WIDESPREAD INTERNET SECURITY PROBLEM
Moderators: Bookworm, starkruzr, MrFireDragon, PrettyPrincess, Wapsi
- GlytchMeister
- Posts: 3733
- Joined: Wed Oct 16, 2013 2:52 pm
- Location: Central Illinois
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
...I was just warning about a possible hack-mageddon, guys. If you wanna hash this out, may I request it be taken to PMs?
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
- AnotherFairportfan
- Posts: 6402
- Joined: Thu May 01, 2014 2:53 pm
Re: WIDESPREAD INTERNET SECURITY PROBLEM
As i said, i'm outta the discussion.GlytchMeister wrote:...I was just warning about a possible hack-mageddon, guys. If you wanna hash this out, may I request it be taken to PMs?
Proof Positive the world is not flat: If it were, cats would have pushed everything off the edge by now.
- GlytchMeister
- Posts: 3733
- Joined: Wed Oct 16, 2013 2:52 pm
- Location: Central Illinois
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Equifax was breached.
...
Check if your info was exposed here
Mine was. I'm furious. Absolutely fucking livid. Of all the companies to let themselves be breached, it was a fucking credit reporting agency? Fuck. They are offering 1 year of free credit monitoring. It costs money to freeze your credit (another recommended step) and I have to lift the freeze of I want to apply to a job or for a loan, which makes things difficult because I'M ALWAYS APPLYING FOR FUCKING JOBS. Is changing my SSN an option? I know it's probably a pain in the ass to accomplish but would it take care of my exposed SSN for good?
I want my shit safe NOW god damnit and I want it safer than some computer watching my credit. I want it, my identity, locked the fuck down.
I'm also gonna look into getting lifelock in addition to everything. This is horrid.
...
Check if your info was exposed here
Mine was. I'm furious. Absolutely fucking livid. Of all the companies to let themselves be breached, it was a fucking credit reporting agency? Fuck. They are offering 1 year of free credit monitoring. It costs money to freeze your credit (another recommended step) and I have to lift the freeze of I want to apply to a job or for a loan, which makes things difficult because I'M ALWAYS APPLYING FOR FUCKING JOBS. Is changing my SSN an option? I know it's probably a pain in the ass to accomplish but would it take care of my exposed SSN for good?
I want my shit safe NOW god damnit and I want it safer than some computer watching my credit. I want it, my identity, locked the fuck down.
I'm also gonna look into getting lifelock in addition to everything. This is horrid.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
Re: WIDESPREAD INTERNET SECURITY PROBLEM
At a minimum, change your PINs.
According to Reddit, the Equifax EULA to check your hack status includes a declination to sue. Loverly! Read carefully before you click....
According to Reddit, the Equifax EULA to check your hack status includes a declination to sue. Loverly! Read carefully before you click....
Don't let other peoples limitations become your constraints!
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
Re: WIDESPREAD INTERNET SECURITY PROBLEM
What I read on CNN, is that if you accept their offer for a free year of credit monitoring and reports, you would have been agreeing not to sue them concerning that free year of service... you'd have to accept binding arbitration if the free service isn't to your liking.Atomic wrote:At a minimum, change your PINs.
According to Reddit, the Equifax EULA to check your hack status includes a declination to sue. Loverly! Read carefully before you click....
The EULA language did not (according to what I read) prevent you from suing them concerning the privacy and security breach itself. I strongly suspect they realized they couldn't possibly get away with that.
And, they've now added language which permits you to opt out of the arbitration clause (you must do so fairly soon, and in writing).
I checked, and the checking site said that neither I or my wife Gwen was believed to have been affected. That's good news. It's been some years since we applied for any new credit and I suspect the breach may have affected mostly people who had had credit reports "pulled" within the last year or so.
I think I'm going to see about putting a long-term freeze on, at all three credit bureaus.
According to the SSA web site, they will assign a new SSN to a victim of identity theft if continuing to use the old number would cause that person to "continue to be disadvantaged". They don't say anything about being willing to issue a new number to a potential victim. Glytchmeister, you may have to wait until you can prove that someone is abusing the stolen information. Yeah, that sucks.
- AnotherFairportfan
- Posts: 6402
- Joined: Thu May 01, 2014 2:53 pm
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Thre execs sold $200 million in Equifax stock after tge breach was disckvered ... but BEFORE it was made public.
Proof Positive the world is not flat: If it were, cats would have pushed everything off the edge by now.
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Is that not considered insider trading?
There is no such thing as a science experiment gone wrong.
