The Ashley Madison data breach was such a disaster for the company because it saved its customers' real names and credit card numbers. It didn't have to do it this way. It could have processed the credit card information, given the user access, and then deleted all identifying information. To be sure, it would have been a different company. It would have had less revenue, because it couldn't charge users a monthly recurring fee.
This seems to me the wrong way to solve the problem. The crazy thing about credit cards, social security numbers, and bank account numbers is that these numbers are supposed to be kept secret and private, and yet you need to constantly give them out to people. Everyone you write a check to gets your bank account number, every place you buy from gets a credit card number. This is insane.
The right way to solve this is that Visa and Master Card need to develop a standard to make super easy to generate a unique payment number everytime you make an online purchase. Then that should be built in as a browser extension or component. So I browse to a site, click to pay with my Visa card, and Visa automatically generates a unique code for that site and fills it in on the form.
Also it is insane that someone can steal my identity by simply knowing my social security card. The right way to solve this would be to have an indentity provider that has a short 10 second video of myself on file. Then, when I want to sign up for a credit card or bank account, I take a 10 second video of myself using my cell phone, granting approval to open the account. A staffer at the credit card company then compares the video with the video on file with the identity provider, and verifies that it matches. The identify provider also sends a message to an email address or mobile number on file, so that I am alerted that someone is opening an account in my name. Using these two simple safe guards, identity theft would be much, much harder. A video recording of a person is very hard to fake, much harder to fake than a signature.
A final key innovation would be if email providers would make it super-easy to generate aliases per site. I do this myself manually with fastmail, but if there was a simple browser extension that would automatically create an alias and fill in a form, that would be great, because I could have a unique address that all funnels into one place, for everything I sign up to.
>The right way to solve this would be to have an indentity provider that has a short 10 second video of myself on file. Then, when I want to sign up for a credit card or bank account, I take a 10 second video of myself using my cell phone, granting approval to open the account
What should those of us without smartphones do? Not to mention that this seems trivial, if not easier to break. I can find the target on Facebook and use a faceswap program to generate a video that looks good enough so that the $9.50/hr worker spending all day comparing faces, who doesn't quite care enough, accepts the video.
Is this a US specific thing? Why would you need to keep your SSN and bank account number private?
Ok, I know US citizens are not automatically given ID cards, so if everybody takes the SSN you give them at face value, I get that.
I don't understand the bank account especially. Like I have some automatically deducted monthly payments, but I remember I needed to specifically authorize the receiving account to be able to ask for the money with my bank.
With cards,the standards are starting to get there, i.e: I can enable with my bank that every time I use the card for internet payment, I need to confirm my identity with code they send me in sms. As far as I know, I could ask for different second factor of authentification, I know my dad has standard rsa token.
Unfortunately I had problem using this with some foreign site (I think it was Amazon?), so I had to disable it. I live in Czech Republic.
> Is this a US specific thing? Why would you need to keep your SSN and bank account number private?
For SSN, if you have good credit, you a SSN and a name is basically all that's needed to open a new account connected to your general credit record. If the account was opened in your name without your consent, it's a lot of work to get it disassociated from you.
For bank account numbers, most payments are processed through the 'automated clearing house', which is fancy check clearing. In the old days, maybe your bank would look at the check presented and return it without payment if they could tell it wasn't legitimate / your signature wasn't right. With an electronic withdrawl, there's not really any information provided to them to check anything.
The automatic withdrawal system has always seemed ridiculous to me because it inverts the dependency chain for my finances but still provides no one any guarantee they get their money.
It's a constant pain that there isn't a common standard scripting language for finances so I can automate this stuff sensibly.
If as a merchant you want something that works now, you can use Stripe - send identifying credit card info directly to Stripe without holding on to it yourself, and then ask it for a persistent customer ID that you can repeatedly charge.
You could still retrieve some identifying information through their API, but if you keep your account credentials somewhere separate from your database it's less likely for an attacker to get both.
I think you have identified better solutions than the current ones. What is more interesting is that many underlying processes already exist, for example any gmail address can be "customized" by adding "+<string>" to the end, Google ignores the +string and delivers it anyway. You can then filter on email sent to the +string value. Not everyone however accepts an email with + in the name part. Paypal has the ability to send you out to Paypal to authorize a payment, the vendor never sees your banking details. Their API works well and could be adopted by any bank if they chose. At Blekko we separated queries from IP addresses, from userid (if they were logged in). You could do it, still get ranking training data from it, and be completely unable to turn over "the last week of searches from this IP" to federal agencies. That was driven by the CTO.
