Slashdot Mirror
Dumpster-Diving for Your Identity
The NYT magazine has a story titled Dumpster-Diving for Your Identity - the author interviews two convicted identity thieves talking about their methods and successes.
← Back to Stories (view on slashdot.org)
I tried to use Google News to find a registration-free link. No luck. Will this do?
Dumpster-diving bears at greater risk
It's not about bears stealing your identity, though I pity the bear that applies for a Visa card with a FICO as bad as mine! But it is an interesting tale:
Then there are the people: One older woman set out a batch of syrup-slathered pancakes for the bears, and some parents smeared peanut butter on their children's faces so they could photograph cubs licking it.
Where's Darwin when you need him?
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
Remind me to check my dumpster here at the office for a NYT login...
But seriously, we use a shredding company here at my office for our important papers. They're supposed to do all the shredding "on site" in their truck. Yesterday they were here to empty our shred bins, and they brought in a big trash bin to haul our stuff out to the truck. One of these bins was sitting in the hallway, and no one was around, so I took a peek inside. It was papers from an accounting firm down the street! I mean, we're supposed to be paying these guys to keep our info secure, but here they are waiting until their bin is full before they shred anything?! Needless to say, I had a long conversation with our facilities manager after this...
If you want something done right, better do it yourself! I'm now using a $30 shredder BEFORE I dump anything in our shred bins! Who knows where our important documents have been travelling to before they actually got shredded?!
This is why I burn all my important docs, credit card offers, old checks, etc... at home, who knows who is going through your trash? All they need is an account number, and a shredded document can be taped back together with enough motivation and time... (although with some people being easy marks, I guess the harder you can make it, the better!)
My local police department recently published a blurb asking residents to dispose of identity theft-related materials (e.g., financial statements, anything with a SSN, etc.) in the ordinary garbage, instead of the "mixed paper" recycling bins as we've been asked by the rest of the city government.
It seems that identity thieves are very happy about the shared, clean, and portable "mixed paper" recycling containers found throughout my (rather affluent) city, and they tend to pick them up, quickly sort through the cereal and microwave dinner boxes for the good stuff, and have the container back before anyone notices.
Presumably today's dumpster divers have the luxury of avoiding coffee grounds, so you can go a long way towards protecting yourself by dumping the financial correspondence in with the smelly stuff.
those TV ads on ID theft are pretty damn funny though (the ones with voice-overs; grandma talking about 500hp pickup trucks with them naked ladies... mamacita). I have yet to be scammed, but I do now: that AIN'T funny. And those scumbags need to spent as much time in prison as rapists, pedophiles and murderers.
I produce very few pieces of paper that have sensitive information like this. I am more worried about the information on my computer, which is sensitive. Companies, on the other hand, do need to worry.
If my answers frighten you, stop asking scary questions.
If you're so worried about ID theft, then maybe you should keep a close eye on your credit card bills, credit scores, etc.. Buy a paper shredder. Shred all bank statements and whatnot before you throw them out. Internet-shminternet, dumpster diving is the fastest way to someone's finances. Get the carbons at the gas station, or stores where they still use the old carbon-thinger credit card machine.
I knew someone who got screwed big time by a gas station who would keep the carbons, and double bill her every time she filled up, the cash going straight into the owners pocket. She was a dope for letting it go on so long, as she never bothered scrutinizing her Visa bills. Turned out the station was owned by a Russian mobster. This was long before the world wide weeb.
Just don't toss your sensitive data into the dumpster where any bum can get your CC number.
What if all your bills are past due? Then it doesn't matter. It's like that old joke (or is it a scene from a movie?)...
"A thief stole my credit card and has been using it for the past couple of months."
"Oh my! Why haven't you reported it?"
"Because it still works out to be cheaper than me using it!"
Small potatoes make the steak look bigger.
This is the reason i have a fireplace in addition to central heat and air. Well, that and the fact that i like making smores.
[since I'm waiting for a build to complete, I'll bite..]
This is because back in the day (~1985) when people used to go 'trashing', they were usually buying various techno goodies (anyone remember the Prometheus modem with the clock?) for even more mischief. If the early hacking/phreaking geeks didn't invent trashing, they certainly brought it to a higher level...or lower depending on your perspective.
Not advocating btw, just relaying...
I've always taken a few moments to shred my bank machine receipts when I get them. Since sorting for recycling takes time anyway, I've always gone through it and shredded anything remotely useful, long before the notion of "identity theft" became mainstream.
Honestly, if people would just be a bit more paranoid, and not worry about being casual with risk as a fashion statement, these guys would have a lot less to go on.
That's with regard to personal papers. Businesses should know better, and should get their asses sued for failing to protect sensitive information that was entrusted to them by their clients.
Shredders are a form of technology, last time I checked. And, seeing as how this story comes straight from the "buy-a-shredder" department, it is directly related to shredders and is thus quite applicable to technology in general.
Go buy a shredder and port Linux to it today!
I'd argue that was nothing but a slap on the wrist, and not much of a deterrent to future fraudsters.
Outside of a dog, a book is man's best friend. Inside a dog it's too dark to read. - Groucho Marx
Im not saying Im agreeing with the parent post, but if you do, please remember that certain papers must be filed by you for a period of up to 10 years.. so you might want to do what most people in this situation does: buy a small file-safe... othervise you might end up having troubles with the IRS, and we dont want that, do we?
Here is an interesting couple of articles on identity theft by Robert X. Cringely (or Mark Stephens, depending on your version of reality).
Ego, Super-ego, and ID Theft
How to Steal $65 Billion
Dogma - "let's just say we'd like to avoid any empirical entanglements."
Splinter rules!
The New-York "registration required" Times running an article on people fishing for other people's personal information, that's amusing ...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Quick question...since personal shredders are only $30, why does your company use the shredding service at all? It would probably be cheaper to outfit every employee (or at least every department) with their own shredder than pay for 2 months of that service, when you empty your personal shredders, just use ordinary recycling for the shreds.
Jason
ProfQuotes
A little googling resulted in the same basic story without the registration:
refers to future article in NY Times
and
Over a year ago on CBS News
C'mon that wasn't even a decent troll. Pathetic.
Why do I need to do that? I know who I am..
To be honest I'm not so curious to hear from these two. What worries me is what the identity theives who DON'T get caught are doing!!!
One electronic version of "dumpster diving" would be looking through a company's website/anonymous FTP server. Sometimes, a few moronic folks decide to store otherwise-vital information in these "undisclosed" locations that anyone can get into over the web.
Somewhat popular among the consulting types, they upload client data to an FTP server, then fly off to the client's office, and download it from there...or maybe use it as a means to "share" data among themselves. Some forget to password-protect it, relying instead on security through obscurity.
How is this related to dumpster diving? Well, if you look hard enough, those servers are just like public-access trash bins fit for people to...um...recycle data.
If you're a consulting group, make sure you treat your client data with absolute confidentiality. If you're a business working with consultants, make sure they don't leak your info to the world.
>>Remind me to check my dumpster here at the office for a NYT login...
Use this to randomly generate a login for you
http://www.majcher.com/nytview.html
...burn it in the barbeque, or in a fireplace if you have one.
