Search This Blog

Monday, July 30, 2007


DUMBING DOWN ON PRIVACY


Because there are so many data breaches and otherwise dim-witted things happening in the identity crisis issue, I have decided to lump a few together to try and emphasize just how wide-spread this problem is getting. Starting off, there was an incident where a subcontractor of St. Vincent Indianapolis Hospital made 51,000 patients’ names, addresses and Social Security numbers available on the Internet for a supposed “brief” period of time. If they really knew how long, they should say. But then, Fred Cate, director of The Center for Applied Cybersecurity Research at Indiana University, made an astounding statement: “For the people whose data were involved, statistically they can sleep well tonight,” based on his earlier comment that “such incidents almost never result in actual identity theft.” Completely irresponsible since we really don’t know how these data thefts will play out in the future. Next, the consumer takes front and center in a survey on data security by Vontu and Ponemon Institute of online buying habits. It seems that 36 percent of you responders said you wouldn’t use your credit card for purchases from Web merchants you don’t know. Duh…should be 100 percent. Then 45 percent of you said you wouldn’t provide your Social Security number to a Web site. Double duh…should be 100 percent. The first, Ok, maybe something you want real bad, but your SS#? Have you been in the closet recently? Finally, the iPhone craze came to a startling realization recently with the release from a group of researchers who were intentionally trying to find ways to exploit the new device. Right out the door, the attacker took control of the instrument through a flaw in the Safari browser that runs on the phone. A second exploit forced the phone into some trivial functions, but the same attack could be used to take over the communications of the device. The research team, Independent Security Evaluators, said, “there are serious problems with the design and implementation of security on the iPhone.”

No comments: