funsec mailing list archives
Re: [privacy] More of the Truth: VA Data Theft Hit 80%Of ActiveMilitary
From: "Andrew Blair" <Andrew.Blair () genmills com>
Date: Wed, 7 Jun 2006 15:11:26 -0500
I completely agree with redirecting the externalities and financial liability to those who have the power to make things better, but in this case I have a hard time believing it would matter. A corporation is one thing, but non-shareholder driven entities are different. How do you use financial penalties or liability against a government agency with little/no budget? There has to be a way to get protection up for government agencies, but in their case I don't believe that financial liability is the answer (all it would do is increase the national debt even more... though at this point what's a few billion more, eh?). It is a systemic problem as well. Credit card companies need to stop accepting ripped up and re-assembled with invisible tape applications, and the credit granting and verification systems as a whole need to be improved. This problem is not on the data collectors alone. Andy B -----Original Message----- From: Dave Dittrich [mailto:dittrich () u washington edu] Sent: Wednesday, June 07, 2006 2:14 PM To: Young, Keith Cc: privacy () whitestar linuxbox org Subject: Re: [privacy] More of the Truth: VA Data Theft Hit 80%Of ActiveMilitary I can't stand this. I just saw a TV "news" report on this incident, which quoted some silly ID theft prevention company (who is probably drooling over the money they're going to make from this and other incidents.) Their top three recommendations: 1. Buy a shredder 2. Protect your children (who's IDs may be stolen) 3. Watch your credit report. So 1 and 2 have absolutely NOTHING to do with this incident, and why should anyone (especially active duty military personnel) HAVE to spend time watching their credit report to make sure that whoever stole this data doesn't use it? I can't wait for someone to come up with a "Support the Troops" movement that results in pressuring Congress to change laws about how hard it is for someone to prevent being a victim of ID theft and to put the costs on those who lose our data. Young, Keith wrote:
Ok, can you imagine being the poor shnook that stole this laptop thinking he could get $200 bucks for it in a pawnshop or elsewhere?I'd bet that the stolen laptop from his Aspen Hill home (in Montgomery County) was sold at one of our fine pawnshops long before this incident was in the news. Remember, there was a couple week lag between the theft and when this hit the papers... --Keith Keith Young, Security Official Department of Technology Services Montgomery County, Maryland phone - (240) 777-2955 _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
-- Dave Dittrich Information Assurance Researcher, dittrich () u washington edu The iSchool http://staff.washington.edu/dittrich University of Washington PGP key http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint FE97 0C57 0843 F3EB 49A1 0CD0 8E0C D0BE C838 CCB5 _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
Current thread:
- Re: [privacy] More of the Truth: VA Data Theft Hit 80%Of ActiveMilitary Andrew Blair (Jun 07)