Dumpster-Diving for Your Identity
By STEPHEN MIHM
Published: December 21, 2003
tephen Massey was only a few minutes late, yet he apologized profusely as he strode into the lobby of a crowded restaurant in downtown Eugene, Ore. ''I'm very punctual about my time,'' he said, clasping my hand in a firm shake. With his freshly combed hair, crisp white shirt and trimmed mustache, he looked like an off-duty cop or fireman -- a ''pillar of the community,'' as he later described himself, a wolfish smile playing across his lips. Far from it: Massey, 39, directed one of the most extensive and notorious identity-theft rings prosecuted so far by federal authorities. By the time investigators broke the case, Massey and his partner in crime, a computer whiz named Kari Melton, had ruined hundreds of people's credit. A judge sentenced them to prison in 2000; Melton was released in 2001, Massey the next year.
Advertisement
The Federal Trade Commission estimates that identity theft costs nearly $53 billion annually. Some seven million people were victimized in 2002. Yet little is known about how the perpetrators actually operate. It's a popular perception that most identity theft happens on the Internet, but over the course of dinner, Massey quickly made clear that low-tech methods of getting people's personal information are far more effective. ''Every day was exciting,'' he recalled between mouthfuls of potato skins. ''We went to Vegas, Atlantic City. We made a business of it. It was like James Bond . . . 'Mission: Impossible.'''
In late October, Massey disappeared, violating the terms of his supervised release and prompting a national warrant for his arrest. It had become clear to me in five months of interviews that not everything he said was to be trusted, although much of it was verified by the detectives and prosecutors who had already investigated his crimes and by Kari Melton. As for Massey's current whereabouts, Steve Williams, a detective in the Eugene Police Department, who worked on the first case against Massey and is once again on his trail, said: ''My gut feeling is that he is in the Seattle area'' -- where he has family -- ''back to his old tricks, doing drugs, identity theft and counterfeit checks.''
If Massey has indeed resumed operations, it's a sure thing that he's not working alone. His identity-theft crimes depended on the work of a carefully built ring, one that employed hordes of petty thieves and drug addicts. If he sticks to his old techniques, his crimes will originate in Dumpsters and garbage cans, where information can be culled from discarded personnel files and other trash. It's not the most glamorous crime, but that doesn't make it any less devastating to its victims.
Discovering the Dump
Massey's life began to unravel in his late 20's, soon after he started experimenting with the highly addictive stimulant methamphetamine. Before that, Massey achieved some semblance of success, managing an awning-maintenance company, marrying and, with his wife, having two daughters. Then he and his wife divorced in 1992. Soon after, he remarried, and divorced a year later. His business began to decline. Sometime in the mid-90's, his teenage girlfriend offered him some meth. ''So here I am with no place to live, on the rebound and with a habit,'' Massey recounted. ''Who wants to look for a job again?'' Massey began hanging out with a much younger crowd of meth addicts, called ''tweakers,'' and forging checks to feed his drug use. It was during this time that he began to wonder if he could hijack people's identities for profit. He stumbled onto the answer soon after, when the meth-heads invited him to go ''Dumpster diving'' for junk. Massey and the teenagers piled into his Ford Explorer and drove to the outskirts of Eugene.
''It was the first time I had ever been to the dump,'' Massey recalled, wrinkling his nose. ''I said, 'I'm not going to get dirty,' so I wandered over to a shed where the recycling was stored. I notice there's a big barrel for rec
"A little tape, and a lotta patience goes a long way, get the picture?"
"I was an actor," Massey told me. "I could put on a new hat every day. Who do I want to be today? The feeling after you've just hooked them, is just, like, bam!" He smacked his fist into the palm of his hand. "Take that, Bank of America!"
Of course, by which he means, "Take that, people who have spent their lives helping other people and getting paid for it! All that money you saved is mine now!"
Not only is a two year sentence too short, it'd be fine with me if this guy were beaten to death.
There are no trails. There are no trees out here.
a fiancee of my cousin (who is in the Air Force), says that US military top secret documents, which are destined for destruction, have to be escorted by 2 armed guards, and thrown into an oven which bakes the quadruple-shredded-and-reshredded dust of the formerly top-secret document at 1600 F for 1 hour.
There are a huge number of yeast infections in this county. Probably because we're downriver from the bread factory.
Fireplaces produce too much air pollution. The ecologically correct way to dispose of these sensitive documents is to first shred them. Then mix the paper shredding into your backyard compost bin or worm bin and let nature dispose of it cleanly.
I doubt that many id theives would want to rummage through your compost bin, if they even thought to look there in the first place.
For added security, add a couple of large dogs to your backyard. They will help deter personal property thieves in addition to compost-diving identity thieves!
Hums, FIRE do do do do do, FIRE da da da...(Santana ?)
This is not a new technique and doesn't seem worthy of a Slashdot story. Low tech identity theft is nothing new or hard to do.
-=- Many seek good nights and lose good days.
While I cannot say for what reasons the poster above uses professional shredding services, I do know why such services still exist.
The difference between a $30 Office-Depot Shredder and a good commercial shredder is significant. The Cheapo shredder usually shredes only vertically, and does so usually so that there are about 20 cuts down one page. People sending 3-4 documents in at once will find that they have those 3-4 documents nearly intact, just cut into 20 vertical peices which are easy to put back together if someone is careful in extraction.
On the other hand, good commercial shredders litterall demolish the paper, turning it into sawdust like material that would be impossible (virtually) to reconstruct. Along these same lines, good document security companies use combination of methods, not just shredding to ensure security (read: chemical treatment, randomization, etc).
Brushfireb
If your mailbox is on the curbside like mine, seriously consider getting a secure lockable one where the mailman can only drop mail off, but a key is required to retreive it. I just received mine from oregontrailbox. I did some research, there are a few places that sell those under different names, but the ones I liked are actually the same box that seems to be manufactured by pinnacle (or pinnacle is yet another reseller of the same box made by a unknown third party....)
In any event, I will be installing my Heavy Duty Standard tomorrow...
--
OpenHosting Virtual Servers for the geeks.
I found the article useful since it provided ideas on HOW people gain access to your info. Made me think I have to do more.
One thing that was disappointing is that its not always a slip on an individual's part. A hospital could be sloppy with records and you've got a big target on your head. (...or wallet.)
Ron
PS: I do like those Citibank identity theft ads. They're funny. Too bad they didn't tell you more about how to protect yourself except to buy something.
"How, exactly does this apply to technology? Am I mistaken by assuming this is a "news for nerds" website? Oh well..."
Hmmm... I can't find the word technology in the phrase "news for nerds, stuff that matters." I even tried CTRL + F. No luck. I'm having serious trouble finding the source of your complaint here. Help?
"Derp de derp."
He had good credit and always got offers. He'd have bums sign the forms for beer money and have them sent to different places. Once enough cards came he would suck all the money out on cash advances, then clear up his credit, he knew how to do get it cleared quickly. It didn't take long before he got offers again and would start the cycle again.
I have had way too many people asking for my SSN in the last few years. It started with my dentist's secretary demanding it, and when I declined to provide it, she insisted that they needed it for my dental records.
I told her, "You're not offering me a job, and I'm not opening an iterest-bearing account with you. You don't need my SSN, and you're not getting it."
About a month ago, a freaking cell phone provider asked me for an SSN just to get an account with them? WTF?
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
since personal shredders are only $30, why does your company use the shredding service at all? It would probably be cheaper to outfit every employee (or at least every department) with their own shredder than pay for 2 months of that service
;)
Because $30 personal shredders suck ass. They're cheaply made, their motors burn up if you put more than 5 sheets at a time through them with any regularity, and they jam very easily.
Spend a hundred for each one and you might get something worth using.
