I guess that sounds kind of strong. What I was trying to say was just that it's not the security of social networking sites that is the issue. What the author was pointing out was how much personal info can be gleaned from what a person posts on those sites, even if they don't post the information directly. To me, this is the scariest part (emphasis mine):Originally Posted by RoadToad
"Even more unnerving to privacy advocates is the work of two researchers from Carnegie Mellon University. In a paper published last year, Alessandro Acquisti and Ralph Gross reported that they could accurately predict the full, nine-digit Social Security numbers for 8.5 percent of the people born in the United States between 1989 and 2003 — nearly five million individuals.
Social Security numbers are prized by identity thieves because they are used both as identifiers and to authenticate banking, credit card and other transactions.
The Carnegie Mellon researchers used publicly available information from many sources, including profiles on social networks, to narrow their search for two pieces of data crucial to identifying people — birthdates and city or state of birth.
That helped them figure out the first three digits of each Social Security number, which the government had assigned by location. The remaining six digits had been assigned through methods the government didn’t disclose, although they were related to when the person applied for the number. The researchers used projections about those applications as well as other public data, like the Social Security numbers of dead people, and then ran repeated cycles of statistical correlation and inference to partly re-engineer the government’s number-assignment system."
I assume these researchers are honest, but if they can do it, then so can the crooks. So if you've ever wished someone a happy birthday online, or posted information about your own (both of which I admint I have done), then you may have just given aid to an identity thief.
Reply With Quote