NSA. I'm convinced they had a deal with MS to build in backdoors for NSA snooping (NSA_KEY) and prevent strong encryption, and when Judge Penfield Jackson was going to break MS apart for monopolistic behavior, the (so-called) Justice Department swooped in and saved the MS monopoly's #ss.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Friday, September 8, 2017 9:48 PM

1KIKI

Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.

Oh, hey, thanks for the reply! I think having your info in government/ business/ hacker hands is inevitable (until we get serious about privacy). It just - I dunno - they can sneak it from me and they probably have, they can steal it from me and they probably have, but I'll be dipped if I knowingly hand it out.

Quote:
Originally posted by Wishimay:
I don't think ANY of the hacks are unintentional. Gov't has your data already, all they lack is your "permission" to control it.

With the data reporting companies going down, and the CEO's will soon be prosecuted for insider trading when they dumped their own stocks this morning...Who is left but Big Brother Blue Sun....

I dunno. Maybe for the majority of people Gov't regulating that info might not be sucha bad things, either. I mean, identity theft is getting harder and harder for law enforcement and regular people to handle anyway.

I agree, the thought scares me shitless...but...who else can do it???

NOTIFY: N | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 9, 2017 12:03 AM

I'm thinking you all should head out to give blood along with your name, because shirley your DNA will be safe from data theft or Insurance Industry sale.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 9, 2017 1:04 AM

Then what IS your solution?? I'm all ears...

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 9, 2017 11:11 PM

Quote:
Originally posted by JEWELSTAITEFAN:
I'm thinking you all should head out to give blood along with your name, because shirley your DNA will be safe from data theft or Insurance Industry sale.

Ooops. I was just reminded that some States require, with mere arrest, providing complete DNA sample, to be kept on file forever. And what kind if of lame data security will be there?
So my smart aleck comment was effectively moot before it was posted.
So now I'll just say we should try to think of more ways to forfeit our privacy and rights.
I do wonder, however, if every Law Enforcement Officer also provided their DNA, since they are already fingerprinted.

And please send all of your personal data and passwords to JSF.com to see if your info was breached by Equifax.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Sunday, September 10, 2017 6:13 PM

Quote:
Originally posted by 1kiki:

143 million people could be affected

I wonder if anybody bothered realizing that this is every single person who has a credit report that could be effected.

Once you eliminate the 143 million, everyone in the country under 18 and all the illegals who don't have credit from the equation, who do you have besides the legal citizens who cash their checks at the local currency exchange?

I'd recommend signing up for Credit Karma and just watching your stuff for a while. It's a good habit to get into anyway. If you catch things fast enough, you're not on the hook for anything fraudulently charged to your cards anyhow, and even if you're not super quick the most you'd get dinged is like $50 if you let it sit too long without speaking up.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 7:46 AM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

In 1968, Congress passed the Truth in Lending Act, which imposed a variety of regulations on the lending industry. One notably simple provision was that consumers could be held liable for no more than $50 if their credit cards were stolen and used without their authorization. For anything above that, it was the credit-card issuer who had to pay. The result was predictable: Credit-card companies have since taken it upon themselves to develop a wide range of effective anti-fraud programs. Congress didn’t tell them to do it, or even how. It just made them responsible for the losses, and the card issuers did the rest themselves.

The same method should be used for identity theft. There’s no need to create mountains of regulations, which are uniformly despised by the credit industry. Instead, simply make the industry itself — and any institution that handles personal data — liable for the losses in both time and money currently borne by consumers. The responsible parties will do the rest themselves.

www.motherjones.com/kevin-drum/2017/09/heres-why-i-hate-credit-reporti
ng-agencies-and-why-you-should-too/

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 8:35 AM

Quote:
Originally posted by second:
The same method should be used for identity theft. There’s no need to create mountains of regulations, which are uniformly despised by the credit industry. Instead, simply make the industry itself — and any institution that handles personal data — liable for the losses in both time and money currently borne by consumers. The responsible parties will do the rest themselves.

I'm not arguing here, but I'm just wondering how you would do this. Making credit card companies responsible for the money is relatively easy by comparison because there is an actual dollar amount to the transactions.

