What’s going on with the latest rash of online password thefts? What is the thrill in posting this information on the internets? Is possessing the passwords of other people an ego boost or a public rant against insecure information stored on the web?
First LinkedIn, then eHarmony, and now possibly Last.fm. As the number of sites falling victim to password hackers continues to grow, the questions are flooding in: are these incidents all connected? And, perhaps more importantly, who’s next?
1Password also makes it dead nut simple to login to a service and change your password if your account is somehow compromised by the very business you’ve given your personal information and faith over to in exchange for a sacred covenant that they will rigorously protect the proprietary information you share with them.
I’m still not sure I understand the thrill of breaking into a company’s website and downloading personal information and then posting it to the internet. When I get an email like this from UNL.edu, I cringe as I, once again, have to put another credit alert on my life:
On Wednesday night, May 23, a security breach of the University of Nebraska’s university-wide student information system, NeSIS, was detected. In addition to information for current students, parents, employees and applicants, NeSIS contains Social Security numbers, date of birth and academic records for past students who attended the University of Nebraska. (Records go back to 1985 for UNL, 1986 for UNO, 1990 for UNK, 2004 for NCTA, and Fall 2010 for UNMC.) A small percentage of past students also have bank account information, driver’s license or tax ID numbers associated with their student account.
… Local law enforcement and the FBI are also involved in the investigation and have identified a student they believe is responsible for the incident.
Our lives are quickly becoming a dizzying set of identifying numbers: Own the digits, become the person. I’m not sure how good that method of virtual personhood is because it takes common sense out of the security game.
Will TRU-ID make us safer, or even more digitized for future exploitation by rogue motivators?
Judge Paul Innes of Mercer County Superior Court today upheld a temporary restraining order obtained by the ACLU-NJ to suspend TRU-ID, New Jersey’s implementation of the federal Real ID Act. This decision means that New Jersey citizens who do not wish to comply with TRU-ID may opt to obtain their licenses using the existing 6-point ID system instead, at least until a more complete hearing for a preliminary injunction scheduled for August 3. The ACLU-NJ expects the State to appeal today’s ruling.
The more complex we make our security requirements, the longer the paper trail we leave billowing behind us, and that makes a clearer path for the disinvited to enter our lives and become us. Once they’re inside the system with full access to the bytes of us, the more bit-by-bits they will be believed on the outside that they are us. We cling to the quaint notion that “Digitized Truth” can never be impeached or impounded because we need to pretend the processes of us are impenetrable. The reality of a corrupt national security system examples another truth.