So at the end of the day there is a lot of things which make data toxic easily avoidable, and it takes people at the company willing to invest in making the data "non-toxic" and to some extent non-useful to people outside the company.
> Not everyone however accepts an email with + in the name part.
It's beyond this. MOST email address forms won't accept a '+'. I had to change the extension character to '_' on my server because it's the only non-alphabetic character that everybody seems to accept.
That is an excellent solution as well. Qmail was pre-configured to work with '-' in the user string. But the use of subdomains would work as long as you could meet things like the Google DKIM checks.
Paypal is not a solution. They send my paypal email address to every merchant which is no different from the POV of fraud then sending any other identifying info. That's one thing I liked about Google Checkout, they had the option to send a one time email address.
Around here, the local payment system is inverted: the site generates a code for your order, and the user instructs their own bank to send money to that code.
That said, many banks - including in the US - can already generate single-use virtual CC numbers.
The right way to solve this is that Visa and Master Card need to develop a standard to make super easy to generate a unique payment number everytime you make an online purchase. Then that should be built in as a browser extension or component. So I browse to a site, click to pay with my Visa card, and Visa automatically generates a unique code for that site and fills it in on the form.
Blur[0] from Abine has this in their premium version. I have used it, and overall it worked well, but I had some password syncing issues and stopped using it.
A final key innovation would be if email providers would make it super-easy to generate aliases per site. I do this myself manually with fastmail, but if there was a simple browser extension that would automatically create an alias and fill in a form, that would be great, because I could have a unique address that all funnels into one place, for everything I sign up to.
Something like this can be done on FastMail using a catchall alias[1], but it requires a custom domain, and the domain could be used to link all the accounts to you.
I'm experimenting with it, but what happens when I forget a password and the email I used to sign up for it? A password manager is an option for that, but they have their own problems.
Edit: FastMail also has subdomain addressing[2]. I believe it works with all of the FastMail provided domains.
There's an interesting concept in here that governments should consider registering a personal identity TLD under their country codes, and just make it policy that everyone gets a unique one under their legal name + a word or phrase to avoid collisions.
Virtual credit card numbers have been around since the late 90s. Adoption has been essentially 0 because the UX sucks and credit card fraud is not the consumer's problem.
It is the consumer's problem for me. Because I travel a lot I get charges denied because the card company's computer decides the charge looks suspisious. I have to spend 20-40 minutes dealing with it on top of which I lose hotel reservations (last room available->charge denied->20-40 minutes to resolve->room gone) or I'm standing in a line to buy something, charge denied. Now I have to go somewhere quiet to spend the 20-40 minutes to resolve. Then get back in line. This happens about once a every 2 months. It's super annoying.
It's infuriating there's any chance for fraud at all when it seems like a solveable problem in 2015
Bank of America and Citi have virtual credit card numbers on a least some of their cards. I don't use it cause, why? It's a pain point to log in and generate a new one when I could just open up my password number and copy/paste the CC number. Especially when paying with PayPal or a site I've bought from before and already have my CC saved and I can just select it. It doesn't really effect me if someone steals my CC, I just call up the bank and they reverse unauthorized charges and send me a new one.
I always found it weird that in order to for my company to put money in my account electronically, they apparently need enough information to take money out. Why are these not two different levels of security?
There are already secure solutions today. When i make an online payment with my visa card with a new vendor based in my country, i get directed to the card issuer's website where i need to enter a one time code generated by putting the card in a keypad (which my bank issued), entering a starter code and my pincode and then reading the generated number off the keypad's display. Without the physical card and pincode no purchase from a new vendor is possible. In the physical store i need to input card and pin to use the secure chip on the card to sign the transaction.
Of course, then i go to the US and any random hobo on the street can charge me with just the card number and a scribble. The problem isn't that credit card companies don't know how to get rid of card fraud, it's that their customers like the convenience too much and won't let them do it.
The same thing for identity theft. In my country opening a bank account or getting a loan requires an id card, which is government issued and contains a digital certificate protected by a personal pin. Unless someone steals that card and knows your pin, they can't steal your identity.
These are easily solved problems. The reason they're not solved in the US is because the people won't allow them to be, or at least banks and government perceive it as such.
> The right way to solve this is that Visa and Master Card need to develop a standard to make super easy to generate a unique payment number everytime you make an online purchase. Then that should be built in as a browser extension or component.
There was a mechanism from the 1990s to do online payments without giving the merchant a reusable secret identifier.