How would you, for example, make a hospital responsible for leaking the medical records of thousands of patients? This information could do things like kill an election bid for a political candidate or somebody might have been keeping an illness like cancer from their family and this is how they find out about it, or it could just be all around embarrassing for the information to get out.

How do you put a price on any of that? Would somebody who was generally a healthy person not be compensated in any way compared to the examples above, even though their privacy was invaded just as much?

BTW... I did just mention the $50 thing in the post right before yours. I can't tell if you were verifying what I said or if you didn't see that I posted it already.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 11:35 AM

I believe in solving problems, not sharing them.

WISHY- you asked what to do.

From a personal standpoint, I would NEVER do anything related to money over my smart phone. Don't pay using your smart phone, don't check your bank balance using your smart phone, don't get notifications about your bank balance using your smart phone. According to Symantec, half of all smart phones are infected with keystroke loggers.

I limit my use of my smart phone to texting, calling, and taking pictures, which I send to a secured PC thru a secure emailer. Although I have a number of professional contacts and phone numbers in my contacts list, all of my nearest and dearest in my contacts list do NOT have clear names listed, they're coded. If I lose my phone, or if my contacts list is breached, this prevents anyone from being able to call DD and pretend to be speaking for me by calling her by name and using MY name. ("Hello ______, your mom _____ asked me to call. She wants me to pick you up at ____.")

Don't run Microsoft on your PC. If you can run Debian Linux. If that doesn't work, run Ubuntu. If THAT doesn't work for you, run Mac or OSX (Apple) operating systems.

Don't use Wifi. It's another huge security hole.

Check your internet settings. You an allow some things (Java) and disallow others (eg pop-ups, cookies).

Don't click on suspicious websites.

Don't even click on emails from unfamiliar senders.

Don't subscribe to applix like LinkedIn or Instagram or Facebook; they take possession of all of your content and control your account.

Don't use Gmail. (I use fastmail.fm)

Depending on how much privacy you want, feel free to use anonymizers such as startpage.com to do searches.

Changing your passwords frequently is less secure than making and keeping good ones. (The reason why changing is poor practice is because people then stick to passwords that are easily remembered or calculated.) The first letters of the first eight or so words of a favorite song interspersed with numbers (LGD2B2DTH: Let's get down to business, to defeat the Huns!- Mulan) is both memorable and impossible to guess.

Once your info is on an outside server .... even fireflyfans.net ... you give up control; there's no way around it. Banks, credit cards, doctor's office, online vendors, club cards, website subscriptions, utilities ... all vulnerable to hacking, and there's nothing you can do about it except bitch to you Congressperson and the FCC.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 12:00 PM

I like that password idea. I never thought of that.

Make sure you update Java whenever it asks. Hard to do without on your PC these days, but it's super easy to exploit if you have old Java running.

I also burn everything that comes to my house with my name and address on it.

Only once did somebody get a hold of one of my cards. I don't know how the hell that they did it. I'm guessing the "genius" that actually used it wasn't the one smart enough to get their hands on the information originally though.

The dumbass made a bunch of purchases and also paid off their Comcast bill with it. I don't imagine it was too difficult for the CC company to track that idiot down. I didn't bother following up on that since it was their problem and I got a new card/number. I doubt that even if I could get a hold of somebody who could give me an answer about what they ended up doing to that guy that they wouldn't tell me anyhow.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 2:08 PM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

Quote:
Originally posted by 6stringJoker:

How do you put a price on any of that? Would somebody who was generally a healthy person not be compensated in any way compared to the examples above, even though their privacy was invaded just as much?

BTW... I did just mention the $50 thing in the post right before yours. I can't tell if you were verifying what I said or if you didn't see that I posted it already.

I saw you write $50, which is why I posted.

How to price this harm? Congress could assign specific minimum values— statutory damages — for each of the acts associated with identity theft. Extending credit without conducting adequate background checks, or issuing a faulty credit report thanks to undiscovered theft of identity, might be worth $10,000 per incident. Losing someone’s personal information in the first place might be worth less — perhaps around $1,000 — since only a small percentage of cases of information loss ultimately lead to a full-fledged theft of identity.

