First and foremost, the technology required to pull this off is significant - I've yet to see really good voice recognition. What if you are in a loud location?
It can be cracked quite easily. The whole "Warner Brandes" thing (which many have posted).
Mutes have credit cards. Doesn't work for everyone. As soon as you have someone who is a mute needing a card, it means there's a way to avoid the voice print - which means that it's just a question of figuring out how to do this. "Hello Citibank? My wife lost her voice in a car accident...."
The issue of central repository is huge - and all you've done is moved the data that is key. Right now, it's the SSN thats key. If you make this voice based, I'm sure that it'll be digital in nature, which means that the headline five years from now would read '20,000 digital voice prints stolen from...'... Whoops.
The only true way to get around this is with a handshake mechanism - data that is stored at the credit card companies but is utterly useless without verification from outside.
Here's a better solution:
When you submit a credit card application, you tie a home phone number or a cellular phone number to the card. Every time a transaction is made an automated call is placed to your home phone or to your cell phone (i.e. via SMS works too). You have to authorize the charge by either replying to SMS or through the home line by responding.
Changing these phone numbers is not allowed without cancelling the previous card and associating a new card to a new number. Any time a phone change occurs, a manual verification should be performed. The card company calls the old number on file (or SMS's the cell or calls the cell) to confirm. This stops theives in their tracks from just rerouting calls. This is your first line of defense towards noticing something is amiss. If you've lost your cell phone and you've changed home numbers, you'll still notice when the card stops working.
Yes, theives could call your credit card company and get a new card but that card would be mailed to your existing address and your old card would become inactive immediately - alerting you to trouble.
What about vacations where you might not have a cell phone or access to your home phone? Simple - you call the credit card company prior to your trip and inform them of the length and location of your trip. Charges made during that time frame and only from that general location (i.e. "The Cayman Islands") will be allowed. When you return the regular authentication mechanisms apply.
What about moving addresses? This becomes tricky -especially if you've changed numbers, states, etc. In this case, I think the best course of action is to simply cancel the existing card and apply for a new card but with one twist - the application must be filled out at a regional bank and cannot be mailed in or completed over the phone or over the internet. Why? A few reasons - It's one thing to know someone's SSN, it's another thing to have falsified SSN documents. It's one thing to know someone's license information, its another to have falsified drivers licenses. It becomes much more difficult to commit a crime in this way - also because now, instead of some random guy behind a computer, this guy has to go to whatever supposed state you are moving to and show up in person, with falsified documents, on a bank camera system. Is this a bit more of a pain for you and I? Yes. But how often do you change or get new credit cards?
The final check? And this is one is a tricky one to keep secure but there must be a way. The credit card companies should all cross reference their databases of phone numbers and addresses. For example, if transunion detects that you have different numbers on file for two credit cards, it should be legally required to notify you in writing.
I would also propose that you should be able to "lock" a card into a geographic area. For example, say you have three cards - an AMex, a Mastercard and a Visa. You use the Visa when you travel and for online purchases, but you never use the Amex or mastercard. You should be able to lock the amex and mastercard to only accept charges from, say, a 150 mile radius of your primary city. Any charges made to that card outside of that radius will be denied.
How does this work?
Alittle bit about geographic profiling works. Essentially, what this software does is it assigns a weight to different attributes of a crime and based upon past crimes determines a probability that the crime was commited near someone's home or an area they know. Throwing in some additional variables such as where an individual works, what route they probably take to work, etc, helps identify a person's individual daily path.
Throw in a couple more factors like how far most criminals go from home to comit a crime - i.e. bank robberies tend to happen at banks individuals don't know, further from home, though rapes and murders happen in areas people are more comfortable - near an area they know - so that if discovered they know where to run (read: no unexpected dead end roads, good alleyways etc). Without getting into the whole theory of why this is - basically its because someone near their home doesn't stand out, they've probably been seen on the street before, maybe a neighbor knows them, they dont pose a threat - and dont' look out of place. Think about yourself - if you had to go walking around alleyways to stake out a location to dump a body or commit a rape, would you feel more comfortable (and look less shady) in an area you know, or some place out of town?
So take some basic variables - what was the crime? when was the crime?
