Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

An 'Ethical Hacker' On Protecting Your Identity 159

qwqwss writes "Canada.com is running an article by Terry Cutler, a 'certified Ethical Hacker', who wants to get the word out to people on protecting their identities from a growing number of risks. The piece covers shopping online, keeping your personal information contained, and avenues of inquiry if your identity is stolen."
This discussion has been archived. No new comments can be posted.

An 'Ethical Hacker' On Protecting Your Identity

Comments Filter:
  • by Riding Spinners ( 994836 ) on Monday August 14, 2006 @06:17PM (#15906950)

    1-888-567-8688

    Call this one number to opt out of all three bureaus. You can protect yourself from identity theft by taking your name off of the credit bureaus mailing lists. The credit bureaus are one of the biggest offender when it comes to selling your name and information to the credit card companies who in turn send you all those pre-approved applications. One call to the Opt Out Request Line (for Equifax, TransUnion, Experian and Consumer Credit Associates) is all it takes to permanently remove your name from all marketing lists that the credit agencies supply to direct marketers. You can also opt for a two-year period, renewing your request at any time in the future.

    Identity theft certainly happens on the Internet, but it's the old-fashioned cons that usually get your SSN and such. Put your paranoia in the right place. Please.

    • by Jah-Wren Ryel ( 80510 ) on Monday August 14, 2006 @06:32PM (#15907040)
      One call to the Opt Out Request Line is all it takes to permanently remove your name from all marketing lists that the credit agencies supply to direct marketers.
      And get your name on the "high-value" target list they sell to everyone else, and the "has something to hide" list they sell to the NSA.

      Seriously, it is so bogus that in order to "opt out" you have to hand over your personal info -- SSN, address, full name - to the very same people who are abusing that info in the first place. Somehow I just don't trust them to keep it safe and never figure out a new way to abuse it for their own gain.

      A real opt-out list would be maintained by a 3rd party with contractual and legal penalties for distributing your personal info. Then the agencies would be required send their lists to the 3rd who would filter out the people who have opted out. That way, even if the agencies were to reverse engineer the list by comparing before-and-afters, they would not know anything about the people whom they missed because they were never on the first list, nor would they get any sort of corrective information (like updated address, corrected spelling of names, etc).

      Hell, while I am dreaming, these lists would be opt-in to start with and we wouldn't have these problems.
      • by Anonymous Coward
        If they didn't have that information in the first place, how could they sell it?

        I believe that they ask for that information for two reasons.

        1. To keep people from being able to easily unsubscribe other people.
        2. So that they can match future incoming data with records of who should be excluded to avoid accidentally re-including you when they are not supposed to.
      • by Eivind ( 15695 ) <eivindorama@gmail.com> on Tuesday August 15, 2006 @01:19AM (#15908468) Homepage
        Thats pretty close to how it works in Norway. For marketing of any sort adressed directly to you. There is a single govnerment-maintained list where you can opt to not receive direct marketing.

        Companies that do direct marketing send their lists in, and get them back without those persons who have opted out. They learn nothing new about you in the process, other than the fact that you've opted out.

        For electronic marketing (email, sms, fax) it's opt-in rather than opt-out. In other words, they cannot legally do it unless you've given prior, informed consent to that. The logic is that this in this type of marketing, the recipient typically pays a large part of the cost. Marketers are less likely to abuse say paper-based marketing as that actually costs them to print and distribute. (compare the quality of the marketing in the average paper-based marketing and the average spam you receive to see what I mean..)

        For unadressed "distributed to all" marketing there's a small sticker you can put on your mailbox, and you won't get any.

        In short, you can eliminate receiving any marketing by following 3 simple steps:

        • Register yourself to opt-out of direct marketing. (one phone-call or one visit to the opt-out list [brreg.no].
        • Do not agree to receive direct marketing when companies ask.
        • Get a small sticker and put it on your mailbox.
      • A real opt-out list would be maintained by a 3rd party with contractual and legal penalties for distributing your personal info.

        I've often maintained the most powerful tool would be for ordinary citizens to claim copyrights on correlated collections of personal information. Then, individuals would be permitted to pursue all the penalties that the *AA organizations do for unauthorized distribution of Britney Spears songs and Owen Wilson movies.