With regard to SSN, the real issue is that it is used as both an identifier and as an authenticator. It's fine as an identifier, but authenticating with a number that anyone can steal (and yet, perversely, is difficult to replace with a new number) is terrible. I agree with your suggestion of some kind of biometric type authenticator, whether it be a video, retina scan, fingerprint, or some combination thereof.
Some payment gateways offer "gateway recurring billing" where the credit card data is stored at the gateway not on your most likely less secure servers. Ashley Madison could have done that and avoided some of the damage from the breach.
Most mobile payment solutions today operate on top of Tokens, with MasterCard, Visa, and Amex serving as Token Service Providers. Tokens appear similarly to current credit card numbers (not distinguishable in some cases). Each token is a unique number used for a payment, which the TSP then links to the card on file / credit card number. Merchants only ever have access to the Token.
Android Pay, that succeeded Google Wallet, uses such tokens.
If books and blueprints for advanced technology were available, I wonder what is the potential for leapfrogging technologies. So instead of burning coal to power steam factories, we could skip straight to powering electric generators via dams and turbines. Water power fortunately is not going anywhere, and provides a considerable amount of electricity.
The big issue is energy for transportation and for growing crops. I wonder what the prospects for things like switchgrass based ethanol are. I see promising news reports, but nothing has come of it yet.
Dams = concrete, concrete = a whole lotta cement and other energy inputs; concrete production is one of our big unsung CO2 emission sources right now.
Turbines and generators = refined metal, including copper (dynamo windings) and steel (turbine blades) -- again, lots of energy required.
Okay, we can back it off a level and go for water wheels in rivers -- a Roman to mediaeval technology -- driving the dynamos; but it's still not going to work without refined metals (energy intensive) and waterproof insulators, which means gutta-percha or rubber or refined organic polymers -- all of which mean long-haul shipping or again, energy-intensive chemical industry.
These obstacles aren't insuperable, as long as we don't get knocked back to dark ages/monasteries preserving books and knowledge but no actual lights-on/wheels-turning infrastructure. If we get knocked back that far in a post-carbon-extraction world, it'd be devilishly hard to build back up again.
No, it is much easier than you'd think. Energy breeds energy. You start with a smaller energy source, use it to extract resources and make parts for the bigger energy generator, rinse, repeat.
Wind turbines and small hydroelectric dams are simple. Megaprojects are harder, but it is easy to start small and extend from here. It is easy to make electric energy, and with enough electricity, everything is possible.
Oil drilling is one of the most technologically advanced industries that exist, if not the most, and the existence of such technology is predicated (currently) upon the existence of globally-available cheap energy. Non-oil-based development would likely hit a ceiling where there just isn't enough energy to progress long before you could recreate such an elaborate system.
We only burn oil for energy because it is dirt cheap (yes, thanks to the economy of scale). Electricity can be produced by many other ways if oil becomes too expensive for that.
I hope we can agree that inequality of opportunity is an intrinsically bad thing.
If parents are allowed to invest in their own children, then inherently, you have inequality of opportunity, since parents have different means and will invest different amounts.
while at the same time worrying about a system that allows Harvard attendees like Mark Zuckerberg to do that but provides virtually no opportunity for students at Orr Academy High School in Lawndale to get to Harvard
If Harvard accepted 10X as many students, it would not be Harvard. If Harvard accepted students based on a lottery, it would not be Harvard. Other than increase financial aid even more, it is not clear what additional actions Harvard could do to increase equality of opportunity, that it is not already doing.
Where I'm from (Ontario) there are not very many private elementary or high schools- some, yes, but not many. A good friend of mine went to one, and his parents paid something like $20k per year for him to have that extras opportunity. He's a smart guy, and maybe his schooling was part of that.
But the reason there aren't that many is that the public sector schools are pretty good. Not perfect, but pretty good compared to what we see in many American states. Teachers jobs are hard to get because they're paid well (and yes, they have a strong union, but let's not derail this point into an argument about their merits). As a result there are very diminishing returns on private schools for kids, and so they aren't so common.
What this means is that most kids are being given an equal opportunity, the same strong education, at the cost of slightly higher taxes. We accept that, generally.
The choices when it comes to left or right leaning policies come down to how much society in general invests in children's future vs how much each parent must invest in their own child's future. When you push too far to the right, the entirety of the child's future is based on how much the parent can invest- and when that happens, we have inequality of opportunity.
There are 230 private primary and secondary schools in Ontario, most of them are lakeward.
I attended four TDSB schools and I must say, they were pretty awful.
Thankfully I got out of that system before high school. I might have gotten involved with the gangs and hard drug trade associated with my nearest high school.
