Comments: Information Security enters deadly embrace with Social Networking

Why would you need another social network beyond PGP WoT? I have my photo and my contact details there. And also my relations.

Posted by Daniel Nagy at May 27, 2008 05:08 AM

In my daily life, I try to minimize the amount of unnecessary exposure to risk. Most security professionals do that. I avoid giving out personal details unless absolutely necessary. When asked for ID to enter a building, I give out my British driver's license, not my New York license. I started doing this after a few instances where I handed over my N.Y. ID only to have it scanned into a database without my permission. Once dipped into the scanner, my ID number and a whole host of other information were in a database of unknown security. Both British and N.Y. ID establish identity, but only the N.Y. ID number is used by U.S. banks as a unique individual identifier. Also, I doubt the British ID can be scanned in the same scanners.

I sometimes get asked for a Social Security number by someone who clearly has no valid reason to ask. The most ridiculous example of this was a neighborhood dry cleaner that used the SSN as a convenient "customer number" in its database. In cases like those, I provide a fake SSN (my phone number, minus one digit) -- easy to remember, useless if compromised. Less information about me floating around equals more security for my identity.

Posted by "Less is more (secure)" by Andreas M. Antonopoulos at May 28, 2008 09:20 AM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x56002d2df3e8) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.