      • "And get your name on the "high-value" target list they sell to everyone else, and the "has something to hide" list they sell to the NSA."

        Paranoia -- The Word

        Paranoia is a term used by mental health specialists to describe suspiciousness (or mistrust) that is either highly exaggerated or not warranted at all. The word is often used in everyday conversation, often in anger, often incorrectly. Simple suspiciousness is not paranoia--not if it is based on past experience or expectations learned from the experie
        • Paranoia -- The Word...

          Delusional Disorder

          Psychiatrists make a distinction between the milder personality disorder described above and the more debilitating delusional disorder. The hallmark of this disorder is the presence of a persistent, nonbizarre delusion without symptoms of any other mental disorder.

          Delusions are firmly held beliefs that are untrue, not shared by others in the culture, and not easily modifiable. Five delusional themes are frequently seen in delusional disorder. In some individuals, mo
    • by stefanlasiewski ( 63134 ) <slashdot@nosPam.stefanco.com> on Monday August 14, 2006 @06:37PM (#15907075) Homepage Journal
      That number will allow you to opt out of pre-approved offers of credit who follow the rules of the big credit bureaus (worked great for me).

      However, it will not prevent the credit bureaus from selling your name and information to other companies for other reasons, and it will not hide your credit report from anyone.

      Also, some credit companies don't use the big credit bureaus, and will instead compile information from other sources. If you have a home loan for example; your name, address and value of the loan are available at some county and state offices.
      • Sign up for the Direct Marketing Association's (DMA), "Mail Preference Service" (MPS) [dmaconsumers.org], it will reduce the amount of unwanted mail coming to you, including credit card offers, and it really works. Use option 2, and print and mail your form, it only costs the price of a stamp. Don't pay to do so online, it takes time to process anyhow.

        However, a few notes on the service:
        1) It can easily take 6 months for a mailing list to be updated removing your address from it. This has to do with the frequency that mar
    • by paeanblack ( 191171 ) on Monday August 14, 2006 @07:19PM (#15907272)
      The root of the problem:

      A: Hi! I'd like to open a line of credit.
      B: What's your name.
      A: John Smith
      B: There are alot of John Smith's, could you be more specific?
      A: John Smith from New York, New York.
      B: Sigh. That doesn't really help.
      A: Well, how then?
      B: Give us a publicly known number that refers to you and you alone.
      A: My Social Security Number is 012-34-5678
      B: Fine. Now I need to prove I'm actually talking to John Smith, 012-34-5678
      A: How?
      B: Tell us a number that only you know and would never, ever, tell anyone else.
      A: My Social Security Number is 012-34-5678
      B: Meh, I guess that's good enough. Have fun with your new credit card.
    • This might be American or North American only (at least one of the credit bureaus cover Canada and the U.S.). I would hazard a guess that other countries have different credit bureaus and different rules.
  • It should be called "Common Sense 101". This type of thing should be posted on, oh I don't know, maybe blogs that old people read?
  • by Anonymous Coward on Monday August 14, 2006 @06:18PM (#15906961)
    The trick to not worrying about identity theft is to have horrible credit and just about $0 in the bank. I've never got to worry about somebody using my identity. Hell, my identity doesn't even do me any good.
  • by Neil Blender ( 555885 ) <neilblender@gmail.com> on Monday August 14, 2006 @06:21PM (#15906980)
    Here in the backwater US, you can get your credit report for free three times a year at http://annualcreditreport.com/ [annualcreditreport.com] - Check it every four months.

    • I'm glad people already modded this informative (I guess that's a no-brainer), as I just used my last mod point prior to reading this. I just wanted to say "thanks", as a lot of the sites that claim to offer this info. tend to require enrollment in some program that I have no interest in... and I never actually think of looking this stuff up, at least not when I am near a computer...

      To those who haven't checked out this site: no matter the outcome, it's ~10 minutes very well spent. Check it out.
    • I got all of my reports except Equifax. The whole process fails when I get to them. Does this happen to anyone else. I think out of all the credit reporting agencies this one is the most difficult to deal with.
      • Equifax (Score:3, Interesting)

        by falconwolf ( 725481 )

        I got all of my reports except Equifax. The whole process fails when I get to them. Does this happen to anyone else. I think out of all the credit reporting agencies this one is the most difficult to deal with.