Imagine that you are a little behind in soccer ability. You never played soccer in high school or college, you are not the most athletic person. Now in your 20s you want to sign up for a soccer league. The local league has multiple divisions for different ability levels. What do you do? Do you sign up for the highest, so that you can be exposed to great play? Or do you sign up for the division that matches your own ability? The answer for most people is obvious. You sign up for the division that matches your own ability. If you sign up for a top-level league, no one will pass the ball, and when you get the ball, you'll have it taken away so fast you won't have a chance to get better.
The idea that the best way to help someone who is behind, is to put them with those farthest ahead, is completely insane. Yet that has been the policy behind affirmative action, behind integration-via-fiat, and behind eliminating tracking in grade school. It is not helpful to be in classes with people who are far ahead of you, as you won't get the practice on the basic, foundational topics that you need. You will be lost, and then fall even further behind. On the other hand, if you are grouped with people of your own ability, you have the opportunity to work hard, be among the best in the class, and feel much greater personal satisfaction. (See again how many nerds who despised gym class end up later liking casual ultimate frisbee games -- such games among people of similar ability level ends up being a lot more fun).
I liked SpiderOak a lot for its security, but sadly, it was never very reliable as a backup or sync service. I spent more time troubleshooting and rebuilding databases and clearing serverside caches and so forth in 8 months there than I have in almost 5 years of other services. And because of that, I never really felt like I could trust it as a backup.
Also, realize that SO is a poor substitute for Dropbox, as it's only really a backup service. Although it includes a sync option which works passably, the moment you access your files from a mobile device, you upload your keys to the server, and zero-knowledge goes poof. And even if you're willing to give that up, I've never met a mobile app which allowed you to access and manipulate files in the ways Dropbox does. You can do some basic "share just this file" stuff, but it's a very different product.
I really hope that was just because I was on it when they were growing massively due to the NSA leaks, but sadly, for me, they were a textbook example of "Great idea, bad execution".
> Another benefit of SpiderOak is that they de-duplicate your data, so you may end up using less space on SpiderOak than you do on your own machine.
This benefit soon disappears due to two reasons:
1. If your files change, SpiderOak saves versions of them indefinitely, with each taking up space (of course, all the deltas and stuff). There is no simple way to set it up so that file versions older than X days/years get deleted. The SpiderOak client is completely useless if you want to delete older versions of files because you'd have to wade through all your directories and subdirectories looking for files with multiple versions.
2. The SpiderOak client has also been buggy and ends up creating file versions of unchanged files too (like photos you may have saved once on your computer and never touched). So there's no easy way for you to get to specific places where files have several versions stored and do some cleanup.
This cleanup of older versions matters a lot more if you have a smaller account quota, lesser free space on your account, and you're not willing to pay for the $129 a year 1TB option that is heavily pushed (compared to the other tiers) by skewed pricing on SpiderOak's part.
Overall, SpiderOak is still better though. Dropbox is more dishonest in its approach to deduplication. Dropbox dedpulicates data across user accounts (so if you and I store the same free eBook from Project Gutenberg on our Dropbox accounts, Dropbox saves only one copy) and deduplicates data within your user account for files you may have replicated across folders. But in both the cases it treats your space quota as if deduplication is not done at all, effectively charging you for more than the space you're actually using.
Dunno about SpiderOak, but the way Tarsnap does it, is that as blocks are encrypted and uploaded, the client keeps metadata about them locally (presumably an hash, size, etc). Then that metadata is also encrypted and uploaded to the server. When it wants to upload more blocks, it just looks at that metadata and skips duplicated blocks, updating only the metadata to point to the existing block.
You can share files with other people, similar to the way you can with Dropbox. That might indicate that encryption is done per-file (which is actually a little less secure, so who knows).
I haven't researched it, but it could work like this: scan the local machine, find duplicates, upload unique files, and then create links to any place a file is duplicated. It all happens locally, so only encrypted data is ever uploaded. Some tiny bit of info about the structure of the file system might be transferred and known by SpiderOak, but I can't conceive of a situation where that matters.
Isn't this the case in most societies? My sense from history is that is only acceptable for men to cry at extreme events -- such as death of a wife/child/brother, or the loss of a kingdom. The other common trope for crying is if a peasant or low-level official is begging the forgiveness from a king who is about to terminate him. But in the modern society such tragedies happen less often. I cannot think of a time in my own adult life when crying would have been justified.
Actually, I my understanding is its perfectly acceptable in many Middle-Eastern countries for men to cry openly. They'll also hold another mans hand while having a conversation with him apparently.
"But, more seriously, as a counter, I've spent most of my adult life trying to be less 'manly' and more male (xy-chromosomer )."
