University of Florida Leaks 11,000 Social Security Numbers Online
By jonathan | July 4, 2008
“The University of Florida is sending letters to more than 11,000 current and former students to notify them that their Social Security numbers, names and addresses were accidentally posted online.”
June 10th, 2008 via WWSB ABC News
Popularity: 4% [?]
Topics: Identity Theft | No Comments »
Anonymous Prepaid Credit Card Options
By jonathan | December 30, 2007
PLEASE READ - UPDATE - July 6th, 2008: This post has been merged into a page. Please go here for the full information: http://www.theprivacyguy.com/anonymous-credit-debit-cards
So here’s the list of Prepaid Credit Cards I will be investigating and detailing the conditions and requirements:
- GreenDot
- WebSecret
- Vanilla Visa
- Privacash
- All-Access Gift Card
- Simon Gift Card
If anyone can think of anymore I should review, please let me know. Reviews on the above cards coming in January. I’m afraid however the news won’t be good. Most cards all appear to be checking for SSN’s and verifying them due to the Patriot Act.
I’ll keep you posted.
Popularity: 26% [?]
Topics: Anonymity, Patriot Act, Surveillance | 1 Comment »
How To Stay Out Of Government Databases
By jonathan | October 10, 2007
Many of you already know that I am an avid reader and supporter of Michael Hampton’s Homeland Stupidity. I’ve used his blog entries in my own posts in the past and I’ve come across another article I want to share. “How to stay out of government databases” is a neat article that Michael wrote back in July of 2007. It’s kind of a brief, high level HOWTO with some suggestions and ideas on how to stay low and off the governmental radar per se.
You may find many of Michael’s suggestions can’t be implemented in your own personal life without significant lifestyle changes, but don’t be discouraged just yet. This article can serve more as a general guide and as a good reminder of how we need to change our thinking and question every time someone - commercial or government - asks for information from us. No matter how small or unimportant a certain tidbit of information may seem to be at the time, you can be assured that it is being requested for a reason. A reason that
may or may not be supported by legitimate necessity.
Popularity: 16% [?]
Topics: Government | No Comments »
Facebook Profiles Now Public
By jonathan | September 27, 2007
For those of you who might have missed the announcement (like my wife), Facebook has opened up their site to external search engines like Google and Yahoo earlier this month. What does this mean to you? Not a whole lot except now when someone types in your name to a search engine, they might be able to find your Facebook profile. However, they will only see a limited public profile like the one below.
There is no immediate cause for concern as there won’t be a huge amount of information available. However, for me personally, I don’t want any part of my Facebook profile indexed. So to ensure that your profile does not become available to the major search engines you can disable that feature by going to the Search Privacy page in your Facebook profile.
For more detailed instructions check out this blog posting from Of Zen and Computing.
Popularity: 16% [?]
Topics: Facebook | No Comments »
TD Ameritrade Hacked
By jonathan | September 14, 2007
Word coming out a couple hours ago on the AP Newswire (via MSNBC) that TD Ameritrade has been hacked and information has been compromised.
Bad news:
Information such as email addresses, names, addresses and phone numbers was retrieved from this database and affects TD AMERITRADE retail and institutional clients.
Good news:
Client assets held in accounts with the Company remain secure as UserIDs, personal identification numbers and passwords were not stored in this particular database.
MSNBC Article: Some TD Ameritrade info stolen
TD Ameritrade Press Release
Popularity: 16% [?]
Topics: Corporate, Identity Theft | 1 Comment »
PassPub - Random Password Generator
By jonathan | July 10, 2007
Almost a month ago I received an email from Martin Wright, creator of PassPub. He was telling me a little bit about his new web based SSL password generator. I promised him I would take a look. Well Martin, sorry for the delay, but I’m finally getting around to checking out PassPub.
PassPub is a cool little website that allows you to generate all kinds of unique passwords. I do some private consulting and sometimes I need to come up with a new, unique password. Whether it’s a new WPA key or a router password I need, PassPub is extremely helpful for these types of situations.
PassPub offers predefined templates for creating passwords. It can create a random 6, 8, 10 or 12 character password. It can also create 64 and 128 bit WEP keys, as well as 256-bit WPA keys all with a single click.