        Of the three major credit report agencies, Equifax is the worst. Especially if you're trying to clean up your credit reports. Even if they're supposed to investigate and delete bad info if they ever get around to it they drag their feet to investigate. They're also supposed to allow you to write

    • I should have felt misled when I followed the link to AnnualCreditReport.com think that is free and less than annual as the poster stated. How does one get it every 4 months for free. I did it last summer and have been waiting for the anniversary to roll around. Even the welcome page states 1 per year. Please tell me!!
      • How does one get it every 4 months for free

        One per year per agency. Get one from one agency every four months. If anything major happens, you can bet on it being in all three. Minor stuff, like addresses, etc are most likely what will differ from one agency to another and are not so urgent to get fixed.
    • I filled out the forms for two of the three companies on there a couple of months ago. Neither one seemed to think that I exist, so I stopped trying :(
  • by winkydink ( 650484 ) * <sv.dude@gmail.com> on Monday August 14, 2006 @06:24PM (#15906988) Homepage Journal
    ...was there really anything mentioned in that article that your typical /. reader didn't already know?
    • by pseudorand ( 603231 ) on Monday August 14, 2006 @06:48PM (#15907130)
      Well, I'd never though of always typing in the wrong pin first to verify that the ATM is actually connected to the ATM network. But I'm also not sure I believe the keylogger keypad connected to wifi thing either. I imagined ATMs were tamper resistant such that the bank would be notified if anything was disconnected.
      • Here in Argentina ATM fraud is common.

        Saboteurs install a small keycard reader right next to the keycard reader at the ATM's door, so when you slide your car to enter, both readers get it. Recommendation: open the door with any other card, since the reader only checks for a magnetic strip and not for a valid card.

        As for keypads, they usually install a different keypad over the regular one, which logs key presses and also activates the regular keys, so you notice nothing. The newspaper once showed one of
        • Recommendation: open the door with any other card, since the reader only checks for a magnetic strip and not for a valid card.


          Find where someone is installing a retail POS system. Many of them come with "test" credit cards. Installers just toss them in the trash. I have test Visa card in my car presently, as a matter of fact.
        • "Recommendation: open the door with any other card"

          Never had to swipe a card just to get into a bldg. with an ATM in it. Heck, most of the ATM's I go to aren't indoors at all....they are on the outside wall of the bank. Many are in convenience stores or grocery stores too. Do they all have 'special' sealed buildings for ATM's in Argentina?

      • Came across one of these locally - I only noticed it because the adhesive had come loose.

        The device was a little over a half inch thick, and had a slot through which the card went. This device was placed over the normal ATM card slot. When you put your card in, it got read by the device, and the ATM sucked it in and read it there.

        I found out from the bank that the PIN was read through a hidden camera nearby. The "nice" thing about a setup like this is that no change is made to the ATM itself. To add ins
  • Just about all the information the "certified ethical hacker" is putting out is nothing new. Awareness is all good and well, but the steps to protect your identity require more work and understanding than the average joe is willing to commit to. Laziness is the trait that identity thiefs hope for, and usually find.

    Until the current standards change or are more rigorously enforced, Identity theft will remain one of our electronic cultures downfalls. And now that pandora's box has been opened on identity thef
  • by WillAffleckUW ( 858324 ) on Monday August 14, 2006 @06:27PM (#15907018) Homepage Journal
    Minor methods like:

    a. shredding the account numbers and names/address on your bills or mail.

    b. taking out the recycling only on recycle day, and making sure none of it contains identifying materials, but that all those are shredded and then mixed.

    c. not taking too much ID with you.

    And realizing that you're being phished. I learned a lot of techniques in the Canadian Armed Forces, when they would try to get information out of our systems by trying to pretend they were from someplace that just needed info, or wanted to verify something.

    Never trust email, don't trust phoners, and never action things that you didn't originate.

    And keep your hand over the other one (shading it) when entering your PIN.

    Canada.com is a website for daily newspapers in Canada, FYI. Always right-click to inspect any links and ensure they go to the correct location before clicking them - and always use URLs you made yourself to access your banking and credit info.