Out of curiosity, what does that mean? Were you getting in bar fights or what?
I've spent time trying to become more manly in some ways. I started lifting weights, speaking with my deeper vocal cords rather than head voice, having a bit more of a sense of command, learning how to dish it back or take it in stride if someone gives me some jocular ribbing (rather than getting defensive or avoiding that person), not being whiny under any circumstances, etc. I think that modern western culture overly feminizes men, and it has been a good experience for myself to try to be more masculine.
Yep - lots of fighting - bar fights, street fights, amongst other things (at least as a kid).
I turned 40 this year, so it could be an age thing. When I was 20, I probably seemed more similar to you. At least, I was certainly motivated by similar things. I lifted a lot of weights (when I maxed out I weighed around 230 lb), etc. and really identified with masculinity and various male roles.
When I say being more male, I'm not talking about being more 'feminine' (which would just be the opposite), just more Human. For instance, in the past, I would (subconsciously) say to myself, 'what is the right thing to do as a brother, father, son, husband, man?'. Now, I say, 'what actions should I take so that I enjoy my life, the people I care about, the ideas I believe in, etc.?'
As a younger man and husband (28) who is struggling to find his own way, I find that saying "what actions should I take so that I enjoy my life, the people I care about, the ideas I believe in, etc.?", and following through with it, takes a lot of mental and emotional fortitude that must be built up and trained. I believe that having the self-respect to make a decision based on what you truly want, and then standing firm as everyone in your life fights against it, is something that is very masculine, though not exclusively masculine.
I have an iPad Air 2 and use it every day. My main use cases:
1. Reading. I love reading the old, free PDF books available from Google books and archive.org. The OCR doesn't work well, so you really need to read the original scanned image version, which requires a big screen and a fast enough processor (a phone or older model tablet won't cut it). I also moved from using my Kindle to the iPad for reading ebooks, since it is much faster to thumb through the repetitive parts of non-fiction books using the iPad.
2. Playing games with my girlfriend. Our favorite date activity is going to a bar or hanging out on the patio, having a drink, and cooperatively playing some trivia or puzzle game on the iPad.
I previously had a Nexus 10, but it was too slow to read scanned PDF's and it crashed all the time. The iPad Air 2 is much, much better.
One of the most valuable startup skills is to know which kind of debt has a low interest rate and which kind of technical debt has a high interest rate. Certain things - lack of tests, poor build system, poor deploy system, very poorly structured code - have a very high interest rate. Every time you create bugs, you waste time tracking it down and fixing it. Every time you check something in that breaks the dev environment for the rest of the team, you create bugs. On the other hand, messy code that is isolated to one system, or an architecture that has a bit of copy and paste, are usually not too big of a deal. Going on some deep dive to create some "generalized framework solution" is almost always an error.
Some people talk about Reversible Decisions, and I think what you're saying plays into that sentiment.
Unfortunately some people don't realize that in many situations not making a decision is itself a decision, and so they don't always notice it when it happens. That can be anything from the ones you mentioned, like testing and tools, to authentication, auditing, localization, robust error handling, resource/memory leaks, or monolithic designs that prevent scaling.
This seems to me the wrong way to solve the problem. The crazy thing about credit cards, social security numbers, and bank account numbers is that these numbers are supposed to be kept secret and private, and yet you need to constantly give them out to people. Everyone you write a check to gets your bank account number, every place you buy from gets a credit card number. This is insane.
The right way to solve this is that Visa and Master Card need to develop a standard to make super easy to generate a unique payment number everytime you make an online purchase. Then that should be built in as a browser extension or component. So I browse to a site, click to pay with my Visa card, and Visa automatically generates a unique code for that site and fills it in on the form.
Also it is insane that someone can steal my identity by simply knowing my social security card. The right way to solve this would be to have an indentity provider that has a short 10 second video of myself on file. Then, when I want to sign up for a credit card or bank account, I take a 10 second video of myself using my cell phone, granting approval to open the account. A staffer at the credit card company then compares the video with the video on file with the identity provider, and verifies that it matches. The identify provider also sends a message to an email address or mobile number on file, so that I am alerted that someone is opening an account in my name. Using these two simple safe guards, identity theft would be much, much harder. A video recording of a person is very hard to fake, much harder to fake than a signature.
A final key innovation would be if email providers would make it super-easy to generate aliases per site. I do this myself manually with fastmail, but if there was a simple browser extension that would automatically create an alias and fill in a form, that would be great, because I could have a unique address that all funnels into one place, for everything I sign up to.