Spend $1500 for a serious industrial crosscut confetti model and let 30 employees share it and your company is probably far better off than with either of the above options, or the shredding service.
Bonus points if the company then sells the shredded paper *directly* to a pulp mill
p
In Korea, long hair is for old people!
That is why I recycle all my personal papers into tinder for my wood stove.
Properly rolled and bound newpaper "logs" burn for a long time, and give up some nice heat.
I use the cheap single cut shredder to shred everything with personal info, this is good enough for starting the fire.
I cut the address from my old trade periodicals before I drop them off at the waiting room at my Doctor's office. Better computer magazines than Women's Day.
Now before all of you green geeks flame me, the county stopped collecting paper, ever since the price dropped. They had a scandal when it was exposed that they were dumping sorted recycle paper in the landfill with regular garbage.
As far as I know they still properly recycle glass, plastic and metals.
That's one of the reasons the military and (some) government agencies have adopted standarized protocols to deal with this kind of stuff and generally are quick to reprimand those who violate policy.
Many security problems these days have to do with the fact that people for some reason refuse to apply common sense -- requiring people to wear ID tags at all times and conducting thorough background checks is not going to do any good if you just dispose of confidential documents into some backyard alley dumpster.
accounts receivable
accounts payable
accounts incinerable
When I read about guys like this - they are always idiots. Basically he got caught because he was hanging around a bunch of crazy drug addicts.
I keep wondering if for every guy like this they catch, there must be like 3 guys who are really careful and "normal people" (i.e. professionally minded, don't take drugs or hang around prostitutes, etc.) who do these type of crimes to build up some large amount of money, then move someplace and live off the interest. Those would be the guys that would be real hard to catch.
I wonder if those kind of criminals exist and in what numbers?
Avoid Missing Ball for High Score
yeah, if you put your documents inside there I doubt any dumpster diver would be willing to touch it. :)
Why was this modded offtopic. Identity theft rings are operating overseas due to this kind of information whoring
The cost of having every employee or department having their own shredder isn't restricted to the initial $30/seat investment. There's also the time involved in shredding documents.
Probably not a good example, but:
I once had a job which involved faxing purchase orders to suppliers. When I first started, the process was:
- Print batch of purchase orders.
- Go to accounting department. (I didn't have a fax machine on my desk.)
- Fax each purchase order individually.
This process consumed 2 to 3 hours of each of my days.COST: 2 to 3 hours employee time per day.
SAVINGS: $100 one-time cost of fax machine
Upper management greatly improved the situation when they donated a fax machine from their office for my desk...because it didn't meet their needs - it didn't automatically identify the sender in the page headers.
COST: 45 to 60 minutes employee time per day; plus additional 40 minutes of long-distance calling per day for the header page.
SAVINGS: $100 one-time cost of fax machine; 2 to 2-1/4 hours employee time per day.
Although it saved the daily trip to the accounting office, faxing now required a header page identifying where the fax was coming from. At least I could be mostly-productive while doing the mindless hours of fax work.
Eventually, we did end up with a fax modem which was connected directly to the mainframe which saved even more time.
COST: $300 for the fax modem; software written in-house in about an hour
SAVINGS: 2 to 3 hours of employee time per day
Queue batch of purchase orders.
Time is money - even if it is 15 minutes.
He had all sorts of personal data in his home direcrtory: passport & visa applications, paycheck stubs for several years, copies of expense accounts including scans of credit card statements, info about his retirement from the company we used to be a part of, ...
Once I realized what it was I rm'ed it, but what would posses a supposedly rational person to not only save this data to a networked machine at work but to leave it there after leaving the company?
"Glory is fleeting, but obscurity is forever." --Napoleon Bonaparte
Getting all your employees to do it is the main problem. There is no way you're going to get the consistency you need.
Another reason is liability. Having a company you can sue is nicer than having to cut your own throat by firing someone who screws up.
a journalist in my country (Poland) made an investigation about possible uses of Kazaa to find data of national importancy (I cannot find URL now, and the article is written in polish ;).
In just a few hours he found documents related to national security and bussiness. Mostly because careless employers of crucial national institutions carelessly install Kazaa just to download junk, and don't even know (or understand) that they share C:\My Documents\ directory. This is outrageous.
The journalist said that not all national-importancy institutes suffer this sick employers behaviour, but some of them do. Which is proven by simple Kazaa search.
#
#\ @ ? Colonize Mars
#
This blatant theft of services is *exactly* how most people imagine Open Source users to be. I'm appalled to see Slashdot assisting in perpetuating this stereotype. We shouldn't steal content from other sites without their expressed written permission.
$30 personal shredders won't handle many items such as old badges, bernoulli disks, floppies, backup tapes, CD's, last year's Xmas fruitcake, whistleblowers, etc.
""Initially they were Dumpster diving (a few years ago), but now they've actually progressed into tearing open black garbage bags in cans that don't have lids," said Jessy Coltrane, the assistant area biologist for the Alaska Department of Fish and Game. "When moose start getting into garbage, they're almost worse than bears because they're pretty persistent about it."
...because something even more invasive would be put in its place. The Devil that ya know, and all that.
We don't even need to pass new laws to restrict the use of the SSN, because we already have them. It's not supposed to be used for any identification purpose other than actual Social Security.
Once again, the problem is not lack of laws. It's lack of enforcement. (Look at Bush and Kenny Boy, and tell me if you're surprised.)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
If it saved 2-3 hours of your time each day, aren't you worried about being expendable? If you're still there for the same amount of time, the company hasn't really saved anything, they've just made you a happier employee (and we know where that is on their priority list).
AFAIR, a closed CC account still shows up seven years after the last payment on that account was made. If you repeatedly close accounts and shortly afterwards open new ones, your credit scores are likely to suffer (think about it - a potential lender is going to consider this suspicious behaviour, resulting in jacked up interest rates or denied loan applications).
If you've been "a good customer"(tm) and try to cancel one of your credit cards they might actually be willing to waive your annual fee in order to "convince" you to stay. I got a two-for-one airline ticket deal that way once...
we will continue to have situations where the banks don't give a damn about your identity being stolen, and will continue to refuse assisting in investigations.
Why should they? It's a 100% writeoff.
Start changing the writeoff to 95% next year, 90% the year after that, 85% 3rd year, and see how fast they change their attitude.
We use a shredding company to do our work as well. The papers are put into a loosely locked box and picked up monthly.
The man who picks ours up is a toy short of a happy meal. He rarely says more than an incoherent mumble or two. Something usually about the damn lock on the door (I share his frustration).
We started using them after we shred about 5000 pounds of confidential data. I filled 12 large bins that they provided for us. These were probably 3.5 feet tall and large enough for at least two of my fat asses to fit inside easily.
Why do we use them? Because it would take me two or three days to destroy a single box of paper records that we have. I don't have time for that.
It's something like $500 for 5000 pounds. You do the math... Pay an employee $15/hr to shred documents for 3 days ($15 x 8) x 3 or $500 for 5000 pounds.
How would I go about finding out if someone else has some form of credit opened in my name?
Would a credit report indicate all of my accounts? (even the ones opened by fraud?)
A credit rejected letter is an identity theifs DREAM! by law, credit rejection letters contain not only pertinent stuff like your social security number, but they must give you a copy of your credit report if asked to show why you were denied. Once a thief gets your credit report it is all over. the credit report has every bank account and credit card number you own. as well as a lot of other personal info.
http://notanumber.net/
The two primary examples of this use are the medical profession adn the Motor Vehicles establishment, both of whom seem to think the SSN is a handy Unique ID. Obviously, this magnifies the security risk for anyone who complies. Here's how to deal with both.
