North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Stanford Hack Exposes 10,000

  • From: Jay R. Ashworth
  • Date: Wed May 25 20:51:03 2005

On Thu, May 26, 2005 at 09:49:06AM +0930, Mark Newton wrote:
> On Wed, May 25, 2005 at 05:12:18PM -0700, Adam McKenna wrote:
>  > On Wed, May 25, 2005 at 11:59:17PM +0000, Fergie (Paul Ferguson) wrote:
>  > > Yet another unfortunate disclosure...
>  > > http://www.techweb.com/showArticle.jhtml?articleID=163701121
>  > 
>  > I wonder when schools are going to get the hint and stop using SSN's as ID
>  > numbers..
> 
> Around about whenever the US Federal Government gets the hint and
> passes a bill which makes it illegal to use social security numbers
> for any purpose other than the administration of social security.

Though that isn't the major problem.

<ot record="broken">
The major problem, as has been pointed out in Privacy and RISKS digests
in the past dozens of times, is that people persist in using as
authenticators things (like SSN's, Mother's Maiden Name, etc) which are
patently not suitable for that.
</ot>

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Designer                          Baylink                             RFC 2100
Ashworth & Associates        The Things I Think                        '87 e24
St Petersburg FL USA      http://baylink.pitas.com             +1 727 647 1274

      If you can read this... thank a system administrator.  Or two.  --me