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Yeah... the company claims those execs had no knowledge of the breach at the time they sold their shares, but I suspect that's going to be a really difficult story to sell to the SEC and the courts.AnotherFairportfan wrote:Thre execs sold $200 million in Equifax stock after tge breach was disckvered ... but BEFORE it was made public.
Unless those execs can present convincing evidence that they'd actually given their brokers "sell" orders well before anyone in the company knew of the breach, they may be in for a huge world of personal hurt (and Equifax would likely refuse to participate in, or pay for their legal defense).
They may have to try the "Do you really think that we're actually that stupid?" defense.
If they knew... yes, it would probably be a textbook-quality example of insider trading. I've always been told that the SEC has absolutely no sense of humor about that sort of thing.Alkarii wrote:Is that not considered insider trading?
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Gentlemen, I have a message here from Dr. Evil. He's going to attack our holiday resort at Costa Del Phlab on Monday with laser sharks if we don't pony up ... One Milllllleon Dollars. Since our stock is at an all time high, I suggest we bail out now, take the hit, and buy back our stock after the attack. It should be at least 30% less. The profits should more than cover any remaining repairs after the insurance payoff. All those in favor?
Don't let other peoples limitations become your constraints!
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
Re: WIDESPREAD INTERNET SECURITY PROBLEM
"Umm... boss, do you happen to know the current price for a carton of cigarettes at the prisoners' exchange in Club Fed?"Atomic wrote:Gentlemen, I have a message here from Dr. Evil. He's going to attack our holiday resort at Costa Del Phlab on Monday with laser sharks if we don't pony up ... One Milllllleon Dollars. Since our stock is at an all time high, I suggest we bail out now, take the hit, and buy back our stock after the attack. It should be at least 30% less. The profits should more than cover any remaining repairs after the insurance payoff. All those in favor?
- GlytchMeister
- Posts: 3733
- Joined: Wed Oct 16, 2013 2:52 pm
- Location: Central Illinois
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
haha what the fuck is this bullshit?
Apparently the tool to see if your info was released is bogus. Al and I have both tested it and obtained the same results as seen in the article.
Apparently the tool to see if your info was released is bogus. Al and I have both tested it and obtained the same results as seen in the article.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
- GlytchMeister
- Posts: 3733
- Joined: Wed Oct 16, 2013 2:52 pm
- Location: Central Illinois
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
- jwhouk
- Posts: 6053
- Joined: Wed Aug 01, 2012 7:58 am
- Location: The Valley of the Sun, Arizona
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
"Character is what you are in the dark." - D.L. Moody
"You should never run from the voices in your head. That's how you give them power." - Jin
"You should never run from the voices in your head. That's how you give them power." - Jin
Re: WIDESPREAD INTERNET SECURITY PROBLEM
I would have been able to avoid the iPhone problem by accident, because I don't want one. As for the security devices with internet connectivity... Hasn't anyone else seen Live Free or Die Hard? Or any of the other cyber thriller movies that have come out in the past two or three decades? That movie Enemy of the State comes to mind.
Basically, if it connects to any outside network at all, it can be hacked. Kind of reminds me of all the times that one scammer kept calling me and saying they detected that my computer had a virus... And each time I'd responded with "Wow, it must be a pretty bad virus, if it can infect a computer that was never connected to the internet."
Basically, if it connects to any outside network at all, it can be hacked. Kind of reminds me of all the times that one scammer kept calling me and saying they detected that my computer had a virus... And each time I'd responded with "Wow, it must be a pretty bad virus, if it can infect a computer that was never connected to the internet."
There is no such thing as a science experiment gone wrong.
Re: WIDESPREAD INTERNET SECURITY PROBLEM
They refuse to put a new IOS on my i-devices, and then made it so that most of the apps out there won't run on it, because they only allow one app version on the I-store.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
Re: WIDESPREAD INTERNET SECURITY PROBLEM
The people who want the "Internet of Things" are obviously oblivious to ongoing events like the Internet of Unlocked Video Cameras, the Internet of Default Password Routers, and the Internet of Backdoor Rootkits.
Sign me up for one of those Do-It-Yourself Root Canal things, won't cha?
Sign me up for one of those Do-It-Yourself Root Canal things, won't cha?
Don't let other peoples limitations become your constraints!
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Frankly, the internet of default password routers aren't a problem. I haven't seen a router for 10+ years that allowed external access by default. The ones that are a problem are the Internet Of Abandoned Network Devices, which the manufacturers won't support because their money is in forcing people to buy new ones, rather than fixing the security holes.Atomic wrote: ↑Tue Dec 04, 2018 5:41 pm The people who want the "Internet of Things" are obviously oblivious to ongoing events like the Internet of Unlocked Video Cameras, the Internet of Default Password Routers, and the Internet of Backdoor Rootkits.
