SSN's and Identity Theft

Apparently some people still carry their Social Security Card.  I used to do that but stopped about 25 years ago.  These days, it's foolish at best to carry your card.  It's too valuable.  If you lose your wallet and your card is in it, you have a long-term big problem.  At a minimum you have to get a new SSN and notify everyone.  This can be a major pain.  It could also lead to major confusion. So, don't carry it.

Now some employers in these days of immigration hysteria may make you produce the actual card itself.  If so, use it and then put it back in safe-keeping.  Don't carry it!

BTW:  I blogged over a year ago about what to do if your identity was stolen.  You might want to review those posts if your have that problem.

More computer issues

I ran into an interesting and scary article "Lest We Remember: Cold Boot Attacks on Encrytion Keys" by J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.  They've found a way to break your security, not by attacking your cryptography key, but by freezing your computer.  I won't try to explain how it works, you can read the article or what my friend Lance Cottrell has to say about it in his blog, The Privacy Blog.  Lance's bottom line (and one I agree with) is simple:  turn the machine OFF, don't put it into Sleep mode.

BTW: If you are wondering why I'm blogging about this on a personal security blog, the answer is actually simple:  your private information is the key to your personal security.  Protect it at all times.

Customs Searches

There is an interesting article in my friend Lance Cottrell's The Privacy Blog about an accused pederast's fight not to reveal the password for his laptop's hard drive.  I commend it to everyone.  But the lesson to be learned is that, if you are trying to protect your own information, you should a) encrypt, b) not use overly explicit identifying names for your files, and c) be aware that when you cross the border between the US and anywhere else, the ICE have unfettered rights to inspect and copy your electronic data.  Those of us who deal with sensitive material, should take all appropriate steps to safeguard it.  The problem is that what you can do to prevent ICE from seizing and copying your data is far from clear.  I expect the law to eventually clarify things but right now when you cross the border you are risking everything. 

Backup, backup and backup some more

I was reading an article on CNN about what to do to protect yourself in an emergency.  It was interesting.  Most, if not all the tips were ones I've made here, but I was reminded of something:  backups are great, not just for the computer.  Put your emergency contact information into your cell phone under "I C E" and put it in your wallet.  Do the same with your list of medications.  Put ICE information in the glove box of the car or in your briefcase.  Do the same with your medical information. 

It's not just computers that can fail.  If you get badly hurt in an auto accident or attack, your protectors will need this information.

PS:  Somebody came up with an possible improvement on the "ICE" number--they suggest AA ICE to keep the listing at the head of the page. What do you think?  Maybe put it both places? 

"The Gift of Fear"

At last!  Someone besides me is saying it.  And on Oprah! yet.  Gavin de Brecker went on Oprah last week and talked about his book "The Gift of Fear".  I won't quote the article but I agree with it completely.  I've posted it on this blog and said it over and over again:  Do *not* ignore your instincts. If you are getting bad "vibes" from someone there is a reason for it.  Listen to yourself.  Now, someone else is saying it.  If you won't listen to me, listen to Oprah and Gavin de Becker.  Go to Oprah's site and look at the stories.  All of them revolve around 1 thing and 1 thing only:  If you don't listen to your instincts you are taking stupid risks.

Now, one more point:  de Becker talks about women on Oprah.  OK. But this advice goes to anyone who, at any time, in any place, gets that little warning "vibe" and hears the alarm bells go off.  I cannot say it more often:  Listen to your instincts!  Don't worry about being politically incorrect, don't worry about anything.  You can explain later.  The one thing you cannot explain is why your instincts were warning you and you refused to listen.

Hints From Heloise

I wish I could find the durn thing online.  Last week there was a letter from a former police officer that the "Hints from Heloise" column published.  It was a short letter--only 3 paragraphs--but it managed to please me and enrage me all at the same time.  First, why it pleased me:  He suggested that people put their important medical information with their Driver's license so it could be found in case of emergency.  That's a good idea.

But then he went off the rails:  he basically blows off cell phones entirely.  That's not just dumb, that's wrong.  For several years now people have been told to put their emergency contact information on the phone under "I C E" [In Case of Emergency] and anybody who ignores this new protocol is just plain wrong!  Everyone should do that. 

As an aside, I've got to wonder about his comment re:  garage door openers and glove boxes too.  After all, it is the police who insist we have license and registration in every car.  What does this guy think is on the registration for Pete's sake?

ID Theft

A friend of mine sent me his post about what to do if your identify is stolen.  I thought the idea of a credit freeze is very interesting.  If you are having a problem with this, you should go back in time to my entry from March 2, 2006, on ID Theft.  There are a number of other steps you can and should take to protect yourself, not just this credit freeze.  You should also visit the U.S. Gov't's website to help people whose identity has been stolen.  It's full of useful tips. 

Computer Spyware is Everywhere

Even from sources you don't expect.  You really must read Brian Schneier's blog on Sears' new program on Jan. 3rd.  Apparently if you join Sears' "My SHC Community" and install their software Sears can monitor all internet traffic, including a lot of secure information. 

I join with Brian in describing this level of monitoring as scary as he!!.  And I've got to wonder if Sears' lawyers knew what they were doing.  Seems to me it's a big problem. 

security in Church

The Colorado shootings have highlighted a growing trend:  Churches need security too.  This has been well known to the Jewish community for years.  In fact, the Anti-Defamation League has published a Security Manual designed for synagogues but applicable to almost any house of worship.  If you are concerned about the security of your church, temple, or mosque, you should download this manual.  It is filled with lots of useful information for you to consider and apply as you see fit. 

Call them back

I was just reading about another of the various credit card or bank scams that are going around like a flu virus.  But they all have 1 thing in common:  they try to get you to give them information over the phone.  Don't do it!  But it can be hard to resist.  So try this:  tell them that you will call them back.  But DO NOT ask for a telephone number.  Please do not ask for a telephone number.  No, no no!!

Be responsible and careful instead.  You call the customer service number on your credit card or for your bank. That way you know who you are talking to and have some confidence that your information will not be misused.

Funny thing, too:  you never, ever get the person you were just talking to.  It's always a scam.  So, don't talk to them-call them back!