Re:They really don't care about the end user... (Score 1)

To play devil's advocate, how could they reasonably have differentiated you from a malicious user intent on subverting someone else's account?

Erm, since I was actually logged into the account and provided everything they had asked for it might have been grounds for them to approve such a request thereby proving my identity... But then again you are right, from the eyes of the truly security conscious there is no way. Be sure I won't be e-mailing or faxing anybody a copy of my ID anytime soon, let alone divulging personal information on the internet to anybody in the name of security or not. Disturbing in the digiworld there is no real way for you to prove you are you, or I am me, without giving up potentially harmful personal information. A thumb print scanner for identification verification to log onto sites would be really impractical (though neat). Maybe I'm not me, maybe I'm you pretending to be me, or me pretending to be you pretending to be me. *Begins to observe the entity he thinks he might be start to have a serious identity crisis.* I think therefor I am, but I mean who am I anyway, who is anybody...? I need my tinfoil hat...