Identity Theft and Social Networks
scubacuda writes "This Security Focus article looks at the lack of security social network sites have, particularly their lack of SSL logins, which means a user's session ID will be logged on any proxy and possibly sniffed. From the article: '[A]ccording to [Clay] Shirky, one thing is certain: "The value of each site is communally-created. Links and transactions are more important than individuals." In other words, each community creates its own kind of value. Thus, an attacker might hit Tribe to farm social networks for spam victims; and then he might exploit LinkedIn to get the contact information for a VC he wants to meet.'"
People are getting lazier, as people get lazier security goes down, deal with it.
I have good luck with mine
The idea of social networks is just insecure from the get-go. When people are connected, there's increased potential for security risks and flaws to be exploited and to be created. It's like broadcasting your real email and IP addresses on Usenet - a bad idea. The buggy implementations are just icing on the cake.
Slashdot: when news breaks, we give you the pieces.
TrolKore rules /. forever.
CmdrTaco prefers TrollKore's cox in his anus
to GNAA's!
and I feel damn cool for doing it. They still haven't figured it out.
A lot of good has come out of the "social networking" craze. I have personally blogged about a lot of this on my personal blog that I administrate myself. You'll notice that I have discovered a very unique piece of software called "Movable Type" that allows me to blog what I want without surrendering any information to the outside world. That's right: every time you go to Friendster, LiverJournal, or another so-called "community" site, you are subjecting yourself to a host of vulnerabilities. Read the privacy policies: these sites surreptitiously save data to your hard drive through the use of so-called "cookies"; they may serve intrusive ads that interfere with your web browsing experience; and they may fall prey to black-hat "crackers" (not "hackers").
Personally, I feel that every third-party site is not to be trusted. For the greater good of the blogosphere, I believe that the future lies in individually unique weblogs connected by a perfectly synergistic system of TrackBack pings.
Sincerely,
Seth Finklestein
Social Networking Consultant
I'm not Seth Finkelstein. I still speak the truth.
you fucking fag.
IF I EVR MEET YOU I WILL FUCK YOUR ASS!
# messages before posting your own to avoid simply duplicating what has already been said.
# Use a clear subject that describes what your message is about.
# Offtopic, Inflammatory, Inapp
I had my identity stolen about 8 years ago. It suuuuuked!
In San Francisco, when some people move out, they throw all this crap they don't need anymore on the curb. I saw this thoughout the city, time and time again, so when it came time for me to move, I did the same.
I got rid of almost everything! This included, tons of old papers - possibly old pay stubs. Big NO NO! At one point, I even noticed some people looking through the big pile. "Just people who like crap", I thought.
Six months later, the Postmaster General Attorney's office in San Jose calls me saying they've arrested someone on postal fraud that had my name and info in his little black book. It was under a section that basically was ready to have a drivers license and social security card issued in my name with this guy's picture!
To make a long story short, the guy went to prison and I had to notify all agencies where I had any type of id or credit/bank card to put a watch on them for the next six months.
My lesson learned: shread everything.
However, online, this is a totally different issue and the only thing I can suggest and do about that is to check into companies and try to make sure they are responsible about how they store your credit-card information. I've personally written to all the online companies I use to ask as how they protect my information. If it ever seemed like they weren't up to snuff, I explained my concerns and asked for some sort of reassurences. Although, I must admit, that's not the best thing and sometimes letters to the BBB and other groups/agencies are necessary.
Karma karma karma karma karma chameleon, you come and go, you come and go.
you suck cock, gaiboi.
I've heard the rate at which people who commit identity theft get caught is around 1 in 7000.
So you have a much better than 99.9% chance to just do it to your heart's content and walk away with the money. That's pretty freakin' scary. A crime where you never have to see your victims, never have to face any consequences, and make tons of money. Can you imagine what would happen if a misguided Robin Hood decided to popularize the techniques and teach them to America's poor? Would the entire banking industry collapse at once? With a million people doing it simultaneously you would obviously overload the already overloaded investigative ability of the gov't and probably change the ration to 1 in 100,000 getting caught.
instead of protecting their inf..
the real threat to yOUR social system is the constaNT suck of the endlessly needy corepirate nazi marketeering execrable, if you don't couNT the georgewellian fuddite debt & disruption machines.
both 'institutions' fail miserably, & sadly enough, voluntarily, in the area of protection of personal information, unless it is their own, & even then, they just fail buy ineptitude.
consult with yOUR creators... that's it. you are entitled to some privacy. it's a huge planet.
it's so easy, slashdot still hasn't done it.
prove it
ok... proof,
WTF? I am an AVID GNAA fan. This post CONFUSES me.
heaven forbid someone criticizes the blatant hypocrisy of the Slashdot staff...
I'd like to give a shout-out to penisbird, DiKKY, timecop, Kobaz, til, tirel, lysol and nr.