upcoming talk at BH: I Just Found 10 Million SSNs

[security curmudgeon <jericho () attrition org>]

https://www.blackhat.com/html/bh-usa-09/bh-usa-09-speakers.html#Acquisti

Alessandro Acquisti
I Just Found 10 Million SSNs

Social Security numbers (SSNs) were created in the 1930s as identifiers 
for accounts tracking individual earnings. Over time,they started being 
used (and abused) as sensitive authenticators. Hence, they became one of 
the pieces of information most often sought by identity thieves. To 
respond to growing concerns with SSN over-exposure and counter the rise of 
identity theft, policy makers have encouraged individuals to keep their 
SSNs safe and confidential, and, more recently, enacted legislation to 
reduce their public availability. But what if even well-meaning consumers 
may provably be unable protect their SSNs, and legislative initiatives 
aimed at reducing their availability may in fact backfire? We will examine 
the possibility that SSNs may be more predictable than currently 
acknowledged, and discuss the unintended consequences of policy 
initiatives in the area of identity theft prevention.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php