Now, take the location of your crimes and cross-reference it with just the areas that would match given crimes. You end up with an area of probability that usually circular in nature around each crime... as these areas intersect, you get "blotches" of red, yellow, orange, etc..
That done, start to take other factors into consideration. You probably don't have a database with everyone's job, route to work, schedule, etc - what you probably do have is income ranges and general demographic information for specific areas. (Ok so I mentioned all this stuff about individuals above, I'm getting there).
Using that data, you can modify the predictions futher. For example, something like a string of gang shootings... There are several areas (chicago for one, im sure you can think of one near you) that have affluent or up-and-coming areas near or next to ghettos. For chicagoans, think near west side vs. cabrini greens. For those who don't know, 2 bd 2ba condos in near west side go for about $300,000 to $500,000. Go about five or six blocks down the road though and you'll run into section-8 housing. I'm getting to a point here, bear with me.
Having run your first analysis, you may find that there was a gang shooting in the "nicer" area, but it isn't really likely the shooter is from there... more likely than not, he's from the crummier side a few blocks away. Up to this point, the system knows nothing about Street Y vs Street X. Street Y might be a few blocks from Street X, but STreet Y might be primarily a six figure area... This information exists - if not directly, it can be found through housing prices and general crime level.
Ok, so now what? We have a big red blob that winds around. Feed the system the data on population type, ethnicity (yup. Not too PC, but its there), income, average age... etc. With this new info, it starts to eliminate or decrease the red areas, building a smaller search section.
Now I'd talked about all those individual factors - I'm finally getting to them. Remember those? Where does person A work? Person B?
What does this person do? (Truckers and transients dump bodies far away, most employeed people dump them near work or home).... etc.
Usually in cases like these you have hundreds of leads. Everyone is followed up - some are easy to eliminate some don't really lead anywhere. Some sound like good potentials. Say you get a tip that joe shmoe did this crime. A quick check reveals he has no alibi for the time in question... does he fit the (geographic) profile?
Obviously, you are going to go see joe shmoe. You ask some pretty basic questions that sound pretty boring... where do you work? You drive to work? Take the bus? What time do you leave? Do you eat lunch at work or outside? Simple stuff. You bring it up in conversation like nothing was - and for the most part it isn't anything.
Pretty soon, you've got a list of 50 individuals who could all be involved. None of them have alibis, and you need to figure out who to focus on. Here we go again.
Your now narrowed red area can take into account what these people do, where they work, how do they get to work, etc. Put those in and usually, you end up with 10 individuals who fit the geographic pattern. Those are the ones you go see again. And again.
The rest? They don't fall off the radar, but you are no longer dedicating half your team to them. It's a game of probabilities. Now with your 10 "likelies", you've got the resources pointed in the right direction.
Combine this with an FBI Profile of an individual and you've taken your 10 and shaved off 3 or 4. Now, you've got a handful of people to really focus on. At this point, you've got your search warrant if you want it - no alibi, meets the profile, fits the area, etc.
The search warrants usually lead to a few more clues and narrow it down to one guy. Then you just got to figure out how to prove it was him.:)
(reposted since I did it as anon by accident)
Ok so people do sit around playing mp3s while screensavers kick in, but there are major problems with this scheme:
[1] By *definition* you probably are NOT look at your computer when the screensaver is on. Thats just common sense. How many of you listen to music watching your screensaver? Not many. You might do something else while playing music, but you probably don't watch your starfield simulation.
[2] Aint no way in hell students who have half a brain are going to stand for this 'You decide my screensaver' crap, and furthermore, how are people going to decide
[3] Placing these things on a distributed network - which appears how this is going to work means that if this system ever gets hacked you've got a helluva joke you could play. "On Tuesday a picture of the dean making love to a donkey was sent to every screensaver on campus...."
[4] Ads on computers rarely work.
[5] This is a total invasion of privacy. If its distributed it means that your computer is running a client and grabs information from the server, which therefore means that the server knows what advertisement it just sent to your computer for you to see, which in turn means it probably knows what you've been clicking on. Tsk tsk.
Slashdot Mirror
http://picapic.net/media/F2CZ5WR84Q8GV4 :)
Looks like a toy.