    Now, I've got an underwater tunnel to sell you if you don't want to follow that advice, and I'm sure other people will tell you about all the lotteries you've won, and how a rich religious minister left you money in [NAME OF COUNTRY] ...
  • by Itninja ( 937614 ) on Monday August 14, 2006 @06:28PM (#15907021) Homepage
    Apparently, 'certifed ethical hacker' is an actual cert one can get. But I don't think I would the term 'hacker' to appear anywhere on my resume. Unless I was trying to get a job with some black hat pseudo legal firm...that'd been sweet.
    • Robin hood: hacks the rich to give bandwidth to the poor? Only hacks on weekdays, never on a Sunday?

      Right and wrong are always blurred and I can't see how "ethical" can really be defined.

      • by Anonymous Coward
        No, "ethical" is determined by questions 7, 12, and 30-42 of the ethical hacker certification test. ;)
      • Something like: has a knowable standard of behavior and lives by it.

        It's about predictability. I have friends with a different standard of ethics than I do, but that's ok, if I know what it is, I can know what to trust them with.

        Not a conclusive definition, but that's a fair part of how I assess ethics.
    • What boxen do you have to hack into to, to get the certificate.... oh, never mind, downloading a copy now, just have to change the name ;-)
    • It sounds better than ethical lamer.
    • Apparently, 'certifed ethical hacker' is an actual cert one can get. But I don't think I would the term 'hacker' to appear anywhere on my resume. Unless I was trying to get a job with some black hat pseudo legal firm...that'd been sweet.

      I've never heard of any certification for ethical hackers before reading this article. What organization issues the cert? Once upon a tyme I read about the Model Railroad Club at MIT, the WOZ, and others and I wanted to be a hacker like them. Alas back then adjective "

    • Apparently, 'certifed ethical hacker' is an actual cert one can get. But I don't think I would the term 'hacker' to appear anywhere on my resume.

      I've actually taken a CEH prep course, but that was because my boss had been pressuring me to take a class, and it was a week away from work paid. The information it covers is very basic, the vast majority of it is based on the "tools" used. They spend a bit of time covering how you're supposed to operate as a CEH, but there's so much material that even with

  • by Colin Smith ( 2679 ) on Monday August 14, 2006 @06:29PM (#15907023)
    Hey, it's fun to shred stuff...

    Just don't ever allow your kids to shred anything, even once. If you do, you may find yourself re-filling your taxes, one piece of sellotape at a time.

     
  • by porkmusket ( 954006 ) on Monday August 14, 2006 @06:33PM (#15907045) Homepage
    Does anyone else think that online identity theft is exaggerated? I mean, I have seen stats [idtheftcenter.org] for identity theft in general, but not specifically for online identity theft. It strikes me as an insurance company/bank/credit card company ploy to make money. They take the internet, something a lot people don't understand, paint it as a major source of fraud, and ask you to pay $10/mo for their 'identity protection' services.

    I have a feeling that the mjaority involvement of the internet in these crimes is as a vehicle for the transmission or cracking or databases made available by poor security practices.
    • by Anonymous Coward
      This is true. You are more likely to have your neighbor steal your mail and get your credit card information. Once they have that they can go on a shopping spree. All they have to do is make sure they get home from work before you. I know four people who have had this happen in the last year. They don't find out until they got their bill with all of the extra purchases.
    • by EtherMonkey ( 705611 ) on Tuesday August 15, 2006 @01:26AM (#15908483)
      I do security and compliance for a big corporation (100k+ employees). I am not aware of even one case of identity theft via the Internet. I am aware of many cases of fraud via the Internet, where a persons' credit card or bank account number was stolen and/or misused. I suspect that, as pointed out elsewhere, statistics for fraud and identity theft together. This may be because of legislative constraints that includes, and rightfully so, credit card account information as protected personal/financial information. But there's also no doubt that higher numbers makes for more sensational news stories and more compelling selling points for those $10/month protection services.

