[Cryptography] After Equifax pwning, what is the best means for replacing the SSN?
alan at clueserver.org
alan at clueserver.org
Tue Sep 26 22:26:26 EDT 2017
> In article
> <CAHVSqQcWYU=Ts4+PKyR77q8DRQ4+W1DzZ8dwHFWVRHaBNWaGKA at mail.gmail.com> you
> write:
>>Maybe I'm misunderstanding, but isn't this fairly easy? Just invent a
>> fine
>>for companies that use SSN as an authentication mechanism. Or any
>>identifier that is knowingly public, including having been made public by
>> a
>>security breach.
>
> My preference is to say that any transaction validated with an SSN is
> presumed fraudulent and is voidable on request. Fines are hard, they
> require courts and such.
Until someone figures out how to exploit that on a wide scale.
I expect at some time in the future our wallets will be filled with
cryptographic key cards instead of store loyalty cards. (Or dongles on
your keychain, which will make losing your keys even more fun.) Cell
phones make the problem harder because it is a pain in the ass to make
dongles that support every version of USB or whatever Apple wants to use.
perl -pe 's/^\s+//g' *.py
More information about the cryptography
mailing list