When you sign up for health insurance, fill in the SSN field with the phrase "assign ID". Sometimes they will just do it, but usually some clerk will complain that you haven't completed the form, they can't process it, etc. Firmly explain (often several times) that this is illegal, and that their companies have procedures to handle this, and that they need to speak to their manager. They will soon return with a sheepish demeanor, and you will get an ID in the SSN format.
Now, whenever you go to ANY doctor, dentist, hospital, or whatever, fill in this assigned ID as your SSN on their form. If asked whether this is your SSN, simply respond that "This is the correct ID.", and do not let pressure you into revealing your SSN.
The DMV and police may be easier or more difficult to deal with. The DMV should have a checkbox on the form which allows you to decline using the SSN, usually with some corresponding inconvenience. E.g., some states will require you to come in for renewed licenses, whereas they will mail them if your SSN is in their system. If your state doesn't have this option and you cannot argue them out of it, transposing a few digits might not be a bad idea.
When dealing with the police (e.g., in a speeding ticket situation), I've found it is best not to tell them that their request for your SSN is illegal. Best to just say that you don't remember it. Of course you don't want to give false information, right?
These tactics will obviously not close all vulnerabilities, but they will eliminate two major potential sources of identity theft. Good Luck.
Besides the obvious answer of spend the money on an industrial shredder and have people shred their own material, why do you have to shred so much? It sounds like an insane waste of resources. 5000 pounds of printed paper probably costs about $10,000 to produce.
This again goes to the point made in the article that corporations bear at leaast some responsibility in this problem. Don't just gripe about it here, tell your legal department about what you saw. Tell the people in your company who are responsible for hiring that document shredding company. Tell that accounting firm that this company is not doing the job that they are hired to do. Speak up man! It may well have been your SSN, home addy, and other personal info in that bin.
Doing right for yourself is good, but take it a step better and help your company be a better corporate citizen. Tell everyone who will listen that they need to re-evaluate who they have shredding their docs!
If it is not bad intention, it is just stupidity. For a while, I had a fax number, which was the same as that of some medical lab (or insurance company) -- except for the area code.
Twice a week a fax would arrive from a doctor's office in my area -- thanks to an absent minded "office manager" or some such. Due to the nature of the business, all faxes contained not only the patients' names, SS#, but also diagnoses, health histories -- the works! I called them back every time -- boy, were the morons surprised... They never even bothered to check the fax ID string, which I had configured to my company's name.
Not to give any ideas, but how difficult is it for a scumbag to get a phone number similar to that of a claims department of an insurance company?.. Or a mortgage department of a bank? You can guess the other steps she/he will need to make. Mind you, completely passive and impossible to detect. No dumpster diving involved either -- totally white-collar job...
We can moan about the need to use encryption and authentication, but faxes don't have this feature at all. As long as this sort of information passes over telephone lines unencrypted, your info is not safe.
In Soviet Washington the swamp drains you.
What about idiot colleges who require are not allowed (legally) to request your social security number, but anyone can ask for your "student ID" which is coincidently the same?
(all sarcasm aside, really what could one do?)
Okay, I did the math. If it takes you 4 days to shred 5K pounds, and that rate is sufficient to meet or exceed the production rate, then you still win in employee time at $15/hr. (It'd be even cheaper to hire another person at $7.50/hr if they're spending all day at it.) This doesn't account for equipment, power, maintenance, or depreciation, but what did you expect for asking /. to do business math?
__CmdrTHAC0__
In Soviet Russia, Spanish Inquisition doesn't expect YOU!!
I'd prefer the one mentioned here to your puny cross-cutting confetti.(To find the relevant passage do a search for "flour".) http://www.wired.com/wired/archive/7.11/cheyenne_p r.html
Ahh, our tax dollars at work.
You guys ever hear of the paperless office? We're not even ALLOWED to have printers at my office anymore. Everything must be transmitted electronically. If something absolutely must be printed on dead wood then you need to order it special through a once per month batch job that runs. It's an insane pain in the ass and not worth it so NO ONE uses paper anymore.
It's the bulk. You can't rely on *all* staff to carry out disposal in accordance with legal/policy requirements, so it is up to the knowledge manager/records/archives staff. Disposal can then be carried out at regular intervals - but generally speaking no-one cares too much until they run out of physical space. By then, we could be talking tonnes of paper to be effectively disposed of - hence the outsourced shredding companies.
Digital purging is another issue, certainly no easier though unless documents are sentenced correctly at the time of creation. It is a massive task to carry out at 'disposal time'.
Based on the two replies so far, it appears that my original idea is worse than I possibly imagined. If /. had an editing feature, I would remove the post myself. Perhaps a -1 mod will keep others from reading it.
I want to sincerely thank igrp and John Meecham for pointing out the error of my ways. (And I am not being facetious)
Two wrongs don't make a right, but three lefts do.
I did this in the early 1990's.
Worst. Idea. Ever.
My son knew I had the credit there, and bought EIGHT apple macintoshes. I can't tell you how it feels to be living in 2003 and still be paying off part of a Performa 630.
The Cheapo shredder usually shredes only vertically, and does so usually so that there are about 20 cuts down one page
...
On the other hand, good commercial shredders litterall demolish the paper, turning it into sawdust like material that would be impossible (virtually) to reconstruct.
I have the second-cheapest cross-shredder I could buy from WallyWorld (Yeah, I know, evil, but show me a Mom&Pop that carries cross-shredders). For USD$25, I end up with 0.25" by 1.5" confetti. Good luck putting that back together.
And for a teensy bit extra security, when I empty the bin, I dump a cup of water on it for good measure. 15 minutes later I have paper mache - Even if you could still recognize a word here and there, how do you scoop it out of the wet blob to reassemble without obliterating it?. I suppose I could go a step further and burn it as well, but really, why bother? Anyone wanting my personal data that badly can get it a lot easier than searching my garbage for paper mush.
The easiest problem to attack here is that it's too easy to open a credit card account. If this were made a grueling, lengthy process requiring written correspondence, with extra safeguards for changing addresses, then all the credit card side of identity theft would be mooted.
The FTC website says that if you're the victim of identity theft, you can contact the credit bureaus to put a FRAUD WARNING on the top of your credit card report. This makes me wonder whether we should all just do this anyway.
I have read that in Europe, getting a credit card is difficult and not instantaneous, and that identity theft (at least, on the credit card side) is less of a problem.
OK, I'll burn some karma here by being off-topic and politically incorrect. I don't understand why everyone seems to be so concerned about NYT registration. I registered years ago, and just out of curiosity I looked at my user profile just now. It showed an old, long-defunct email address and a fraudulant zip code. There were some other demographic drop-down boxes that I had never selected. So what's the big deal? I had to supply an email address to register for /. too. Neither one has abused that information AFAIK.
heh. we have some german made beast of a shredder at my work. cant recall the brand name off the top of my head.... but it has no problem with floppy disks and CDs, we shred those in there all the time.
remove the safety guard, it would have no problem with backup tapes, last years xmas fruitcake, or the occasional whistleblower...
I'm looking to get a memory hole installed in my house actualy.
I could burn it a lot faster than that.
"We have got to make Stan understand the importance of voting, because he'll definitely vote for our guy." - South Park
Same thing happens at my building in Phoenix.. The State of Arizona has quite a few offices in my building, and they use a shredding service.