For those times when you need a memorable, but still hard to guess password, there is a section entitled “Memorable Passwords” with a few cool choices. My favorite option from this section is the “Mnemonic” generator. This option creates an easy to read password, with alternate vowels and consonants and an appended 3 digit suffix. I like this one because usually it’s a lot easier for me to read and therefore easier to remember, but still hard to guess. I generally use Mnemonic when changing my login password for my PC, especially since I do that every 45 days. The Memorable Passwords section also offers password generators using keyboard combinations as well as chemical elements symbols that can be extremely useful as well.
As a personal example, when I’m configuring a new router or firewall password, this is when I use the standard 10 or 12 character password generator. I use this option because I want a very hard to guess, random password. Plus, I won’t be typing it in often, so I can afford to have one that’s not easy to remember.
Now many of you are probably asking why would I waste my time going to this website when I can just come up with some random letters and numerics on my own? This was the same reaction I first had when I looked at Martin’s product. However, I always try to commit to using a new program or application for a couple weeks before I totally disregard it, and I have to say that PassPub has come in very handy. You may find it’s not a great tool for your arsenal, but others might. I do know you need to check it out and decide for yourself. Thanks for a cool new tool Martin!
PassPub - Strong Passwords, Uniquely Generated
Popularity: 24% [?]
Topics: Password | No Comments »
Caller ID Spoofing to be Made Illegal
By jonathan | June 29, 2007
Just saw a very interesting article come across my RSS feed from Slashdot. Senate Bill S. 704 is currently being entertained in a Congressional subcommittee right now. This bill serves as an amendment to The Communications Act of 1934 that would make “manipulation of caller identification information” illegal. This means services like SpoofCard and FoneFaker would quickly become illegal. Illegal at a cost of up to $10,000 per violation.
This amendment was introduced in February of this year by Sen. Bill Nelson (D-FL) and is known as the Truth in Caller ID Act of 2007. The summary is as follows:
Truth in Caller ID Act of 2007 - Amends the Communications Act of 1934 to make it unlawful for any person in the United States, in connection with any telecommunications service or Internet protocol (IP)-enabled voice service, to cause any caller identification (ID) service to transmit misleading or inaccurate caller ID information, unless such transmission is exempted in connection with: (1) authorized activities of law enforcement agencies; or (2) a court order specifically authorizing the use of caller ID manipulation.
Provides civil and criminal penalties for violations. Allows for enforcement by states (with authorized intervention by the Federal Communications Commission (FCC)).
While this piece of legislation isn’t a really big blow to privacy or a violation of our civil liberties or freedoms, it does raise a couple questions. If I block my Caller ID is that illegal? This could be good or bad considering who you talk to.
Also, why is the responsibility on the citizen as opposed to the telecommunications company that ALLOWS caller ID manipulation? What about the telecom carriers? Shouldn’t this bill be directed at them as well? While the end result would really be the same –no more spoofed caller ID– it would at least hold the telecom companies accountable. So now, just as we were teaching people to not always trust a person because of what shows up on their caller ID, that may be changing. People will go back to assuming caller ID is always accurate since the government has laws against manipulating it.
And finally, is this the best use of our federal government? Since I am huge proponent of smaller, limited government and favor state’s rights, this is yet another really pointless piece of legislation. As usual, it will keep the honest people honest, and the criminals will continue to spoof caller ID as they wish. It’s the way it always is and always will be.
What do you guys think? Is this a good piece of legislation or not? Does it even really matter?
Popularity: 29% [?]
Topics: Government | 11 Comments »
Direct Login Feature in Clipperz
By jonathan | June 28, 2007
One really awesome feature I did not cover in my previous review of the Online Password Manager, Clipperz, was their Direct Login feature. This is a feature that allows you to configure Clipperz to automatically log you in to various websites with a single click.
When I first signed up for Clipperz I did not use this feature at all. However, upon Marco’s suggestion that I should really try them out, I decided I would take a look. The first account I configured for Direct Login was one of my bank accounts. It was extremely easy to configure in Clipperz and within a couple minutes I had one-click login access to my bank account. I’m VERY sold on Direct Logins. I immediately started adding any other accounts that I could. Be forewarned, Direct Logins do not work for every site. I had a couple they would not work for, but that’s a minor inconvenience.