The establishment of statutory damages would allow consumers to bring personal or class-action lawsuits for any of these transgressions. (Currently, such suits are difficult to win because breaches of privacy are extremely hard to value — some courts even flirt with the notion that privacy has no value at all.) And consumers would not need to show that those responsible for the theft acted negligently. When your money is stolen from a bank, the bank is liable no matter how diligently it tried to protect it. That’s why banks take care of your deposits. If the credit industry and other data-handlers knew that the legal system would hold them responsible for extending credit to impostors, issuing inaccurate credit reports, or losing data, you can bet they’d figure out better ways to stop those things from happening.

The beauty of this solution is that by giving the credit industry a financial stake in solving the problem, it uses market-based self-interest rather than top-down federal mandates. Instead of relying on a regulatory agency to levy fines — or not levy them, depending on the administration — it gives companies an incentive to change their behavior.

www.motherjones.com/wp-content/uploads/2017/09/blog_you_own_you.pdf

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 6:58 PM

I agree with all of that.

Something similar happened in the 90's with the video game industry after games like Doom and Night Trap came out. Rather than allow the Government to get involved and start censoring things, the ESRB rating system was devised by the industry and any game that is licensed to sell on their platforms by Nintendo, Sony and Microsoft are required by those companies to be rated before they hit the shelves. The makers of the games make sure to give them fair ratings and not try to sneak anything past the system because it could impact future business with the major console manufacturers if any scandals happen after release.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 9:17 PM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

Quote:
Originally posted by 6stringJoker:
I agree with all of that.

Something similar happened in the 90's with the video game industry after games like Doom and Night Trap came out. Rather than allow the Government to get involved and start censoring things, the ESRB rating system was devised by the industry and any game that is licensed to sell on their platforms by Nintendo, Sony and Microsoft are required by those companies to be rated before they hit the shelves. The makers of the games make sure to give them fair ratings and not try to sneak anything past the system because it could impact future business with the major console manufacturers if any scandals happen after release.

With a threat of federal regulations, the video game industry voluntarily regulated itself.
https://en.wikipedia.org/wiki/Entertainment_Software_Rating_Board#Form
ation_and_early_years

Likewise, the credit rating industry will need to be threatened by Congress. I believe this particular Congress will find many excuses to avoid that action.

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 9:45 PM

Quote:
Originally posted by second:

Likewise, the credit rating industry will need to be threatened by Congress.

Agreed.

Quote:
I believe this particular Congress will find many excuses to avoid that action.

You're probably right.

What happened the last 8 years though? This isn't exactly a new problem. Was everybody too high on "Hope and Change" to actually get anything positive done?

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 9:51 PM

I believe in solving problems, not sharing them.

Quote:
What happened the last 8 years though? This isn't exactly a new problem. Was everybody too high on "Hope and Change" to actually get anything positive done?= SIX

No, they were too busy bailing out the banks, strenuously avoiding prosecuting the perpetrators of financial fraud, spying on us en masse, requiring that ALL of our health information be computerized (to make healthcare "cheaper" and "more efficient"), and avoiding passing meaningful re-regulation on the banks.

Good job, Obama!

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 9:54 PM

Oh right... I forgot. They were too busy doing their jobs to actually serve the people.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 10:04 PM

I believe in solving problems, not sharing them.

Obama could not have prepared us for corporate rape better than if he had tied us down spread-eagle himself.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Tuesday, September 12, 2017 11:20 PM

Quote:
Originally posted by SIGNYM:
Quote:
What happened the last 8 years though? This isn't exactly a new problem. Was everybody too high on "Hope and Change" to actually get anything positive done?= SIX
No, they were too busy bailing out the banks, strenuously avoiding prosecuting the perpetrators of financial fraud, spying on us en masse, requiring that ALL of our health information be computerized (to make healthcare "cheaper" and "more efficient"), and avoiding passing meaningful re-regulation on the banks.

Good job, Obama!