The shredding service parks large bins outside my datacenter while they take each one outside to the truck. These bins spend the majority of their time unattended and I've had more than a few opportunities to read what's in the bins.
It's amazing the amount of personal info I could walk away with if I was malicious. A lot of personal information related to child support payments and the like.. crazy the amount of stuff that is mishandled.
Wow, that sounds great for productivity...
I'm all for the paperless office, but sometimes things are taken to an extreme IMHO... there are exceptions that come up sometimes where paper simply is the best (or only) choice -- and having employees paid to wait around for a month seems a bit... backwards.
SSL Certificate
On topic and Funny. Of course you'll be modded "Troll".
Thanks though.
So why does SprintPCS have an account on me despite my not having any services from them? Why does the Paypal credit card from Providian still let me log in and shows my credit limit and last payment, 6 months after I cancelled that account?
it would take me three days to shred one box. One box holds 120 files. 5000 pounds is about 125 boxes.
((15 x 8) x 3) x 125.
Sometimes you need to store personal information on your work computer. The company may require you to create and maintain electronic forms for employee master records, resumes, skills lists, security clearance applications, expense accounts, travel requests and other forms with sensitive information. Many companies and organizations now use MS Office and Outlook/Exchange to handle all of their paperwork. It costs money and time to shuffle physical pieces of paper. It's easier to tell the employee to use an electronic form and email it to the appropriate person/department. It also creates a whole new set of security issues that few managers are willing to address.
Mea navis aericumbens anguillis abundat
I bought mine at target. Better than Wal-Mart.
"My God, this must be a truly remarkable corn chip, to be so widely and confidently touted."
Dumpster-diving is my identity!
How about changing the law so lenders are required to verify the identity of the people they lend money to? If they don't, they would be prohibited from taking any legal action against the debtor, referring the debt to a collection agency, or putting a black mark on the debtor's credit record. The identity verification process would have to meet high standards, comparable to what the government requires before issuing sensitive licenses and identification documents. Maybe a current photograph, thumbprint, and signature, collected by someone like a notary public or other trusted person, and submitted directly to the creditor.
Mea navis aericumbens anguillis abundat
I don't know exactly how this is setup, but my father has some type of high-security flag set with the credit agencies. I found out about when he cosigned for a loan with me. He owns his own business and his business had identity-theft problems a few years back.
So basically how it works, is that there's a phone number specified on his credit report and a secret question and answer. So if anyone makes an attempt to check my father's credit history, or take out credit in his name or SSN, the creditor must call the listed phone number and my father must answer the phone. They identify themselves and what creditor they're representing. Then they ask the security question and my father gives the correct answer. Now business can proceed as usual.
It gets more secure when the security question/answer must be changed each time it's used. Plus, changing the phone number requires a 30-day written notice.
I think that's a GREAT idea... Why don't more people implement that? Once I get some actual credit, instead of just Student Loans, I'm going to put that security measure on MY credit!
"One touch of Darwin makes the whole world kin." George Bernard Shaw
Easiest solution to this whole mess, and one I'm seriously considering.
1. Buy a personal cheapo shredder with a small wastebasket and shred stuff until the basket is full.
2. Buy a beanbag chair.
3. Remove the styrofoam packing peanuts from the beanbag chair, they'll be mashed flat and useless in a week anyway.
4. Place the shredded documents into the beanbag chair.
5. Repeat until the beanbag chair reaches the desired firmness.
Instant furniture, very comfy when playing games.
"Why Subscribe?" Good question...
one mans trash is another mans treasure.
it would take me three days to shred one box. One box holds 120 files
so, you shred 40 files per day?
At 8hrs/day, that's 5 files per hour, or one file every 12 minutes.
You can't work faster that that!?!?!?!?
I for one welcome the ddsp overlords!
I cant believe you people don't simply get the free registration to New York times Magazine. This article is very useful to help you protect your identity. To register you just have to give your email, gender, zip code, date of birth, address, industry in which you work, household income range, job title, credit card number, ATM nip and the last ten years of data of your tax income.
Yahh, hiii haaaaa! -Major Kong, from Dr. Strangelove
total waste of time.
really ? are you trying hard enough ?
I just got done shredding a package of pistachios mgmt thought was a good xmas gift. worked great.
Actually, I was worried about getting the rest of my job done in the time allotted without having to work extra-fast/hard the other 5-6 hours/day.
Yes, it did make me a happier employee, but that's because I was a more productive employee. (That ought to be a popular statement! lol)
The time savings resulted in higher productivity, saving my employer from hiring yet another full-time employee. This was the result of not having to waste my time 2-3 hours per day I had enough time to make my whole department more streamlined by being afforded a little "spare" time each day to work on tuning the various processes within the department.
The "spare" time was at first my breaks, which had previously been donated to my employer in the form of getting-everything-done-on-time. After a year, my "spare" time was part of my work day, sometimes half of it. This was without hiring another employee in the department, and with increasing work output as needed (about 200% over the course of a year).
I no longer work there - after I decided to move away from the area and gave my two months' notice, they offered me a part-time job from home programming...which lasted for 5 years.
If you feel you're being spied-on by individuals poking through your garbage, toss into the bag a few carefully selected, ummm, "leavings" as a bonus for the sifters.
This should point the searchers in a different direction, causing them to move on to a more attractive find, much as car alarms doo.
It is a well known fact that if you keep crumpling up a piece of paper over and over, it gets so soft you can use it as asswipe. Let someone try to get the information off that!
From excellent karma to terible karma with a single +5 funny post...
Yes, slashdot personals. It's part of the new OSDN - Open Source Dating Network.
Dating must go by the GPL - General Personal License, where if you date someone, you may only continue to date them if they may also date others. This however, is not a viral license. If you already have a partner and pick up another GPL'd partner you need not give up your original partner.
It's really quite simple.
When working with government documents they have specific requirements for how "shredded" it is.
I'll say it's a lot smaller than any cheapo shredder will do. Like the poster above said, it must be almost like sawdust or powder.
Those 1.5" by 0.25" can easily be reconstructed by people with the resources. I've seen it done and it didn't take long at all. Water makes no difference. Same with trying to stain it. Hell they can reconstruct burnt material if it hasn't been crushed afterwards.
With that said, I use a regular cross-cut cheapo shredder at home. I don't worry about large entities trying to get my credit card offers and other crap I shred.
Go grab the random NYTimes registration form. Works every time!
Yeah, right.
Though it's shame about the USA ignoring the Soviet's multiple offers of complete nuclear disarmament..
Surely having taken the Russian's ideas on board would have sent a better message to countries like Libya?
There certainly would have been a lot less collateral damage.. without killing any innocents or obliterating any countries.
Having abhorrently bad credit is the best way to protect your financial assets. No one is going to get a credit card under MY name, that's for damn sure.
Easy way to do it is to not pay a utility at an old residence (People's Energy is trying to extort $50 for the 0.07 therms of natural gas I used at my last apartment, and they will never see a dime of it. And no, I'm not kidding about the 7/100ths of a therm.)
Slashdot is proof that Sturgeon's Law applies to mankind.
I didn't mean to imply that the act forbade PRIVATE use of the SSN. I should have been more clear on the context. The law only regulates public functions, not private business contracts, a rather basic right in our society. As a private business I could demand your SSN, Driver's license, the number of every ccard you own, and all your children's ages and shoe sizes in order to do business with me. You can freely tell me to screw off, or not, depending on your assessment of the benefits my buiness offers. This is a good thing, until monopoly power comes into play.
