I’m very excited to discover that my friend Zach Brown is blogging again. Zach was one of a group of friends who introduced me to blogs in, maybe late ’99? Early 2000? He’d been on haitus, and I’m glad he’s back. But I realized that my excitement felt a little odd, and so I’ve been thinking about it.
About a year ago, I actually read Alvin Toffler’s Future Shock, which is a classic in the sense that everyone pretends to have read it. One of the themes that resonates with me is the psychological impact of of repeatedly changing jobs and cities, in leaving people with a lack of grounding in the place they live. Toffler discusses professionals who are more in touch with, and at home with, a distributed network of professional colleagues who they see at conferences than they are with their neighbors.
He also discusses the difficulties involved in staying in touch with increasingly scattered groups of friends, when the things we do to stay friends are harder to accomplish as it becomes hard to coordinate a group of friends to be in the same place at the same time.
I suspect that deep down, the psychological benefits of physical proximity for relationship management help people trump the awful commutes, taxes, and other disadvantages of living in Silicon Valley.
I can’t help but mention that Chris Allen has been writing quite insightfully about these issues in posts like “Dunbar Triage: Too Many Connections”
Arriving here, I’m forced to examine my excitement that Zach is blogging again. On the one hand, I am genuinely happy to have insight, however small, into his life. At the same time, I miss having dinner with him and others whose company I enjoyed in Montreal.
PS: I’ve discovered that an acquaintance has set up an Amazon Associates account to contribute to my Alma Mater. Does anyone know how I can construct book URLs so that they take advantage of that account?
Mayor Potter, a former Portland police chief, earlier this year requested that the federal government grant him, the police chief and the city attorney top-secret security clearance — the same as task force officers — so that city leaders could have access to case files and more frequent updates. Potter said he wanted the ability to monitor investigative activities involving the city’s officers in order to make sure they obeyed state laws barring them from monitoring people solely because of their religious or political beliefs.
This case raises major issues of democracy. If the people of Portland have seen fit to elect Mr. Potter Mayor, what gives the FBI the right to say he can’t do his job, which includes overseeing his employees?
(“Portland, FBI Unit to Part Ways” in the LA Times, Via CSO Magazine “Security Feed.” Badge from the impressive police badges collection at http://namtiti.free.fr/. )
As the trust and reliance people place in drivers licenses, the greater the incentive to get fraudulently issued ones. FoxNews reports on “Workers Charged With Taking Payoffs for IDs
” (via JihadWatch.)
“With a valid driver’s license, you establish an identity,” said Michael Garcia, assistant secretary of the Homeland Security Department.
The three Florida driver’s license examiners charged between $100 and $200 to falsely certify U.S. citizenship for the illegal immigrants, authorities said. Five accomplices recruited immigrants for up to $3,000 per license, officials said.
I have three comments: Firstly, I have an identity. Mr. Garcia demonstrates the stunningly introverted view of too many in law enforcement, that my identity stems from my documents, my existence in their databases, or the ability of those we used to call ‘civil servants’ to check my papers. My identity stems from me, not my papers.
Secondly, at $100 per false certification, it seems that there’s quite a supply of folks willing to wink and nod.
Finally, when the facilitators are making $3,000 and $200 is going to the fellow behind the counter, it becomes more clear why some people work for the state and others are entrepreneurs.
I’ve previously touched on this in posts like ““Economics of Fake IDs“, More on Nevada DMV” (about the truck crashing through the wall), or “SSNs and Drivers Licenses,” as well as a talk I gave at the Blackhat briefings, “Identity and Economics: Terrorism and Privacy.”
Since Choicepoint demonstrated that screening is hard, they’ve been repeating the phrase “We look forward to a national debate.” But at yesterday’s annual meeting, they once again failed to engage in that debate. The LA Times has an AP story “No Answers for ChoicePoint Shareholders” (Bugmenot, because no other paper has picked up the story, according to Google News.)
Or, The Atlanta Journal Constitution, “ChoicePoint boss deflects scam queries.” (Bugmenot)
In a quick and scripted annual shareholder meeting, ChoicePoint executives turned away any questions about the invasion of the company’s database by fraud artists.
But Smith said that because of investigations into the database scam, “we will not be taking questions relating to those matters in this annual meeting.”
It seems to me that understanding how management is handling these issues would be important to a shareholder.
But today, the chairman and chief executive of Alpharetta-based ChoicePoint is likely to get a feel for his standing on a smaller stage: whether he is held in esteem by ChoicePoint shareholders.
Lauren Waits, who oversaw ChoicePoint’s charitable giving program before leaving earlier this year, describes her former boss as a visionary who also can be intense and “quite hard on other people.” He has been impatient for government to act on ideas, such as storing DNA profiles on all felons in a central database that could be used to catch repeat offenders.
But the most difficult thing for ChoicePoint’s CEO hasn’t been the criticism or a grilling before Congress, said Rod Dowling, an investment banker who has worked with ChoicePoint. What Dowling said got to Smith most in the wake of the scam was that an Atlanta publication, Creative Loafing, published his home phone number and address.
That’s just a smidgen of the kind of information ChoicePoint supplies to clients every day. But Smith worried about his family’s safety and quickly changed his phone number, said Dowling, CEO of SunTrust Robinson Humphrey.
If only we could do the same when our data gets into untrustworthy hands.
From the Atlanta Journal Constitution, “Embattled CEO must take stage.”
“Proposed Legislation Limiting PI Access to Data“, Private Investigator News and Information provides the National Council of Investigation and Security Services’s roundup of legislation that would affect the private investigator business.
Naturally, the private investigators are up in arms; their job is about to be made a lot harder over something that wasn’t their fault.
1386 provides a huge incentive for companies to secure their systems, without restricting or constraining the way in which they should do so, leaving companies to choose the most effective way. This encourages innovation in defense, because should new, more effective defense strategies become available, companies are more likely to adopt them, whereas if they are restricted to using specific technologies and practices, they won’t be able to take advantage of new developments.
So, having said all that, my suggestion to the credit card companies would be to impose heavy penalties on merchants that get compromised, but not to specify what exactly those merchants should do to make themselves secure. And to offset the impact of losses, they should continue to incorporate the notion of quarterly scans by independent assessors, which is one of the few good things about the PCI Data Security Standard.
So writes Steven Hofmeyr in “The effect of legislation.” I’m in general agreement. I suspect that the 12 step programs being promoted by Visa and Mastercard are there because of demands from their smaller customers. Even larger customers would like to constrain their investment, by being told when they can stop spending on security to avoid fines from Visa or Mastercard.
A former employee of a Blockbuster video store in Washington, D.C., has been indicted on charges of stealing customers’ identities, then using them to buy more than $117,000 in trips, electronics and other goods. Miles N. Holloman is charged with stealing credit card numbers, Social Security numbers and other private financial information from the application files of 65 customers, then using the data to open retail store and credit card accounts.
(From The Washington Post, via Privacy.org.)
“The State Department seems to be putting down the purple Kool-Aid and looking at the serious problem this technology presents,” said Mr. Scannell, who runs an Internet site called RFIDKills.com; the first part of the name stands for radio frequency identification chips. “But no matter how much stuff you layer on the technology, it is still inappropriate.”
So says the New York Times, in “Bowing to Critics, U.S. to Alter Design of Electronic Passports.” So raise a glass and celebrate victory!
(Of course, these programs have a bad habit of coming back if we stop watching closely.)