[LINK] facebook code leak and privacy concerns

Craig Sanders cas at taz.net.au
Tue Aug 14 15:04:43 AEST 2007


On Tue, Aug 14, 2007 at 12:42:45PM +1000, Brendan Scott wrote:
> Jan Whitaker wrote:
> > http://www.guardian.co.uk/technology/2007/aug/13/internet Facebook's
> > code leak raises fears of fraud
> 
> Further down it says:
> 
> > Neil Munroe, external affairs director at Equifax, said: "More and
> > more consumers are signing up to these sites every day and chances
> > are they'll put on their date of birth, location, email, job and
> > marital status. Fraudsters can use this information to steal an
> > individual's identity and open accounts in their name."

sounds like the pot calling the kettle black. credit reference agencies
are one of the biggest sources of identity data being stolen. they're
worried because the higher visibility of identity theft these days is
making people much more aware about their personal information (which CR
scumbags trade in) and much more careful about who they give their info
to.

of course, people are still willing to enter competitions (whose sole
purpose is to gather personal data for marketing) and "flybuys" and
similar programs (whose purpose is to bypass the anti-snooping laws for
EFT transactions) - just give them a chance to buy incredibly useful
must-have items like a silver-plated nose-hair clipper for 10,000 reward
points.


> 
> This is something which confuses me.  If someone is going to commit an
> identity theft fraud, why do they need to have an identity to steal?
> That is, why do they need a victim, why don't they just forge the
> whole kit and kaboodle?

because an identity for a 20/30/40/whatever year old fraudster that has
no record of existing before a few months ago isnt very convincing. it's
much easier to get government ID (e.g. birth certificate, passport) for
someone who actually exists than for a completely made up name.

also because part of what is being stolen IS the credit history /
reputation of the ID-theft victim. and in some cases, they steal/spend
the victim's money, or use their existing credit cards etc.

and because people are lazy. if someone checking an identity can see
that the ID has a long transaction history, they'll assume that someone
else has done all the necessary checking and do a much less thorough job
themselves.

craig

-- 
craig sanders <cas at taz.net.au>

I wouldn't recommend sex, drugs or insanity for everyone, but they've
always worked for me.
		-- Hunter S. Thompson



More information about the Link mailing list