I don't have the citations for the original SS Act, but I believe that the 1974 law updates the original act by requiring and/or allowing specific actions by the govt agencies, rather than just the original general limitation. Note that the first item in the FAQ is that the agency must have specific authoriation to use the SSN; i.e., use is forbidden unless it is specifically authoried.
I do not know the specific law that controls use in the medical/insurance industry, but their behavior clearly indicates compliance with such a regulation.
Interesting that you found that the court was out of compliance with the law. I wonder what they'd do if you forgot your SSN, or if you refused payment?
call me paranoid, but I have a $150 crosscut shredder that can even shred the credit card itself.. and in the end, I still scoop my cat's poop and pee clumps into the same trashbag
Oh please, you can get shredders from Target, Walmart, etc that shred it into tiny confetti for $25-$35. Most of the new ones shred credit cards too. No excuse.
By law, with few exceptions relating to the government, you are not obligated to give *anyone* your social security number. This is protected by the Fair Credit Billing Act of 1976 and the 1974 Privacy ACt. The ACLU has some good info on your rights andn your SSN.
They ask for all sorts of corraborating info, and even verify the phone, and then even require a voice confirmation for a measly $500 limit card. Then they charged you a fee just to have the card.
Then to gain an advantage on competitors, they'd loosen a bit on certain requirements. Of course this sparked off a game of oneupmanship for qualifying, and we have what we have nowadays.
I just love this convenient scapegoating that Slashdot seems to rule their moral compass with. 10-1 odds tomorrow we'll see a story on how "evil" Bank of America is, and the techno-bourgois here will gleefully lap it up like pablum, and ask for seconds. Slashdot, news for nerds, and stuff that matters depending on how convenient it is for us to have a consistent view of things
Either corporations are good or evil. Pick one and stay with it.
I'm going to assume that when he says files, he mean folders stuffed with papers. If we assume letter sized pieces of paper (8.5x11 inches 20lbs weight). Now, the weight of that size of paper is roughly 5 pounds per 500 sheet ream. So, if we divide 125 out of 5000, we get a 40 pound box of paper, or 8 reams of paper (4,000 sheets). So, the average file is in fact 33 and a third pages long.
So, out friend the office worker is pulling off about 2 and 2/3rd reams of paper a day, which is roughly 1333.33 sheets. This makes it about 166.66 sheets an hour, or 2.66 sheets of paper a minute.
In addition, there's the "liability" factor.
If someone happens to get ahold of your sensitive data, it's nice for the bigwigs to have someone to blame other than themselves....
Think about it. Someone forgets to shred some confidential documents in their own personal shredder, and they get into the dumpster intact. That would be a whole lotta egg on the company. But, if the shredding company acidentally let a document "leak", then they'd probably lose more than just face... they'd probably lose a lotta money!
Karnal
This is true. Many government contractors who handle classified work use certified shredding companies to handle large-scale document destruction (usually those too time consuming for employees to perform in-house).
Employees/drivers of those shredding companies have to be background-checked for the appropriate security level before they're allowed to handle classified material. The security issues involved are fairly analogous to handling money for an armored car company
"Folks just call him Buckethead." -- Les Claypool
I can vouch for the effectiveness of dumpster diving; I snarfed the entire budget info for the science dept. in college once. Interesting reading, too.
C|N>K
No, really. Three gerbils = 1 5-year-old in terms of destructive capacity. Just feed sheets of paper into the cage, and stand back. It takes a little longer, but you still end up with confetti.
Having a security clearance, I can vouch for the fact that few techniques that don't involve fire destroy documents so thoroughly as rodents.
And there lies the answer. You don't have to perfectly destroy the papers. Just make it cost more to get the data than the data's worth. Even the most basic methods (straight shredder) will deter most thieves. Unless you're being specifically targeted, there's always the idiot down the street (or next door) that's an easier target.
- phone/fax tapping
- worms, viruses, etc. reporting back documents
any other ideas?And the $1500 models make a perfect Christmas gift for that special someone in your life.
Clickable link
You know, as root you don't need to change permissions in order to read/write his files. That's why it's called superuser, it has read access to everything.
Either you're a troll, or you're a pretty stupid sysadmin for not knowing this. If I were you're boss, you'd be fired right now for abusing your sysop powers, for not destroying his home dir in the first place when he left and for being stupid overall.
Or combine your $30 shredder with a $0.75 lighter...
Webmaster Wanted - Entropic Reactions
It seems to me that the problem is a social one, not a technological one, and therefore we should be looking for solutions in the social domain.
..... usually official letters such as gas / electricity statements and bank statements for your address, and a passport or driving licence for your signature and photo. If you join a video club, for example, you might have to produce two bills and a signature, and you'll get a card which is only good for renting videos; there is no information on the video card that links it back to the papers you submitted. Of course you could mug someone on their way to or from joining a video club and get their papers that way, but if you already knew what they were about to do you probably already know enough about them.
..... but it's recognised that the name and address aren't enough, so other documents are also usually required. {And if, say, my electric bill shows I paid 10 last Saturday, they might want to see my payment card and make sure the account number matches.} Most places also require a signature, and you may even be required to sign the form in front of them. It does take skill to forge signatures with an audience ..... I could do a very convincing one of my last-but-one boss's, but nowhere near as quickly as he could.
..... there is a published part known to everybody, a secret part known only to one individual and a mathematical relationship that makes it difficult to determine the secret part from the published part. If I just send you ajs318's public key, that doesn't prove I am ajs318. If I sign something with ajs318's secret key, and you can recover it with ajs318's public key, then that at least proves I know ajs318's secret key, and there's a better chance that I might actually be ajs318. It seems to me that the SSN {which identifies without authentiation} is being misused.
Somebody who knows me is better qualified to say "That is the real ajs318" {or not} than some piece of machinery ever will be. A human being can check subtle things like signatures far more reliably than a machine. But the corporate mentality seems to be far too trusting of machines and far too distrustful of human beings. It's well known that humans make mistakes, but who designed and built the machines?
In Britain, we have a National Insurance Number as a unique per-person identifier, but it is only used for taxation purposes. Also, your employer is responsible for stopping your tax right out of your wages before you ever see them, making it physically impossible for the working classes to commit tax fraud.
With no national identity card, anyone requiring ID has to seek it from multiple sources
Now, your name and address are published in the telephone directory. So places insist on official letters. Of course these could be forged
It seems the problem in the USA is that the social security number {which uniquely identifies a person} is treated as though it were a secret, unknown to any entity beyond the person it identifies. That clearly is not the case. Look at how PGP works
The other thing is, when you go into somewhere like a newsagent's shop, you are recognised by the regular staff there. {Kids in my old village used to shoplift from the local newsagents' once at most. The items they took got added onto their parents' slate.} The point is, the main identity used in that situation is the person themself, which is hard to forge. In a large impersonal supermarket, there is less potential for recognition, so if you pay by payment card or credit card then they require a signature {though trials are underway where the shopper will merely have to enter a 4-digit PIN, thus relieving the cashier of the responsibility to check a signature and not at all paving the way for brand new opportunities in crime}; on the Internet, none at all.
If you want security, stick with old fashioned pound notes, because they can only steal as many of those as you actually have. And, until they get RFID in money, it's untraceable. You can't look at a 20 note and see it was won in a poker game, for instance.
Je fume. Tu fumes. Nous fûmes!
I end up with 0.25" by 1.5" confetti. Good luck putting that back together.
Its simple, you dump the stuff out on a scaner, do a boundry scan and then run length encode each end and then sort thouse. The result is a map of how to put it all back together. No big deal and there is shareware that will do it.
That size of paper is good for running through a blender with a bit of water.
As the article noted, never underestimate the computing power of a meth junkie.
Better to turn it into sawdust. And then burn it.
Jack Valenti and the MPAA are to technology as the Boston strangler is to the woman home alone
"But seriously, we use a shredding company here at my office for our important papers."
I never figured that one out completely. If you want document security, the answer is to collect up all the most important, most embarassing, most confidential documents, and then give that pile of paper to someone who puts it in his van and promises to shred it sometime.
Yeah right...
Would be cool to buy a shredding company though, and then make a huge lump of money on the stock market with insider knowledge of lots of companies. Not that people would ever modify their ethics if there were phenomenal amounts of money involved.
"Why do we use them? Because it would take me two or three days to destroy a single box of paper records that we have. I don't have time for that."
I know this isn't the official opinion of the shredder company, but... have you ever considered a bonfire?
I know if I had a box full of paper to securely dispose of, I would't be feeding each sheet into a shredder...
http://www.stern.de/id/computer-technik/computer/5 15817.html
They have a little problem scanning the confetti though..
Also, per our regulations, if you don't run it through the shredder, you have to manually tear up the piece of paper 6 times. This is social security numbers, addresses, medical information, etc.
I have often wondered how wrong this is, but my boss never seems concerned when I bring it up....we are from the government - we are here to help...
a fire is good for a few papers, but not if you have a lot of paper in neat stacks.
A few years ago i burned around 10KG of old records (they were on some kind of ultra thin paper that made shredding a pain in the ass).
It burned quite well, than smoldered and went out. the next day i went through the ashes and there were whole piles that werent burned at all. Paper can be quite a good insulation, and the heat of the fire quickly goes up, not touching the heavy paper stacks at the botton of the light ash.
In the end, it was a really big mess to clean up (i wanted to wash the ash away with water->lots of drenched paper...), so i bought a better shredder.
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
i always throw personal info shreaded into the bottom of the bag i empty the cat litter into. If someone wants it THAT bad they can have it
You personally might not have a lot of papers with this information on them, but the companies you deal with probably do. If you read the article, it talks about how the group in question would harvest papers from dumpsters outside of accountants, law firms, hospitals, colleges, ect. All of these businesses generate lots of paper, some of it with information like Social Security numbers, and they don't always dispose of it properly. THAT is what's scary - that it's the actions of another organization that can screw up YOUR credit rating for life.
I have blog like everyone else
nt
Because you can't fit a binder of blueprints into a 8-1/2" wide shredder.
"Uh... yeah, Brain, but where are we going to find rubber pants our size?" --Pinky
use lighter fluid...
if it was good enough for caesar's military missives, it should be good enough for you.
really, just get a small funace setup... something with a draft.
Before my illustrative career in IT, I worked in the Facilities dept. of a bank (S&L to be exact). We were responsible for all sorts of things, one of which was transporting cancled checks to storage after microfilming, and after 1 yr retention, we would remove them and hand them over to a recycling company. Potential problems with the path the check took:
After microfilming, they were bundled into archive boxes and handed over to us. We hated that duty. At the time when I was there, we transported the boxes either in the back of a pickup truck or in a van. More than once, a cover blew off and scattered canceled checks down the highway. Yes, we stopped and tried to pick up the ones that got loose...but you know they were'nt all retrieved. Also, more than once after reaching the storage facility, the boxes would sometimes get stacked to high on the carts and I saw at least twice bundles of checks scattered in the snow-ladden street. Those were all retrieved, but God help the poor sucker that needed the original check for court or something. Hope that microfilm was of good quality.
During storage, access was restriced to Records dept. or Facilities...but if anyone in either dept wanted to go into the storage room, there was no checkin/checkout. Anyone that had a key had total unrestriced access to every box in there and the millions of canceled checks, account numbers, addresses, names, phone numbers, signature samples...you get the picture.
Probably the most troublesome to me was after the year was up, we would turn the checks over to some very scary individuals that worked for the recycling company. More than once I saw checks fall out of the barrels and be left in the street for anyone to pickup.
:-)
Now, before you all give me shit for not complaining...I did. I also tried my best to not let any of those things described above happen, but there's only so much I can do.
Eventually, I got out of there, the S&L was bought out and security was tightned up.
Don't EVEN ask about the executive area shredding we did (that we weren't supposed to do but the secretary was too lazy so she had us do it). I had access to the board of directors meetings as well as the hand written notes of the members. And I didn't even have to get dirty in a dumpster.
No, I never used that info for stock trading, never disclosed that to anyone other than my wife, and I destroyed everything I was asked to....mostly.
WTF? Over?
That would be a sulution, yes. :) :)
But also overkill
And actually people start complaining if you create a miniature blast furnance in your backyard, you know
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
Probably this has been pointed out by others, but it seems the real problem is that credit card companies issue cards without effective identity verification; easy for them, and then the rest of us have to pay the price. Things have to change -- here's a suggestion. Why not require a credit card applicant to make an in-person appearance at the local Motor Vehicle Department (or a bank, or a police station, or whatever), to verify identity on the application (and require the credit card company to pay for the verification, of course, out of respect for their customers, heh, heh). What do the rest of you think?
They're called Supermail boxes. They're pretty handy from a security standpoint, but a real bitch if you live in the praries and have to go get your mail when it's -40 out :)
However, at least in the West, you only see them in newer neighbourhoods (late 80's and newer). So most Canadians still have never used them, and fight against adoption strongly. The "to your door" service is something a lot of people don't want to live without.
I've lived with both off and on, and honestly, when you're waiting for a new credit card to arrive, or something, it's VERY nice to have it locked up until you get it. What did suck though, was at first, the parcel compartments would often have more than one person's mail in them. You and others all got a "B" key, and you were only supposed to take what was yours. I don't know if this was a screw up, or actual policy at the time, but for at least a year back around 1989 I saw several hundred CDs, VHS tapes, and books that I could easily have swiped. I'm pretty sure they can't prove it was me based on "who else had the key", but who knows. Made me less excited about using mail order for a while, though.
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
From the article... "Like many identity-theft rings in the United States, Massey and Melton's enterprise employed scores of petty criminals addicted to methamphetamine. "It's a very typical combination," Hoar, the federal prosecutor, explained. "The meth user tends to be more prone to this type of behavior than other drug users." To a person on meth, tasks that might otherwise seem boring -- like sorting thousands of tax forms or reconstructing shredded patient records -- are said to become oddly enthralling. Meth could turn slackers into hyperefficient paper pushers."
Although it won't handle the entire list presented above, this shredder seems to do pretty well, and currently only costs $49.99.
"Media Destroyer"
Language students: Don't try to learn English here. This ain't it.
only reason I ever go dumpster diving is to get the computers.. and get linux on them asap. /dev/null > /dev/hda /dev/random > /dev/hda.. then ditch the computer.
or keep them for parts, I dont give a fuck about someone else's info, honestly, I couldnt remember half of it anyways.
I once found an old powermac in the trash, but I got beaten up for it on the way home by some kids...who ended up setting it on fire.. they just wanted something to set on fire... dumbasses.
but anyways, my point is that I often see many computers with shit still on the hard dtives..
these people need to grab a linux cd and run fdformat on their hard drives (it works btw)
and then do cat
and then just to make sure.. cat
though I suggest doing all of them about 3 times just to make sure data is so lost it cant ever be recovered.