      100% of the identity theft cases and about 30% of the fraud cases I've helped out with or heard of were not due to any use of the Internet (even though many of the unapproved charges were made to Internet resellers). Disgruntled/dishonest employees, ex-spouses and boyfriends/girlfriends, and neighbors/acquaintances are, in my experience, the top three perpetrators of identity theft. Then there are the randoms: the car salesman that puts through auto loans in other customers' names; the 'crew' that dumpster-dives tax preparation offices and then sells the identities to illegal immigrants.

      If you are reasonably careful and avoid 'risky behavior' on the Internet you are fairly safe from fraud and identity theft. Never give your SSN or birthdate to anyone over the phone, and only the bare minimum as absolutely required on a face-to-face basis (i.e. banks, financial institutions, employers, medical as needed for insurance processing). For anyone else, just make up a SSN and birthdate: there's no point in arguing with people too stupid to understand that there's no legitimate use for that information.

      Never pay for anything by check. ACH fraud is trivial and is probably the most common scam because of the lack of controls and authentication. It can also be the most damaging because, unlike credit-card fraud, the money is gone from your account and you have to convince the bank to put it back. Any organization with either an ACH merchant account with a bank or via one of hundreds of ACH 3rd-party processors can take money from any US bank account with nothing more than your bank's routing number (public information) and your account number (printed on every check). I have been hit with ACH fraud a few times and now order only a one-year supply of checks and then open a new account when the checks run out.

      When paying on-line or over the phone always use your credit card company's 'temporary account number' service. These are time-limited and, optionally, amount-limited account numbers that do not reveal your permanent credit card number. You can set limits for how long they are valid (from one month to one year) and how much total can be charged. Most MasterCard and Visa providers offer this service. You have to be Internet-connected to generate a new number. (American Express pioneered this service but then discontinued it shortly before introducing their enhanced security service, for an extra fee). An added benefit is if someone does make fraudulent use of the temporary account number you know who is at fault for leaking your information.

      If you have the ability, use a separate e-mail address for each financial institution and each vendor you use. If you have your own domain name you can usually configure "catch-all" email forwarding so any incoming email without a matching mailbox gets forwarded to a specific address. This helps identify phishing attempts because you will see email supposedly from, e.g., Citibank Security come into your "ebay@example.com" address instead of the proper "citibank@example.com" address. An added benefit here is being able to identify who is selling your email address (surprisingly, very few).

      And if you deal with illegal, semi-legal, illicit or other fringe sites (porno, high-yield investing, paid-to-surf/email, Ponzi, pirate software/music/video/games, or an
      • My identity was stolen via the internet. Not by my doing, but by my bank's doing.

        My bank (a rather large one) was hacked. Later, that information was used in connection with the Russian mob to commit internet fraud.

        And my bank has not been the only one out there that has been hacked.
        • And then the bank is at fault for failing to protect your confidential personal information from unauthorized disclose, and they are liable for all the costs and expenses associated with the correction of your resulting identity theft, possibly including indirect damages due to the higher intrest rates you will be forced to pay as a result of the identity theft, legal fees to correct the issue, lost time from work or your job (even if you used paid leave instead of unpaid leave), etc.

          If you have not already
  • by mfh ( 56 ) on Monday August 14, 2006 @06:33PM (#15907052) Homepage Journal
    That's what I did. Now if some joker gets my numbers, I can simply dump the card and get a new prepaid Master Card. Pfffft, eat that h4xx0rz! ;-)
    • But what happens when they flag you as a terrorist for using pre-paid credit cards too much?
    • That's what I did. Now if some joker gets my numbers, I can simply dump the card and get a new prepaid Master Card. Pfffft, eat that h4xx0rz! ;-)

      Or just use cash. You know, the green rectangular pieces of paper and the small round metal things ?

  • by xeno ( 2667 ) on Monday August 14, 2006 @06:47PM (#15907128)
    It's shameless self-promotion, but I just wrote an article on computerworld [computerworld.com] about basic security and privacy issues for the homeless and/or other perennially wandering folks. There's a little coverage about identity establishment there too, along with general protection of information and resources.

    -Jon
  • Simple: post AC! (Score:5, Insightful)

    by mangu ( 126918 ) on Monday August 14, 2006 @06:52PM (#15907143)
    I can't really understand why /. always has these news about protecting one's identity, but when someone wants to post a comment and remain anonymous they call him a "coward"...
    • Well I certainly hope your real name isn't "mangu", and that your CC number is different from 126918.