Maybe you forgot handing over custody of Automakers to Union goons.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 6:59 AM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

Quote:
Originally posted by SIGNYM:

Obama could not have prepared us for corporate rape better than if he had tied us down spread-eagle himself.

It is Congress that acts to prevent rape, not the President. It is as if you are a Russian who imagines President Obama had the power of President-for-Life Putin.

It only takes two Senators to scare an industry into better behavior, but the Senators have to be persistent and focused. When they make threats, it has to be believable that they will carry out their threats by convincing the rest of Congress. There are plenty of big talkers in Congress, but none of them are believable. Returning to "voluntary" origin of the ESRB rating system, in the United States Senate, Democratic Senators Joe Lieberman of Connecticut and Herb Kohl of Wisconsin led hearings on video game violence and the corruption of society which began in 1992. Lieberman in February 1994 threatened to propose the creation of a federal commission for regulating and rating video games.

www.escapistmagazine.com/articles/view/video-games/columns/the-needles
/1300-Inappropriate-Content-A-Brief-History-of-Videogame-Ratings-and-t

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 7:27 AM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

It’s Time to Regulate the Hell Out of Credit Reporting Agencies
by Kevin Drum
www.motherjones.com/kevin-drum/2017/09/its-time-to-regulate-the-hell-o
ut-of-credit-reporting-agencies/

Yesterday I wrote about freezing your credit records, so I guess I should stay up on the latest news. Via the New York Times, here it is:

Quote:
You howled in protest, and Equifax had no choice but to respond.

On Tuesday, the company said it would waive all fees until Nov. 21 for people who want to freeze their Equifax credit files. It will also refund any fees that anyone has paid since Thursday, though the company would not say whether this would be automatic.

Why do I hate credit reporting agencies? Let me count the ways. It’s beyond unbelievable that Equifax didn’t do this immediately, since there’s certainly no reason that anyone should have to pay for a freeze that they need only because of Equifax’s own negligence. But this level of imperiousness is par for the course for these guys.

For any normal company, a fee like this would have been lifted instantly. They’d understand immediately that anything else would be an epic PR disaster. But the thing is, you aren’t a customer of Equifax. They don’t give a rat’s ass about you. Nor do they care about a PR disaster. It’s not as though they’ll lose your business, after all, since they never did any business with you in the first place. All they do is collect all your financial data without your permission and then sell it to other people.

(Actually, that’s not all they do. They also make your life hell if you have the gall to find an error in your credit record and ask them to fix it.)

Needless to say, Equifax declined to talk to the Times reporter about any of this, because why should they? However, he did hear something from a reader:

Quote:
A reader named Kimberly Casey forwarded me an email exchange between her and Mr. Adams where he apologized and said that a service to “lock” Equifax, Experian and TransUnion files simultaneously would be coming soon.

This is beyond belief. There are three credit reporting agencies, and if you want your credit records frozen you have to order a freeze from all of them. This was outrageous when I wrote about it twelve years ago, and obviously nothing has been done about it since then. Why? Because none of the credit reporting agencies care about you. Their customers are the businesses who request credit checks, and their attitude toward everyone else is that they should pound sand. Congress lets them get away with this because—well, who knows? Probably because Congress doesn’t really care either unless their reelection is threatened somehow.

Where are Bernie Sanders and Elizabeth Warren when you need them? They should be screaming about this. The credit reporting agencies have gotten away forever with treating consumers like bothersome children: screwing up their credit records, ruining their lives, making it deliberately difficult and expensive to lock accounts, and making money off the whole thing by offering “insurance” against problems that they themselves cause. Someone in Congress who allegedly cares about ordinary working folks should introduce a bill to regulate the hell out of these folks. Not only is it the right thing to do, but it’s hard to think of any industry that more richly deserves it.

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 8:18 AM

You still didn't answer my question Second. Fine. Obama didn't have the power to do it (or the will to even talk about it, I might add). It wasn't that long ago when we had Democrats in the majority in both the house and senate while he was president. Identity theft was already a very big thing at that point. Why was nothing done with a congress that you insinuate would more likely pass regulations or at least threaten the action against those who hold our private information?