First and foremost, the technology required to pull this off is significant - I've yet to see really good voice recognition. What if you are in a loud location?
It can be cracked quite easily. The whole "Warner Brandes" thing (which many have posted).
Mutes have credit cards. Doesn't work for everyone. As soon as you have someone who is a mute needing a card, it means there's a way to avoid the voice print - which means that it's just a question of figuring out how to do this. "Hello Citibank? My wife lost her voice in a car accident...."
The issue of central repository is huge - and all you've done is moved the data that is key. Right now, it's the SSN thats key. If you make this voice based, I'm sure that it'll be digital in nature, which means that the headline five years from now would read '20,000 digital voice prints stolen from...'... Whoops. The only true way to get around this is with a handshake mechanism - data that is stored at the credit card companies but is utterly useless without verification from outside. Here's a better solution: When you submit a credit card application, you tie a home phone number or a cellular phone number to the card. Every time a transaction is made an automated call is placed to your home phone or to your cell phone (i.e. via SMS works too). You have to authorize the charge by either replying to SMS or through the home line by responding. Changing these phone numbers is not allowed without cancelling the previous card and associating a new card to a new number. Any time a phone change occurs, a manual verification should be performed. The card company calls the old number on file (or SMS's the cell or calls the cell) to confirm. This stops theives in their tracks from just rerouting calls. This is your first line of defense towards noticing something is amiss. If you've lost your cell phone and you've changed home numbers, you'll still notice when the card stops working. Yes, theives could call your credit card company and get a new card but that card would be mailed to your existing address and your old card would become inactive immediately - alerting you to trouble. What about vacations where you might not have a cell phone or access to your home phone? Simple - you call the credit card company prior to your trip and inform them of the length and location of your trip. Charges made during that time frame and only from that general location (i.e. "The Cayman Islands") will be allowed. When you return the regular authentication mechanisms apply. What about moving addresses? This becomes tricky -especially if you've changed numbers, states, etc. In this case, I think the best course of action is to simply cancel the existing card and apply for a new card but with one twist - the application must be filled out at a regional bank and cannot be mailed in or completed over the phone or over the internet. Why? A few reasons - It's one thing to know someone's SSN, it's another thing to have falsified SSN documents. It's one thing to know someone's license information, its another to have falsified drivers licenses. It becomes much more difficult to commit a crime in this way - also because now, instead of some random guy behind a computer, this guy has to go to whatever supposed state you are moving to and show up in person, with falsified documents, on a bank camera system. Is this a bit more of a pain for you and I? Yes. But how often do you change or get new credit cards? The final check? And this is one is a tricky one to keep secure but there must be a way. The credit card companies should all cross reference their databases of phone numbers and addresses. For example, if transunion detects that you have different numbers on file for two credit cards, it should be legally required to notify you in writing. I would also propose that you should be able to "lock" a card into a geographic area. For example, say you have three cards - an AMex, a Mastercard and a Visa. You use the Visa when you travel and for online purchases, but you never use the Amex or mastercard. You should be able to lock the amex and mastercard to only accept charges from, say, a 150 mile radius of your primary city. Any charges made to that card outside of that radius will be denied.