      The reason the Anonymous are cowardly is because they refuse to show even their funny little cyber-nicknames when they post vitriolic comments. They don't want to be known because they usually know they are wrong, and will lose karma. Some cowards are very funny however and get modded up considerably. I suspect taco and others post anonymously, don't you?
      • The reason the Anonymous are cowardly is because they refuse to show even their funny little cyber-nicknames when they post vitriolic comments.

        And others are reluctant to let the world know that, let's see, from two randomly picked comments of yours, you think "pacifism and veganism" are "philosophically flawed nonsense" and you want Pluto to be considered a planet because you don't know how to pronounce "Quaoar". Well, I must say I agree with you on both counts, but sometimes one wants to make a controver

        • but sometimes one wants to make a controversial argument without disturbing our very anonymous little cyber-nickname.

          Ah but you see, that's exactly what cowardice is :D
  • by dakirw ( 831754 ) on Monday August 14, 2006 @06:54PM (#15907158)
    Some banks allow users to generate virtual credit card numbers (that can have dollar limits and specific expiration dates) for use with online purchases. Probably not a bad idea to buy things online with one of these generated online numbers (using the purchase amount as the limit).
    • I have been using such a service for about 3 years. Works great. One caveat though: the actual limit on the virtual card may be 10% higher than the one that you request. My bank adds it because it thinks that I will forget to add the shipping charge and the number will "bounce". Just something to keep in mind. I am not sure if all banks do it.
      • I have been using such a service for about 3 years. Works great. One caveat though: the actual limit on the virtual card may be 10% higher than the one that you request. My bank adds it because it thinks that I will forget to add the shipping charge and the number will "bounce". Just something to keep in mind. I am not sure if all banks do it.

        I found out the hard way that my bank doesn't do that - I was off by one cent (typo), so I had to update the amount again and resubmit the order.

  • by Anonymous Coward
    I know this comment will probably languish in obscurity, it's becoming an unfashionable sentiment but the
    world is changing, Slashdot too.

    But I object to the phrase "Ethical Hacker"

    Kudos to the ed/poster who placed it in quotes, but personally I would have dropped the qualifying word.

    I never knew a genuine hacker who wasn't deeply ethical, even the mischievous ones up for cracking and pranks.
    To propagate this newspeak merely reinforces unfounded prejudices and panders to the frightened powers and ignorati.
  • "Contained" (Score:2, Insightful)

    keeping your personal information contained

    Last week, I tasked myself with determining ways to contact 72 Slashdot users. (People who'd responded to a subset of my journals in the past.) I found email addresses for fifty of them, instant messenger IDs for three others, profiles in other communities for five of them, and other ways to contact all the rest but four. That's a success rate of 94%. Oh, and I didn't spend a cent on acces to databases. Google and WHOIS was sufficient for most of them.

    My recomm

    • Oh noes!

      You can correlate my identity across the net... so what? And you have your email address publicized in your comment, so I could contact you without going to a WHOIS site or even Google.

      So what's your point?
  • All about credit (Score:3, Interesting)

    by NineNine ( 235196 ) on Monday August 14, 2006 @07:42PM (#15907380)
    Let's be honest. "Identity theft" is only about the precious "credit rating". "Credit ratings" are useful, true, but they're waaaay overused, primarily because people tend to live faaar beyond their means. A credit rating can only be held over your head if you insist on living on credit. The simple fact of the matter is that by avoiding using credit you don't really have to worry about "identity theft", one of the Big Three screwing up, and you don't have Big Brother watching your every move. People use credit so much that a person's credit rating has become the equivalent of "be good, or it goes on your PERMANENT RECORD" from grade school. It's been an adjustment, but I'm both personally, and business-wise (I own my own business) completely debt-free, and I intend to stay that way.

    In fact, I had a company (BellSouth Advertising) screw up my business listing badly last year. They published my store hours saying that we were closed a day that we're not. I never signed off on that ad. As a result, business is slower that day. Of course, BellSouth Advertising is giving me some bullshit about "you signed off on the previous year, and it says in fine print that if you don't sign off for the next year, that we can still bill you, blah, blah, blah". I told them that I don't pay for anything that I don't agree to, and I certainly won't pay for an ad that hurts my business. They call every few days, and all they can threaten me with is that they'll ding my credit rating. I just smile and say, "that's fine. I'm still not paying."