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 9:11 AM

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at https://www.mediafire.com/two

Quote:
Originally posted by 6stringJoker:
You still didn't answer my question Second. Fine. Obama didn't have the power to do it (or the will to even talk about it, I might add). It wasn't that long ago when we had Democrats in the majority in both the house and senate while he was president. Identity theft was already a very big thing at that point. Why was nothing done with a congress that you insinuate would more likely pass regulations or at least threaten the action against those who hold our private information?

Write your Congressman for the answer. Good luck getting the truth from him. But why expect me to have the answer for the weirdly self-defeating behavior of the lower 99% of Americans and Congress?

Only rarely are less than 90 percent of the members of the House of Representatives re-elected. And while the Senate is more competitive, it is rare for less than 80 percent of senators to be re-elected. Senator Tom Coburn described the situation well when he said, “In several election cycles in recent history, more incumbents died in office than lost reelection bids.” Members of Congress enjoy some of the best job security in America — and the least amount of accountability. This is from the article "How Was 91 Percent of Congress Re-Elected Despite a 10 Percent Approval Rating?"
www.huffingtonpost.com/todd-phillips/congress-election-results_b_21149
47.html

I believe the reasons I hear voters give for reelected their awful Congressmen are untruthful and I'm not Sigmund Freud who can talk them out of their nonsensical mental constructs. In a classic study from the mid-1950s, the social psychologist Leon Festinger and his colleagues suggested that when the predictions of apocalyptic or messianic movements don’t come to pass, it can actually make their adherents more devoted to the cause. He based his findings on a study of a UFO cult that believed the world would end in 1954. Political parties are run like cults, with Republicans more cult-like than the Democrats. I really believe 99% of Americans (Dem, Rep, Lib, Green, Independent) are nuts.
www.slate.com/articles/technology/future_tense/2017/09/isis_s_apocalyp
tic_prophecies_aren_t_coming_true.html

The Joss Whedon script for Serenity, where Wash lives, is Serenity-190pages.pdf at www.mediafire.com/folder/1uwh75oa407q8/Firefly

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 9:21 AM

That's not an answer.

Try again.

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Wednesday, September 13, 2017 10:09 AM

I believe in solving problems, not sharing them.

Quote:
Obama could not have prepared us for corporate rape better than if he had tied us down spread-eagle himself.- SIGNY
It is Congress that acts to prevent rape, not the President. It is as if you are a Russian who imagines President Obama had the power of President-for-Life Putin.

It's as if you're an asshole who dodges into name-calling the minute you run out of argument. But I know how you get a bit tetchy when someone questions Obama's sainthood.

Quote:
111th United States Congress

The One Hundred Eleventh United States Congress was a meeting of the legislative branch of the United States federal government from January 3, 2009, until January 3, 2011 ... In the November 4, 2008, elections, the Democratic Party increased its majorities in both chambers, giving President Obama a Democratic majority in the legislature for the first two years of his presidency. A new delegate seat was created for the Northern Mariana Islands. The 111th Congress had the most experienced members in history: at the start of the 111th Congress, the average member of the House had served 10.3 years, while the average Senator had served 13.4 years. This Congress has been considered one of the most productive Congresses in history in terms of legislation passed since the 89th Congress, during Lyndon Johnson's Great Society.

https://en.wikipedia.org/wiki/111th_United_States_Congress

The Democrats had anywhere between 55-58 votes, and there were two Independents who caucused with the Dems. In the House, Dems had 254 - 258 votes, giving them approx 69% of the vote. Clearly, the Dems were able to pass a large amount of legislation during those two years, which is why it was considered "productive".

Too bad for us, neither Congress nor the President were committed to either net neutrality or cybersecurity. Obama WAS, however, committed to putting us all under NSA scrutiny, throwing money at the banks, not prosecuting financial fraud, and throwing government money at private health insurers. I could also mention executing Americans without a trial or conviction (Obama "I'm really good at killing people" http://www.washingtontimes.com/news/2013/nov/4/obama-brag-new-book-im-
really-good-killing-drones/ ) and in general shredding the Constitution while giving Americans the barest and least expensive crumbs he could get away with.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 16, 2017 4:54 AM

I believe in solving problems, not sharing them.