Clipperz definitely has a one up over PassPack in this area. Everyone knows I’m a PassPack evangelist because of it’s lightweight feel and it’s blazing speed. However, I also love Clipperz for it’s multi-field cards that can store custom data, not just usernames and passwords.
The solution to this multi-password-manager dilemma? I have accounts at both places. And to be honest, it will remain that way for as long as Clipperz is the only one with Direct Login.
Popularity: 22% [?]
Topics: Password | No Comments »
a.K.a Card Update
By jonathan | June 28, 2007
I received a letter in the mail from the bank that issues the a.K.a Card requesting more information from me. They asked me for a copy of my driver’s license, a W-2 from last year showing my gross income, and then an employment history. When I first received I was a bit taken aback. This seemed like a lot of information to be giving up for an anonymous card, but I had to remember the bank has to know who I am. And from my earlier post there are two main roads you can go down in the privacy-aware lifestyle:
- Seek complete anonymity
- Seek to avoid identity theft
The latter of the two is what the a.K.a card accomplishes, while it’s not bullet proof for complete anonymity, since real addresses have to be used even on the alternate identity of the a.K.a Card. Plus the bank has a slew of information so that it can verify me and issue me a revolving credit card. This is NOT an anonymous credit/debit card like Vanilla Visa and others.
Either way, I’ll be filling this out and submitting the information this weekend. I’ll keep everyone updated.
Popularity: 27% [?]
Topics: Anonymity, Identity Theft | No Comments »
The a.K.a Card
By jonathan | June 25, 2007
I was contacted the other day by a nice woman from The a.K.a Card. She was contacting me to inform me about their product that offers “Total Anonymity, Privacy and Freedom”: the a.K.a Card. In a nutshell what it is is a credit card you apply for and upon approval are sent a card that has two identities. One is your real identity that you used when you applied for the credit card and the other is one you make up and use when purchase items online. They have a pretty decent explanation here and their FAQ can be found here. Currently, a.K.a Card is running an introductory special where you can sign up for $9.99/month or $99.99/yr. Normally I think the price is $14.99/month.
So what does this service offer? When you go to shop online and you put in your credit card information, sometimes you don’t know just how securely the merchant on the other end will protect your information. Even if they do everything they can, sometimes mistakes are made, or accidents happen and servers and databases get hacked. With a.K.a Card when you buy online, you give the merchant your alternate identity with a totally different name, address and card number. The theory is that if or when the merchant is compromised, the attacker doesn’t walk away with your real credit card number or even real name.
So you’ve heard me talk about anonymous prepaid credit/debit cards before, however this is different. The goal with the a.K.a Card is to prevent identity theft. I see a couple problems though that I hope to get ironed out either by speaking with the folks at a.K.a Card or someone posting a comment on here.
The first problem is that if the merchant requires the billing and shipping address to match then that could be a problem if your address for the alternate identity is not an address where you can receive mail. For example, I set up my alternate address as 123 Nowhere St., but I want my goods sent to 505 Somewhere Ln., then that may not jive.
Second problem is the alternate name. I think it’s awesome you can assign any name you want for an alternate identity, but what if the address you’re receiving your merchandise at doesn’t know you by your fake name? For instance in the scenario presented on a.K.a’s website, “Melissa Miller” is telling us how she uses her card. She uses the pseudonym of “Jane Freedom” and she also uses her office address as the alternate address. Let’s say Melissa/Jane orders some brand new shoes from an online vendor and has them shipped to her work address since the merchant will only ship to the billing address. The shoes show up at her office and the mail room employees try to look up “Jane Freedom” in their directory seeing as how they don’t know what floor Ms. Freedom sits on. Well, guess what? There’s no Jane Freedom at that company. Hrm. You see where I’m going with this.
I really, really want to like all products out there that even remotely seem to help in the defense of identity theft and defense of privacy. However, do I see the a.K.a Card as something that I would pay $9.99/month for, much less $14.99/month? I’ll soon find out as I’m going to be applying for one later today (hopefully I’ll be approved) and then will attempt to test it out. I feel actually trying out the product I’m reviewing is the only fair way to write a decent review about it.
I’d really love to hear any comments from anyone else who looks at this product. What do you think? Is it worth it? Anyone got some great ideas on how to utilize this card?
Popularity: 31% [?]
Topics: Anonymity, Identity Theft | 6 Comments »