[Novalug] importance of SSN

John Warren jpwarren00@gmail.com
Sun Jul 12 07:51:54 EDT 2015


Shame has less to do with compromising someone than you might think.  The
fallout from this hack will not be good, but we may never know the full
extent of the damage.

On Sun, Jul 12, 2015, 07:24 greg pryzby <greg@pryzby.org> wrote:

> First, of you are ashamed of something or are trying to keep a secret,
> should you really have the clearance? The idea is tell the government so
> you can't be blackmailed. Sure I have done things but if called on them I
> would admit.
>
> For information it is easier to steal than mainsail. This hack is proof.
>
> This is a fail and compromise in many levels. The  security threat from
> the hack is TBD
>
> On Sun, Jul 12, 2015, 7:17 AM John Warren via Novalug <
> novalug@firemountain.net> wrote:
>
>> > A SSBI is the government's "risk assessment" of empowering you with
>> > information.  Most notably, an evaluation of what could be used
>> > against you by foreign or otherwise "unfriendly" organization to
>> > "compromise" you.
>>
>> Exactly, the information lost is like a guide book for blackmailing or
>> turning someone.  The worst part is the SSBI's on political figures who
>> would fail to get a clearance normally but get exemption due to political
>> process.  Most of our intelligence agencies and high level politicians are
>> now extremely vulnerable to foreign coercion.  This really was on the
>> level
>> of a cyber warfare Hiroshima  It's like we just lost a cyber war with
>> China.
>>
>> On Sun, Jul 12, 2015 at 3:41 AM Jon LaBadie via Novalug <
>> novalug@firemountain.net> wrote:
>>
>> > On Sun, Jul 12, 2015 at 02:30:53AM -0400, Bryan J Smith wrote:
>> > > Jon LaBadie wrote:
>> > > > The post-presentation discussion at today's meeting about
>> > > > the massive federal personnel database breach got me
>> > > > wondering about SSNs.
>> > >
>> > > Huh?  The last thing anyone in the OPM is worried about is their SSN.
>> > > But more on that in my "P.S." **
>> >
>> > The comments were about how there are many non-employee and non-security
>> > clearance applicants that may be affected.  Their names and SSNs may
>> > have been listed in the db peripherally.  Perhaps via the SSBI you note
>> > athough I did not hear that phrase.
>> >
>> > >
>> > > > Can the impact of such breaches
>> > > > be lessened by somehow reducing the importance of SSNs
>> > > > as an identification factor?
>> > >
>> > > You mean like the way the original US Federal Law was written
>> > > _outlawing_ it from being used like an Identification Number and could
>> > > only be used _solely_ for drawing from the Social Security investment
>> > > program?  ;)
>> > >
>> >
>> > Yeah, IIRC every SS card clearly states
>> > "not to be used for identification"   :((
>> >
>> > > The reality is that it doesn't matter what the number is named or
>> > > otherwised used for.  Whatever number the US government uses to
>> > > identify Americans will be stored all over the place, and will be
>> > > leaked via various avenues.
>> > >
>> > What I'm asking assumes the id will be leaked.  I'd like to know
>> > if there are ways to lessen the impact.
>> >
>> > Just one example.  You shouldn't be able to go to my bank armed
>> > with just my name and SSN and withdraw my money.  Account numbers
>> > should be needed too.  Yet it is too easy to speak with a teller,
>> > manager, or phone assistant and get them to say "what is your SSN,
>> > I'll look that up".
>> >
>> > So, asking a different way, what can someone do knowing just a
>> > name and SSN?  And, are there ways to minimize that capability?
>> >
>> > jl
>> > --
>> > Jon H. LaBadie                  novalugml@jgcomp.com
>> >  11226 South Shore Rd           (703) 787-0688 (H)
>> >  Reston, VA  20190              (703) 935-6720 (C)
>> > **********************************************************************
>> > The Novalug mailing list is hosted by firemountain.net.
>> >
>> > To unsubscribe or change delivery options:
>> > http://www.firemountain.net/mailman/listinfo/novalug
>> >
>> **********************************************************************
>> The Novalug mailing list is hosted by firemountain.net.
>>
>> To unsubscribe or change delivery options:
>> http://www.firemountain.net/mailman/listinfo/novalug
>>
> --
> greg pryzby                              greg at pryzby dot org
> http://www.linkedin.com/in/gpryzby
>
> SOCIAL MEDIA: gpryzby
> PHOTOS: http://lonetrikerphotography.tumblr.com/
>



More information about the Novalug mailing list