ANOTHER APP TO AVOID: APPLE "FACE ID"

Because who doesn't want to voluntarily enter their face and profile into a face-recognition database?

Quote:
Apple's New "FaceID" Could Be A Powerful Mass Spying Tool

Authored by Mac Slavo via SHTFplan.com,

On Tuesday, Apple revealed their newest phone. The new line was anticipated by Apple users and is another cult favorite. But many are rightly skeptical of the “FaceID” feature.

FaceID, is a tool that would use facial recognition to identify individuals and unlock their phones for use. Unsurprisingly, this has generated some major anxiety about mass spying and privacy concerns. Retailers already have a desire for facial recognition technology. They want to monitor consumers, and without legally binding terms and Apple could use FaceID to track consumer patterns at its stores or develop and sell data to others.

That seems minor on the surface, but the ramifications could be enormous.

It’s also highly possible that police would be able to more easily unlock phones without consent by simply holding an individual’s phone up to his or her face, violating the rights of the person to privacy.

But FaceID should create fear about another form of government surveillance too. And this one is a rights violation of every person on earth: mass scans to identify individuals based on face profiles. Law enforcement is rapidly increasing their use of facial recognition; one in two American adults are already enrolled in a law enforcement facial recognition network, and at least one in four police departments has the capability to run face recognition searches. This could make Apple the target for a new mass surveillance order.

While Facebook has a powerful facial recognition system, it doesn’t maintain the operating systems that control the cameras on phones, tablets, and laptops that stare at us every day.

Apple’s new system completely changes that. For the first time, a company will have a facial recognition system with millions of profiles, and the hardware to scan and identify faces throughout the world.

According to Wired, this is a system already ripe for government abuse. The government could issue an order to Apple with a set of targets and instructions to scan iPhones, iPads, and Macs to search for specific targets based on FaceID, and then Apple would provide the government with those targets’ location based on the GPS data of devices’ that receive a match. Apple has a good record of fighting for user privacy, but there’s only so much the company could do if its objections to an order are turned down by the courts. And the government is already looking into how this could benefit them, but are hiding behind the guise of “privacy.” On Wednesday Sen. Al Franken (D-Minnesota) released a letter to Apple CEO Tim Cook, asking how the company will handle the technology’s security and privacy implications.

But this type of sleazy “Big Brother” activity by the government is not new.

Over the last decade the government has increasingly embraced this type of mass scan method. Edward Snowden’s disclosures revealed the existence of Upstream, a program under FISA Section 702 (set to expire in just a few months). With Upstream, the NSA scans all internet communications going into and out of the United States for surveillance targets’ emails, as well as IP addresses and what the agency has called cybersignatures. And last year Reuters revealed that Yahoo, in compliance with a government order, built custom software to scan hundreds of millions of email accounts for content that contained a digital signature used by surveillance targets. –Wired

Mass facial recognition scans are unconstitutional and a gross violation of human privacy rights. But that has yet to stop the overreaching government from its pursuit of an even more effective method of their goal of dystopian mass surveillance.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 16, 2017 8:19 AM

Quote:
Originally posted by SIGNYM:
ANOTHER APP TO AVOID: APPLE "FACE ID"

Because who doesn't want to voluntarily enter their face and profile into a face-recognition database?
Quote:
Apple's New "FaceID" Could Be A Powerful Mass Spying Tool

Authored by Mac Slavo via SHTFplan.com,

On Tuesday, Apple revealed their newest phone. The new line was anticipated by Apple users and is another cult favorite. But many are rightly skeptical of the “FaceID” feature.

FaceID, is a tool that would use facial recognition to identify individuals and unlock their phones for use. Unsurprisingly, this has generated some major anxiety about mass spying and privacy concerns. Retailers already have a desire for facial recognition technology. They want to monitor consumers, and without legally binding terms and Apple could use FaceID to track consumer patterns at its stores or develop and sell data to others.

That seems minor on the surface, but the ramifications could be enormous.

It’s also highly possible that police would be able to more easily unlock phones without consent by simply holding an individual’s phone up to his or her face, violating the rights of the person to privacy.