How does this work? Alittle bit about geographic profiling works. Essentially, what this software does is it assigns a weight to different attributes of a crime and based upon past crimes determines a probability that the crime was commited near someone's home or an area they know. Throwing in some additional variables such as where an individual works, what route they probably take to work, etc, helps identify a person's individual daily path. Throw in a couple more factors like how far most criminals go from home to comit a crime - i.e. bank robberies tend to happen at banks individuals don't know, further from home, though rapes and murders happen in areas people are more comfortable - near an area they know - so that if discovered they know where to run (read: no unexpected dead end roads, good alleyways etc). Without getting into the whole theory of why this is - basically its because someone near their home doesn't stand out, they've probably been seen on the street before, maybe a neighbor knows them, they dont pose a threat - and dont' look out of place. Think about yourself - if you had to go walking around alleyways to stake out a location to dump a body or commit a rape, would you feel more comfortable (and look less shady) in an area you know, or some place out of town? So take some basic variables - what was the crime? when was the crime? Now, take the location of your crimes and cross-reference it with just the areas that would match given crimes. You end up with an area of probability that usually circular in nature around each crime... as these areas intersect, you get "blotches" of red, yellow, orange, etc.. That done, start to take other factors into consideration. You probably don't have a database with everyone's job, route to work, schedule, etc - what you probably do have is income ranges and general demographic information for specific areas. (Ok so I mentioned all this stuff about individuals above, I'm getting there). Using that data, you can modify the predictions futher. For example, something like a string of gang shootings... There are several areas (chicago for one, im sure you can think of one near you) that have affluent or up-and-coming areas near or next to ghettos. For chicagoans, think near west side vs. cabrini greens. For those who don't know, 2 bd 2ba condos in near west side go for about $300,000 to $500,000. Go about five or six blocks down the road though and you'll run into section-8 housing. I'm getting to a point here, bear with me. Having run your first analysis, you may find that there was a gang shooting in the "nicer" area, but it isn't really likely the shooter is from there... more likely than not, he's from the crummier side a few blocks away. Up to this point, the system knows nothing about Street Y vs Street X. Street Y might be a few blocks from Street X, but STreet Y might be primarily a six figure area... This information exists - if not directly, it can be found through housing prices and general crime level. Ok, so now what? We have a big red blob that winds around. Feed the system the data on population type, ethnicity (yup. Not too PC, but its there), income, average age... etc. With this new info, it starts to eliminate or decrease the red areas, building a smaller search section. Now I'd talked about all those individual factors - I'm finally getting to them. Remember those? Where does person A work? Person B? What does this person do? (Truckers and transients dump bodies far away, most employeed people dump them near work or home) .... etc.
Usually in cases like these you have hundreds of leads. Everyone is followed up - some are easy to eliminate some don't really lead anywhere. Some sound like good potentials. Say you get a tip that joe shmoe did this crime. A quick check reveals he has no alibi for the time in question... does he fit the (geographic) profile?
Obviously, you are going to go see joe shmoe. You ask some pretty basic questions that sound pretty boring... where do you work? You drive to work? Take the bus? What time do you leave? Do you eat lunch at work or outside? Simple stuff. You bring it up in conversation like nothing was - and for the most part it isn't anything.
Pretty soon, you've got a list of 50 individuals who could all be involved. None of them have alibis, and you need to figure out who to focus on. Here we go again.
Your now narrowed red area can take into account what these people do, where they work, how do they get to work, etc. Put those in and usually, you end up with 10 individuals who fit the geographic pattern. Those are the ones you go see again. And again.
The rest? They don't fall off the radar, but you are no longer dedicating half your team to them. It's a game of probabilities. Now with your 10 "likelies", you've got the resources pointed in the right direction.
Combine this with an FBI Profile of an individual and you've taken your 10 and shaved off 3 or 4. Now, you've got a handful of people to really focus on. At this point, you've got your search warrant if you want it - no alibi, meets the profile, fits the area, etc.
The search warrants usually lead to a few more clues and narrow it down to one guy. Then you just got to figure out how to prove it was him. :)
(reposted since I did it as anon by accident)
Ok so people do sit around playing mp3s while screensavers kick in, but there are major problems with this scheme: [1] By *definition* you probably are NOT look at your computer when the screensaver is on. Thats just common sense. How many of you listen to music watching your screensaver? Not many. You might do something else while playing music, but you probably don't watch your starfield simulation. [2] Aint no way in hell students who have half a brain are going to stand for this 'You decide my screensaver' crap, and furthermore, how are people going to decide [3] Placing these things on a distributed network - which appears how this is going to work means that if this system ever gets hacked you've got a helluva joke you could play. "On Tuesday a picture of the dean making love to a donkey was sent to every screensaver on campus...." [4] Ads on computers rarely work. [5] This is a total invasion of privacy. If its distributed it means that your computer is running a client and grabs information from the server, which therefore means that the server knows what advertisement it just sent to your computer for you to see, which in turn means it probably knows what you've been clicking on. Tsk tsk.
Has anyone else thought about how stupid this is? Screensavers come on WHEN NO ONE is at the computer!