Identity Theft? That’s Been Outsourced, Too

There’s been a lot of attention paid to “pretexting”,the practice of posing as someone else in order to gain access to their personal data, lately in the wake of the HP scandal. However, a British TV program has shown that there’s more than one way to skin the identity fraud cat, as an undercover reporter was offered the personal details of 100,000 UK bank customers, stolen by offshore call-center workers.

The knee-jerk reaction is simply to point the finger at outsourcing and offshoring, but they’re largely irrelevant to the situation. Lax corporate security and indifferent attitudes towards data breaches certainly aren’t restricted to a particular country, industry or line of work, so the suggestion that banks and other companies that allow offshored workers access to personal financial information could simply solve the problem by bringing outsourced functions back in-house is inaccurate.

Quite clearly, many companies’ security policies are inadequate, unenforced or nonexistent, whether for in-house employees or external suppliers, and there’s currently little motivation for them to take the problem seriously. Whether data is kept internally or shared with offshore workers doesn’t really seem to matter — it doesn’t appear particularly secure either way.

Chinese Hackers Hit Commerce Department

The Bureau of Industry and Security (BIS), a branch of the Commerce Department, has sustained several successful attacks. Chinese hackers were able to gain access to its computers and install rootkits and other malware.”

From the Information Week article:

“This is the second major attack originating in China that’s been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain’s National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K.”

I’m getting more and more concerned that the US Government does nothing to ensure the security of our records. I don’t know why they don’t move forward on making our federal computer systems failsafe.

Digital voter fraud is here

This morning, the House Administration Committee held a hearing on legislation to require auditable, voter-verified paper trials for electronic voting machines, such as those manufactured by Diebold.

 

The hearing featured a demonstration by Princeton University professor Dr. Edward Felten, showing how easily such machines can be tampered with. Felten, along with two graduate students, wrote a paper, earlier this year, for the Center for Information Technology Policy, that details who easy it was to hack the Diebold machine and change the outcome of an election. Felten and his two associates set up the machine for an election between George Washington and Benedict Arnold. All three voted for Washington (good choice!) But the machine tabulated only one vote for Washington but two for Arnold.

 

This can be done in a way, Felten says, so that the virus is completely undetectable, and can be set up to generate results that won’t be questioned. If the virus is designed to give 55% of the vote to the winner, the loser is unlikely to question the results, and without a paper record, the result can’t be audited. Felten later explained that because of the way boards of elections typically set up the machines, a virus can be introduced into one, via its memory card, and then many more machines can be contaminated as the rest of the machines are set up. Very scary indeed.

Rather than prohibit the use of such machines, altogether, Rep. Rush Holt (D-N.J.), along with 215 co-sponsors, is supporting legislation that would provide that voters have the opportunity to verify the accuracy of their recorded vote, require that all voting systems produce a voter-verified paper record, ban the use of undisclosed software and wireless devices in voting systems, require random unannounced, had count audits, among other measures.

 

“Voters need to be confident of the central act of their democracy, and voter confidence is unraveling,” he said. The last six years have brought us example after example, in state after state, of the problems caused by unverifiable voting machines.”

In addition to the voting machines bill, Holt in the House and Senators Barbara Boxer (D-Calif.), Russ Feingold (D-Wisc.) and Christopher Dodd (D-Conn.) introduced emergency legislation on Sept. 26 to authorize Federal funding to the states for the printing of paper ballots to be available for voters in case of problems with the electronic voting machines. Boxer told the New York Times that “If someone asks for a paper ballot they ought to be able to have it.” Neither Holt’s voting machine bill, nor the Boxer bill appear to have much chance of enactment, this year, however.

 

It’s not hard to see why the Republican leadership in the Congress is not very interested in moving these bills. The Diebold machines would make what Karl Rove managed to pull off in 2000 in Florida and in 2004 in Ohio much easier and much harder to detect. And that’s why these machines should be banned altogether. Even without fraud, they can malfunction in other ways and screw up your election, just as happened in Montgomery County, Maryland during the Sept. 12 primary, when malfunctions in both voting machines and the electronic voter roles left many people unable to vote.

Rep. Rush Holt (D-N.J.) advocates for paper trails from electronic voting machines. To his left is Dr. Edward Felten of Princeton University.

Parenting teens in the days of MySpace

I’ve written before about MySpace and that I allow my teens to have pages on this site, despite my reservations. I do so because I am ever vigilent about watching their pages, questioning anything I think is inappropriate, and deleting friends I don’t want them talking to. I’m extremely careful and I talk about adding new friends and giving out personal information all the time. My kids roll their eyes they’ve heard it so much. But evidentally not quite enough.

Today I was checking my daughter’s page while she was in school. First I went through her inbox to see any new messages. She has several, from some guy I’ve never heard of, and a couple of them are really inappropriate. So I looked at his site and there are 6 pages of women and no men at all in his friends list. Plus, quite a few of the women are scantily clad and a bit too sexy for my taste. They guy identifies himself as 23 years old. I’m really not happy.

I contacted MySpace and reported him as a predator. I contacted the police and reported him as a predator. The police are taking it seriously enough to come over and get the printouts of his mail to the Girl. They’re going to be watching his space carefully. I also sent him a message telling him I was reporting him to both the police and to MySpace and not to contact my daughter any more. She is no longer on his friend’s page, either.

But what upsets me the most is that when the Girl came home and I questioned her about this guy, she told me a friend of hers is in love with him, and that he’s been to our house to pick up said friend. Her friend is 13, too. OMG, I’m so upset it’s beyond pissed and angry. This is bothering me to the core of my being.

I deleted this guy and blocked him from my daughter’s site. But the bad thing is, unknowingly she gave him WAY too much information as to where her friend lives now, and now to get in touch with her. I don’t think she meant to, and she says that he’s a ‘nice guy’, like all predators are. She just doesn’t get the whole predator thing at all, despite watching Dateline shows on this very topic over and over. She thinks that because her friend knows him in real life, he’s OK. Even when I showed her the latest mail from him asking about her sexual preferences. She’s 13. I don’t think she needs to be asked this by anyone, never mind some 23 year old creepy guy on MySpace.

I so want to delete her page, but she is using it appropriately 99.9% of the time. She made a bad error in judgement, one that involved the police and her friend’s parents. Hopefully she’ll learn from her mistakes. If not, the page goes.

Update: About 2 hours later, after I had talked to her about this, this jackass emailed her thru MySpace again. AGAIN. First he responded to my email telling him to leave my kid alone with this ditty:

” I might also add that a bitter old lady should really mind her own business and allow her daughter to become a person, not just a posession that you monitor. “

Then the Girl writes back, idiot that she is:

” THANK YOU. want to tell her that. but i really am sorry and i like totally cried ova this “

He responds to her mail:

” HAHA, Im sorry, I know your mom is just looking out for you, but i dont think your profile says ur 13 anyway does it? i thought it said a bit older, but dont worry, im a nice guy, I assume mxxxxx told you some stuff about me so….ya, thatd be good lol. so how was ur day otherwise??? “

Then she writes back:

“if i were u, i would nt message me, but if u want to talk to me, tell some to message me and tell them to tell me to message u back. i can message u and we can talk that way but u shouldnt message me first. did that make any sence?”

And he responds:

“it would make more sense if you just had an email address lol???”

At which point I catch her in the act and go ballistic. I emailed him this:

“How fricking stupid are you? I told you to leave my child alone. I’ve reported you to the police. YOU STOP HARASSING MY CHILD NOW. NOT ONE MORE WORD. NOTHING. You are a predator and a real sicko. She’s 13. Mxxxxx is also 13. I’ve contacted her Mom, and she isn’t happy. Either you stay far away or I’ll be forced to have the police take immediate action.

DO NOT RESPOND.”

So, I again blocked him from her site (yahoo to MySpace for ignoring me the first time), copied all the emails for the police to pick up tomorrow morning, and banned her from the computer unless I am sitting with her. She told me she felt badly that she just left this jackass hanging. She STILL thinks he is a nice guy.

I called her friend’s parents to let them know, and found that her mother had already reported this guy and called the FBI. And still he goes on.
I haven’t yet pulled down her page, but the computer is now password protected and she cannot get on it without my knowing. Heh.

I fricking HATE THIS.