    That's REAL freedom. I'm not beholden to ANYBODY, from a financial standpoint. How many people in the US today can say that they're financially free?
    • I call B.S. ..... (Score:3, Interesting)

      by King_TJ ( 85913 )
      Sure, it's great if you can live without credit and get by.... But I occasionally run into someone just like yourself, preaching that the "rest of us" need to stop using credit and achieve "financial freedom" (or some variation on that theme). EG. One of my former bosses that I do some computer work for got that same lecture from his bookkeeper a few months ago. (He was upset that a few incorrect things on his credit report, plus an ex-employee mishandling some bills caused his credit score to drop too
    • Let's be honest. "Identity theft" is only about the precious "credit rating". "Credit ratings" are useful, true, but they're waaaay overused, primarily because people tend to live faaar beyond their means. A credit rating can only be held over your head if you insist on living on credit. The simple fact of the matter is that by avoiding using credit you don't really have to worry about "identity theft"

      If only this were true but it's not. Even if you're careful and watch your spending, say you have a sma

    • I've considered this, since my old man does it. The difference is he already owns houses and cars and has enough income to live off of. What do you do when you need to buy your first house? I can't afford hundreds of thousands of dollars out-of-pocket. Cars are manageable if you don't have to drive something insane... but I wonder about homes. I own my car now... paid down my 2005 mazda pretty quick (i hate oweing anyone anything) to a point where it's nearly done, but I still had to do it on a loan.
    • A credit rating can only be held over your head if you insist on living on credit. The simple fact of the matter is that by avoiding using credit you don't really have to worry about "identity theft", one of the Big Three screwing up, and you don't have Big Brother watching your every move.

      That's fine and everything. I agree with you; don't have any credit cards, buy cars with cash, only use my Visa check card to make purchases with money I have in the bank. But what about when I want to buy a house? Mos

  • Certified Ethical Hacker

    Let us analyse this boobytrap shall we ?

    "Certified" -- Here we have the Welcome Mat, designed to make us feel comfortable & willing to continue.

    "Ethical" -- Ah, we find outselves Tempted By Cheese sitting on the welcome mat.

    "Hacker" -- And here we have, the 10 Ton sandbag hanging above the welcome mat, if you look closely, you can see the fishing line that holds the bag above the mat going through a series of pullies & eventually running under the mat.

  • Data Thefts [waynemadsenreport.com] have been so rampant there is likely little this article says for pointers. You can have ubersecurity skills and all it takes is the theft from your bank and everything you've done is down tubes. The article if you ask me was meant for those new to the net and did nothing to give me insight. Flame on, moderate away but lets be realistic, the article did nothing for me.
  • I love how they make him seem qualitifed because he's a "CERTIFED ETHICAL HACKER". This is equivalent to A+ Certification in the generic IT space.
  • makes about as much sense as "Ethical Lawyer".

    The ones who help other people are ethical. The ones who try to fuck other people over are not.

    Calling yourself ethical doesn't make you that. It's your deeds that determine whether or not you're ethical.

    LK
  • Please send me $29.95 and you will receive your Official Certified Ethical Hacker welcome kit. The kit contains:
    1. Certificate of Authenticity
    2. Certified Ethical Hacker Mug
    3. Paper bag to hide your face from your friends and loved ones.
  • Having had the inside scoop on identity fraud for a long while now I would just like to say that there is a lot that the media/banks and governments are not saying. The crux of it all is this The fraudsters already have your details and they have had them for a long while and when i say a long while i mean years!

    Information security has only reached its peak in the last couple years. Prior to this, it was pretty lax especially during the height of companies outsourcing their call centers to foreign lands an
  • Woo hoo! Look at me...I just got one of the least-respected certifications ("Certified Ethical Hacker") in computer security!

    Woo hoo! Look at me...I'm parroting back a little bit of information, containing nothing new whatsoever in depth or breadth of scope, about protecting your identity!

    (yawn)

HELP!!!! I'm being held prisoner in /usr/games/lib!

Working...