But FaceID should create fear about another form of government surveillance too. And this one is a rights violation of every person on earth: mass scans to identify individuals based on face profiles. Law enforcement is rapidly increasing their use of facial recognition; one in two American adults are already enrolled in a law enforcement facial recognition network, and at least one in four police departments has the capability to run face recognition searches. This could make Apple the target for a new mass surveillance order.

While Facebook has a powerful facial recognition system, it doesn’t maintain the operating systems that control the cameras on phones, tablets, and laptops that stare at us every day.

Apple’s new system completely changes that. For the first time, a company will have a facial recognition system with millions of profiles, and the hardware to scan and identify faces throughout the world.

According to Wired, this is a system already ripe for government abuse. The government could issue an order to Apple with a set of targets and instructions to scan iPhones, iPads, and Macs to search for specific targets based on FaceID, and then Apple would provide the government with those targets’ location based on the GPS data of devices’ that receive a match. Apple has a good record of fighting for user privacy, but there’s only so much the company could do if its objections to an order are turned down by the courts. And the government is already looking into how this could benefit them, but are hiding behind the guise of “privacy.” On Wednesday Sen. Al Franken (D-Minnesota) released a letter to Apple CEO Tim Cook, asking how the company will handle the technology’s security and privacy implications.

But this type of sleazy “Big Brother” activity by the government is not new.

Over the last decade the government has increasingly embraced this type of mass scan method. Edward Snowden’s disclosures revealed the existence of Upstream, a program under FISA Section 702 (set to expire in just a few months). With Upstream, the NSA scans all internet communications going into and out of the United States for surveillance targets’ emails, as well as IP addresses and what the agency has called cybersignatures. And last year Reuters revealed that Yahoo, in compliance with a government order, built custom software to scan hundreds of millions of email accounts for content that contained a digital signature used by surveillance targets. –Wired

Mass facial recognition scans are unconstitutional and a gross violation of human privacy rights. But that has yet to stop the overreaching government from its pursuit of an even more effective method of their goal of dystopian mass surveillance.

It seems some people have forgotten the catchphrase of Apple. "Computers for people who don't know how to use computers"
Have somebody else do your thinking for you. Or, as Baldwin says, "thinking? There's an app for that"

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 16, 2017 11:07 AM

I believe in solving problems, not sharing them.

Quote:
"thinking? There's an app for that"

haha! Too true!

Meanwhile, back in Equifax-land ...

Quote:
Another Coverup? Equifax Accused Of Scrubbing That Its Chief Security Officer Was A Music Major

*****
Update: And... she's gone: EQUIFAX SAYS CIO AND CHIEF SECURITY OFFICER ARE RETIRING

Retired, not fired? Well, I'll bet Ms Mauldin wasn't making the strategic decisions anyway. She probably was just doing what the CEO told her to do, so she got rewarded with a nice retirement.

Quote:
Meet Susan Mauldin, the Equifax Chief Information Security Officer, and the person who was responsible for keeping the highly confidential and secret information of over 100 million Americans well... highly confidential and secret.

Mauldin has been with Equifax as CSO / CISO since 2013. She was previously Senior Vice President and Chief Security Officer at First Data Corporation, until July 2013. Mauldin was also SunTrust Banks’ Group Vice President from 2007 to 2009.

So far so good, but a problem emerges: according to LinkedIn, Mauldin’s stated educational background has no security or technology credentials, and consists of.... a bachelor’s degree in music composition (magna cum laude) and a Master of Fine Arts degree in music composition (summa cum laude), both from the University of Georgia. Once again, this is the person who was in charge of keeping your personal and financial data safe — and whose failure to do that have put 143 million at risk from identity theft and fraud.

You don't NEED a degree in a topic to be highly educated and skilled, but for this woman, the proof is in the pudding: She sucked at securing the data.

Quote:
Or rather, that's what her LInkedIn profile would have disclosed if in the hours after the scandal broke, "someone" didn't thoroughly scrub and censor it.

