Information Exposed For 800,000 At UCLA

Apparently it’s Identity Theft Tuesday here on Emergent Chaos.
CNN reports that a “Hacker attack at UCLA affects 800,000 people”, which includes current and former faculty, students and staff. The initial break-in was apparently in October of 2005 and access continued to be available until November 21st of this year. I am stunned that it took so long to be noticed, especially in light of Chancellor Abram’s letter which states:

We have a responsibility to safeguard personal information, an obligation that we take very seriously…I deeply regret any concern or inconvenience this incident may cause you.

It’s a real shame they didn’t have more effective security controls and monitoring systems in place. Maybe then this incident wouldn’t have happened or been detected and stopped much earlier.
[edit: fixed link to article]

When The Fox Is In The Henhouse

Protectors, Too, Gather Profits From ID Theft” in today’s New York Times tells the tale of woe of Melody and Steven Millett and her husband who despite a subscription Equifax’s Identity Theft protection service still had Steven’s SSN readily abused. Privacy consultant Robert Gellman summed up one of the problems with these services nicely:

Identity theft has essentially become a business — not just for bad guys but for good guys, too…A lot of the people that are involved in profiting legally from identity theft are direct participants in the whole credit system that doesn’t have the protections in place to prevent identity theft in the first place.

So essentially, the credit monitoring services are selling a service that to cover the fact that they don’t have a good process to begin with. And given that fraud is generally the liability of the merchant and banks/credit card companies and not the end user there is little to no incentive for folks like Experian, Transunion and Equifax to actually do much in the way of due diligence on either end. When the folks who control your private information are also charging you to “protect”, they have a serious conflict of interest.
What’s actually needed is a service like Debix. In the interest of full disclosure, I have a fiduciary relationship with Debix. I was also one of their first customers. Why? Because I think it’s important to have someone whose only interest is the protection of my personal information on my side, not someone whose job it is to also sell it to the right people.
[Image is “Fox food” by Bob Hallinen / Anchorage Daily News]

Corruption-Free Anguilla?

anguilla.jpgThere’s a new blog, “Corruption-free Anguilla.” Long time cypherpunks will remember the joys of the Cable and Wireless contract with Anguilla. From the blog’s inaugural post:

The need for such a site is based on the perception that there is much discussion in hushed tones about corruption. No one discusses the matter publicly. The press is silent. The radio is muffled. Public discourse is discouraged. Let there be a free discussion here. All contributions are welcome. Needless to say, the editor of this site reserves the right to delete or edit any comment that appears to be unfair.

Best of luck to them! It’s challenging to engage in conversations about changing public life when you’re on a small island. There may not be a lot of privacy around what you say, and the powers you’re accusing of corruption can make your life difficult.

Photo by Miranda Hattie.

New Cookery: Emergent Chaos in the Kitchen

Ferran Adria, Heston Blumenthal, Thomas Keller and Harold McGee have issued a statement on the New Cookery:

In the past, cooks and their dishes were constrained by many factors: the limited availability of ingredients and ways of transforming them, limited understanding of cooking processes, and the necessarily narrow definitions and expectations embodied in local tradition. Today there are many fewer constraints, and tremendous potential for the progress of our craft. We can choose from the entire planet’s ingredients, cooking methods, and traditions, and draw on all of human knowledge, to explore what it is possible to do with food and the experience of eating. This is not a new idea, but a new opportunity.

Mmmm! I love what happens when constraints are removed. Sometimes it may get a little silly, but often, it’s sublime.

Both McGee and the French Laundry has been alluded to and mentioned in “The French Chef Model of Intellectual Property,” a subject mentioned in the statement:

We also believe in the importance of collaboration and generosity among cooks: a readiness to share ideas and information, together with full acknowledgment of those who invent new techniques and dishes.

Photo by Tamzen on eGullet.

Medical Privacy

There’s a really interesting story in the New York Times last Sunday, “Health Hazard: Computers Spilling Your History.” Money quote:

Some patients are so fearful that they make risky decisions about their health. One in eight respondents in a survey last fall by the California HealthCare Foundation said they had tried to hide a medical problem by using tactics like skipping a prescribed test or asking the doctor to “fudge a diagnosis.”

I think what’s most interesting is that Americans seem fully aware that computers are often insecure, and have a gut belief that information on paper is subject to fewer threats. For a lot of us, trading those risks against information about our (lack of) drug allergies being available in an emergency situation simply isn’t worth it.

So I’m Idly Curious…


Please put your bra in the bin,” at Flyertalk:

items used to augment the body for medical or cosmetic reasons such as mastectomy products, prosthetic breasts, bras or shells containing gels, saline solution, or other liquids; and,

1. Separate these items from the liquids, gels, and aerosols in your quart-size and zip-top bag.
2. Declare you have the items to one of our Security Officers at the security checkpoint.
3. Present these items for additional inspection once reaching the X-ray. These items are subject to additional screening.

As I understand it, gel bras hold ~7floz.

So…are there reasons that women wear gel-filled bras which are neither cosmetic nor medical?

Miss Groovy.”

My anonymous correspondent also wondered…how big a water bra can you make?

Farts on a plane!

Or, “It’s not the crime, it’s the coverup”.

It may be one problem airline security officials never envisioned — a passenger lighting matches in flight to mask odors from her flatulence.
The woman’s actions resulted in an emergency landing on Monday in Nashville of an American Airlines flight bound for Dallas from Washington, D.C., said Lynne Lowrance, a spokeswoman for Nashville’s airport.
Other passengers reported the odor of burned matches, but the woman was not forthcoming when asked about it, Lowrance said on Wednesday.

Maybe this is why the Automatic Targeting System cares what you had for lunch.