Sign me up for one of those Do-It-Yourself Root Canal things, won't cha?
I write passwords on top of my customer's equipment. I tell them straight out - if someone needs it, it's there. If someone you don't want access has it in their hands, you have other problems.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Lifelock won't do much.GlytchMeister wrote: ↑Fri Sep 08, 2017 9:45 pm Is changing my SSN an option? I know it's probably a pain in the ass to accomplish but would it take care of my exposed SSN for good?
Anyway - only replying to this because I believe you _can_ get your SS number changed. I don't know the steps, but I do know they make it a PITA.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
- GlytchMeister
- Posts: 3733
- Joined: Wed Oct 16, 2013 2:52 pm
- Location: Central Illinois
- Contact:
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Yeah, looked into them both. Life lock basically just keeps an eye on your shit for you and has a guarantee and lawyers.
Changing SSN requires that it has actually been stolen and used, not merely compromised. Which is bullshit.
Changing SSN requires that it has actually been stolen and used, not merely compromised. Which is bullshit.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
Re: WIDESPREAD INTERNET SECURITY PROBLEM
Well, of course they make it hard to change SSNs. For a good reason. They are in danger of running out of numbers.
SSNs are 9-digit numbers.
The population of the US is also a 9-digit number. As it was when Social Security started in 1935 - about 127 million then, 328 million early this year. That's, as a first approximation, 455 million out of 1 billion possible SSNs occupied.
(That approximation done by assuming that everyone alive in the US in 1935 got an SSN and then died, and everyone now alive in the US has an SSN. Some inaccuracies: not everyone at either time got/has an SSN; some people alive in 1935 are still alive; there are people who were born or immigrated to the US, and got an SSN, and are already dead so would not be included in either count.)
However... every corporation registered in the US gets a federal tax ID number. It's also 9 digits. There are lots of forms where the person filling them out enters their SSN or corporate tax ID - without indicating which sort of number it is. The numbers come out of the same pool. And there are LOTS of corporations. My efforts to quantify "lots" have so far been fruitless, but I'd be surprised if it's less than 50 million currently operating or at least technically in existence with at least another 75 million that have lost registration (actually died) since Social Security started.
And the method of assigning Social Security and tax ID numbers leaves the likelihood that there will be holes - blocks of numbers that, unless they change the assignment method, will probably NEVER be assigned to anyone. Further depleting the pool.
Now... when a person (or corporation) dies, how long should the system wait before reassigning their SSN to someone else? I'd think a nice long time would be good.
Frankly, they need to revise the system to use longer SSNs. Which need not be strictly numeric, but must be designed to be easily remembered.
And doing that, and getting every computer application and database in the country that uses SSNs updated, is going to make the fuss over the Y2K bug look like small potatoes.
SSNs are 9-digit numbers.
The population of the US is also a 9-digit number. As it was when Social Security started in 1935 - about 127 million then, 328 million early this year. That's, as a first approximation, 455 million out of 1 billion possible SSNs occupied.
(That approximation done by assuming that everyone alive in the US in 1935 got an SSN and then died, and everyone now alive in the US has an SSN. Some inaccuracies: not everyone at either time got/has an SSN; some people alive in 1935 are still alive; there are people who were born or immigrated to the US, and got an SSN, and are already dead so would not be included in either count.)
However... every corporation registered in the US gets a federal tax ID number. It's also 9 digits. There are lots of forms where the person filling them out enters their SSN or corporate tax ID - without indicating which sort of number it is. The numbers come out of the same pool. And there are LOTS of corporations. My efforts to quantify "lots" have so far been fruitless, but I'd be surprised if it's less than 50 million currently operating or at least technically in existence with at least another 75 million that have lost registration (actually died) since Social Security started.
And the method of assigning Social Security and tax ID numbers leaves the likelihood that there will be holes - blocks of numbers that, unless they change the assignment method, will probably NEVER be assigned to anyone. Further depleting the pool.
Now... when a person (or corporation) dies, how long should the system wait before reassigning their SSN to someone else? I'd think a nice long time would be good.
Frankly, they need to revise the system to use longer SSNs. Which need not be strictly numeric, but must be designed to be easily remembered.
And doing that, and getting every computer application and database in the country that uses SSNs updated, is going to make the fuss over the Y2K bug look like small potatoes.