As MarketWatch's Brett Arends writes, "there has been very little coverage so far of Susan Mauldin’s background and training. Given the ongoing disaster of the hack and Equifax’s handling of the affair, the media spotlight has so far been elsewhere." It now emerges that someone was very keen on keeping as little information about Mauldin's background in the public domain as possible.

Shortly after the Equifax scandal broke, Maludin's LinkedIn page was made private and her last name replaced with “M.” Below is a screengrab showing Susan Mauldin’s old and current LinkedIn pages in Google search results as of 9/9/2017.

A few days after the news of the data hacking broke, the following page reappeared a with a different url, with the specific detail that her degrees were in Music Composition removed. Also, her surname Mauldin was replaced with the initial letter M. to complicate profile discovery.

Among the skills touted on her LinkedIn page: Data Center, IT Solutions, PCI DSS, IT Service Management, IT Outsourcing.

Additionally, two videos of interviews with Mauldin have been removed from YouTube. A podcast of an interview has also been taken down. As Hollywoodlanews.com reports, in March 2016, Mauldin was interviewed on camera by the CEO of the big-data company Cazena.

The videos featuring parts of an interview with Susan Mauldin, which were embedded on this page, have been taken down as of the afternoon of September 10.

Just six days ago ...

Quote:

A partial transcript of her remarks during the interview have been archived for posterity by a third party. http://archive.is/6M8mg

The full interview videos went far in explaining what may have been the eventual cause of the massive leak of information now gravely affecting 143 million Americans.

The audio-only version of the interview that was publicly available on Soundcloud has also been scrubbed from the web.

* * *

Unfortunately for the scrubbers, internet archives preserved her original LinkedIn profile (shown above) which revealed her "music" background, and a transcript of one interview has survived.

So as CEO Richard Smith prepares for the upcoming congressional grilling, here are two more questions he can add to the list: first,

How far can a Chief Security Officer go in this business without a formal education in technology? In an interview uncovered by Brett Arends he notes that Mauldin said that in recruiting, “[w]e’re looking for good analysts, whether it’s a data scientist, security analyst, network analyst, IT analyst, or even someone with an auditing degree. ... Security can be learned.”

But she also said she focuses college recruitment, understandably, on “universities that have programs in security, cyber security, or IT programs with security specialties.” She did not mention music composition.

And second, was the company actively involved in what appears to be an active campaign to scrub the potentially embarrassing background of its Chief "Security" Officer?

As Arends concludes, and we agree, "everything about this fiasco just gets more and more surreal." It will be even more surreal however if as a reader points out, a woman diversity hire is the reason behind one of the largest hacks of financially sensitive data ever...

I take issue with the idea of her being a "diversity hire". I know an organization in which the entire line of Information Services management ... from Manager to the CEO ... has NO computer training at all. I think this dates back to the day when the CEO (who has since been replaced) decided he didn't want knowledgeable Unix programmers (because he didn't understand/ didn't want to hear what they were telling him) and thought it would be better if he went with Mucrosoft instead because then he could hire interchangeable people who would do what they were told. The only people who were willing to go along with this approach were people who knew jackshit about computers, programming, networking, communications and security, and since the CEO was the hiring authority it was the computer-sciences-deficient people who were put in charge.

That's probably what happened at Equifax. Computer security costs money in the form of redundancy, backups, and knowledgeable staff. There have been a series of server hacks with the last two rounds of viruses sweeping the globe. These viruses reveal that many companies in which server software is an important component of the "bottom line" have been particularly vulnerable, because companies are reluctant to take them offline for upgrades and patches, and don't have a redundant server to take their place in the interim. And their staff doesn't know how to make security work. They just install a server and flog it until it breaks or is broken by a hack. That's what happened to the big drug manufacturer Merck, which had to announce that the Petya ransomware actually affected production for months http://www.philly.com/philly/business/merck-is-the-target-of-a-massive
-hack-20170627.html and I've seen this happen elsewhere.

-----------
Pity would be no more,
If we did not MAKE men poor - William Blake

NOTIFY: Y | REPLY | REPLY WITH QUOTE | TOP | HOME

Saturday, September 16, 2017 2:27 PM