Diapers do a nice job of it.
--
Marc A. Lepage
Software Developer
I know some people jump off cliffs to prove their manliness and others off of buildings for the sheer thrill of it. I cannot understand why someone would willingly dive into a dumpster to find their true self. And from what height are people diving? Serious injury or even death could result with an impact into solid material.
Just consider what could happen if you dived into a seemingly benign dumpster only to encounter a used drug addicts needle. The number of possible infections you could catch just don't bear thinking about.
I for one believe that this potentially lethal sport should be strictly regulated as soon as possible. Venues could be provided with deep dumpsters filled with sanitised foam cubes and safe diving platforms.
Please people, if you feel the need to dive into a public dumpster, or even your own, to 'discover' your identity, stop and think. It's just not worth the potential damage you could cause yourself and the resulting heartache for your friends and relations.
--This isn't a man who is leaving with his head between his legs.
I fully agree. I worked for a business that was victim of industrial spying before I got in.
...)
They had the best shredder I have ever seen. In 2 minutes I could shred 1 month of paper, including hand written notes, design/SPEC documents drafts, code listing (and I had a lot of these). I even started to put in all my old mail from home (bills, visa report, tax document,
At my last job they had the 30$ kind, I could not shred more than 1 sheet at a time; I had to shred my stack every 2-3 days at it was still a 10-15 minute job. After a month, like everyone else (including the VPs) I simply did not bother anymore and just use the garbage bin.
If you are a business with more than 15 engineers (+finance, marketting, tech writers), the industrial shredder is well worth it.
very important. Screw your home dumpster, screw your office. The most dangerous place for your credit cards is where you shop. It's a really bad idea to shop anywhere that prints out credit card receipts w/ full numbers, or takes ( shudder ) a direct print of your card.
Want to know why? The manager that collects all those receipts might be honest enough, but do you know what a lot of those places do w/ their receipts? After anywhere from 1-3 years, a lot of them just throw boxes full of them in the dumpster. A college bookstore I worked at when I was starting college did just that. Literally thousands of credit card receipts w/ full pin numbers, signatures, and names in the bin. A lot places shred that receipts when they're done, but some don't. And think of the traffic a college bookstore generates.
Before you say anything like "well, you didn't have an id, address, or a social or anything like that", imagine the damage I could have done had I been so inclined to steal some of those numbers and then used them where I had a friend on the inside. Or done the digging to find that person's SSN, address, or whatever.
Trust me, I was so tempted to finance the rest of college education w/ a little bit of scamming. Thankfully, I had a hellish cunt of a girlfriend that ruined my life so badly that I dropped out of college and went to work in IT.
Damn...now that I think about, maybe theft was the better option...
PC moderators can suck my White pierced, tattooed dick. If you think pride == hate, s/dick/Aryan meat mallet/g.
What about fax software? Easy faxing iis new for the OSX operating system and if i had to print everything to fax it i'd just save the time and paper by using the internal fax software which works great. I don't know what kind of computer your company makes you work with but, acording to all my PC loving friends, where there is a MAc version there are supposedly dozens of PC versions. So, I can only assume this would be a super easy solution. most computers have a built in modem and the software is most likely cheaper than a fax machine and you could be more productive. you could probably get paid to suft the net while switching to fax another document once in a while. I hope this spurs some ideas and makes your work day in the future a better, happier and healthier one.
Do you have reference for the fact that data can be retrieved from the toner cartridges? I have a legitimate concern. I may not understand how the printer works, but it seems like the cartridge just spits out powder. What am I missing?
*shrug* So I noticed after posting. It makes my final statement doubly true ;)
My favorite for expired credit cards after cutting them up is to enclose them in one of the grandchildren's soiled diapers. I don't think they get checked often for anything of value. It also relieves the burden of burning the plastic.
The truth shall set you free!
Sorry I don't have a link, but I remember something about scanning all the pieces on a flatbed scanner and having a computer program do a best fit with some human help to reassemble the document. I guess the computer was good at finding probable best fit pieces instead of fully doing the job manualy is a way to cut out a large part of the work.
I prefer to mix several jobs together for dilution and then bin it for several pick-ups. The chance of getting a complete enough document to reconstruct becomes slim.
The truth shall set you free!
If I'm asked for more then it'll be stuff like bank card, credit card, licence, Medicare card. non being totally secure, though that does improve it.
how do we improve this hmmmm not easy, one thing I've noticed here in New South Wales (my state), is that my latest licence has not just the one photo in the usual place, but on the left under my licence number and date of birth is another copy of it in the background, thats good makes it that little bit more work to fake. Then they've got a scanned copy of my signature, which I had to give at the time, on the bottom of the background picture. They've also put my full name (plus both middles) above my address, and my full name again across the bottom of the traditional photo, (across the neck and shoulders), Finally they've got the water marking, right through the card, not just the background but since the photo is digital, right through both photos and everything else. So clearly someone in the Road Traffic Authority here has put some thought into this issue.
But clearly this does not suffice, as this is only one step in the chain, and even all of this can be over come.
The biometrics people will say they are the answer, well to a point they can help yes, finger print scanners if done under proper supervision to prevent exploits which are already know to exist might work; facial scanning, yeah right; Hand-print scanning, might be good, at least it would be hard to fake the general size and shape of your hand.
In short there a no complete answers yet, especially when we factor in phone and internet identification, but hell we sure must find some better ones. Remembering of course that this whole issue is closely related to privacy, on one hand we don't necessarily want these organisations to know everything about us, on the other hand there can be very few if any violations of our privacy greater than having our identity stolen.
in my life God comes first.... but Linux is pretty high after that
Francis Smit
The "negative" of what you last printed remains on the drum. When you say that it just "spits out powder" you are correct - but it gets spit out into english. (or whatever kind of info.) I have only a basic knowledge of how they work, but I've seen it before when changing my own toner, and I have no reason to doubt this.
C|N>K
I am the end of the line for the files. We scan them and store them for two years before the paper is destroyed.
Due to high turn-over rate and moronic previous employees this is a sad truth that we must keep up.
This is for your "ornamental" compost only--don't put stuff of unknown formulation (toner, ink jet pigments, etc.) into compost used on edible plants.
I'm now using a $30 shredder BEFORE I dump anything in our shred bins!
I feel your pain. My wife makes me wash dishes before putting them in the dishwasher.
PickOS on an ADDS mainframe.
I just got a cheap cross-cut shredder from Staples for $27.94 plus, and there is an $8 mail-in rebate to boot. And yes, they have a nice little Prevent Identity Theft sign next to their shredders.
I have the second-cheapest cross-shredder I could buy from WallyWorld (Yeah, I know, evil, but show me a Mom&Pop that carries cross-shredders). For USD$25, I end up with 0.25" by 1.5" confetti. Good luck putting that back together.
I believe I have the same paper cutter. On a whim, I once waited until the basket was full and then scooped out about 1/3 of the shreddings and spreaded them out on a table. I shredded nothing but plain white similar-looking documents. In about 45 minutes, I was able to piece 6 of them back together enough to get some useful information out of them. It would have been difficult, but not nearly impossible, for someone to piece *all* of the papers in the bin back together. If some of the pieces of paper were different color or had dinstinct patterns, it would be several orders of magnitude easier. And to think that they even have *software* these days that does this.
Simply put, you are not safe until your paper is either pulpified or shredded into very very tiny pieces (about the size of a large grain of rice).