With less than three weeks to sign up for insurance or pay a penalty, problems with the healthcare.gov website are still unresolved. It is impossible to imagine the anxiety and suffering of the millions who lost their health care policies and who don't want to put their identities at risk by going online to healthcare.gov.
“It doesn’t appear that any security fixes were done at all,” David Kennedy, CEO of the online security firm TrustedSec, told the Washington Free Beacon.
Kennedy said fundamental safeguards missing from Healthcare.gov that were identified by his company more than a month ago have yet to be put in place.
After warning Americans when testifying before Congress on Nov. 19 to stay away from Healthcare.gov, Kennedy now says the situation is even worse.
“They said they implemented over 400 bug fixes,” he said. “When you recode the application to fix these 400 bugs—they were rushing this out of the door to get the site at least so it can work a little bit—you’re introducing more security flaws as you go along with it because you don’t even check that code.”
Get this. The Federal Government doesn't have to notify anyone if the site is hacked.
“States are required to notify in the event of a breach, the federal government is not,” he added. “So in the event that Healthcare.gov gets compromised and all their information gets taken out of it they don’t have to notify anybody.”
Kennedy said the team working on Healthcare.gov is more likely to hide its security flaws than address them. When it was revealed that the most popular searches on the website were hack attempts—confirmed by entering a semicolon in the search bar—the website simply removed the tool.
The White House won't even give classified briefings to Congress about the security problems of healthcare.gov. Chairman of the House Intelligence Committee Mike Rogers said,
“They could not even provide someone — CMS and HHS, the two folks responsible for the HealthCare.gov website — in a classified setting to come up and talk about the breaches that they know have happened. That’s just unconscionable.”
He warned that there is currently no coordinated effort within the administration to test the website’s newly-written code which was completed over the past two months of repairs, leaving it vulnerable to breaches. “You’re encouraging people to go to a site that our own government knows doesn’t meet safety standards when it comes to security of private information.”
The latest IBD/TIPP Poll finds that 78% say Americans should be worried about the security of the ObamaCare exchange website, and 53% say they should be "very concerned." This view was shared across parties, with 69% of Democrats saying security concerns are warranted.
More worrisome for the law's success, 82% of those aged 18-24 say concern is justified. These are among the people ObamaCare most desperately needs to enroll to keep overall premiums from spiraling out of control.
John Podhoretz writes in Commentary, No, Healthcare.Gov Isn’t Working. Much of the backend hasn't been constructed yet.
There is no such thing as a functioning website if the “back end” isn’t working. The “back end” is the catchall phrase for everything you don’t see when you visit a website. It refers to the software that translates pictures and words into what you see here. It refers to the software that mediates the relationship between 1) users who enter information, 2) the servers that store the website’s information, and 3) third parties hired to take some (but not all) of the information and process it on their servers and computers. It refers to the security systems put in place so that the website cannot be disabled by an outside attack and so that the data entered cannot be stolen or otherwise compromised.
In other words, the back end is the website. What many people are seeing now at healthcare.gov is a visual demonstration of a sign-in. If the sign-in data are not transferred to a database, nothing has happened. It’s like taking a practice test; it’s not scored and it’s not registered and it means nothing.
Obama administration officials acknowledged today that some of the roughly 126,000 Americans who completed the torturous online enrollment process in October and November might not be officially signed up with their selected issuer, even if the website has told them they are.
While the front-end of the website has been vastly improved, the back-end glitches remain a serious concern, IT experts and industry officials say.
For those who thought they enrolled in a plan through the federal exchange since October, the Obama administration now advises that individuals contact their insurance company to verify coverage and if none exists, to start all over again.
The Washington Post is reporting the bad news for Obama; about ⅓ of consumers enrolled through healthcare.gov have serious errors in the plans they chose.
The mistakes include failure to notify insurers about new customers, duplicate enrollments or cancellation notices for the same person, incorrect information about family members, and mistakes involving federal subsidies.
The spying by the government on American citizens is so far beyond what anyone thought was possible, it's hard to comprehend its scope. Except that it gets bigger and bigger.
New York Times. N.S.A. Said to Search Content of Messages to and From U.S.
To conduct the surveillance,’ reads the report, ‘the NSA. is temporarily copying and then sifting through the contents of what is apparently most e-mails and other text-based communications that cross the border…[the] computer searches the data for the identifying keywords or other “selectors” and stores those that match so that human analysts could later examine them.’
By identifying the recipient of the emails or text messages as the target of the surveillance instead of the sender, the NSA sidesteps a 2008 law that allows spying on domestic soil without warrants as long as the target was a noncitizen abroad.
The official said the remaining emails, those not selected by the software, are deleted. Nonetheless, privacy proponents were in disbelief.
‘The program described by the New York Times involves a breathtaking invasion of millions of people's privacy,’ American Civil Liberties Union deputy legal director Jameel Jaffer said in a statement. ‘The NSA has cast a massive dragnet over Americans' international communications, collecting and monitoring virtually all of them, and retaining some untold number of them in government databases. This is precisely the kind of generalized spying that the Fourth Amendment was intended to prohibit.’
Reuters. Exclusive: U.S. directs agents to cover up program used to investigate Americans
A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.
Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.
The undated documents show that federal agents are trained to "recreate" the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant's Constitutional right to a fair trial. If defendants don't know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence - information that could reveal entrapment, mistakes or biased witnesses.
"I have never heard of anything like this at all," said Nancy Gertner, a Harvard Law School professor who served as a federal judge from 1994 to 2011. Gertner and other legal experts said the program sounds more troubling than recent disclosures that the National Security Agency has been collecting domestic phone records. The NSA effort is geared toward stopping terrorists; the DEA program targets common criminals, primarily drug dealers.
"It is one thing to create special rules for national security," Gertner said. "Ordinary crime is entirely different. It sounds like they are phonying up investigations."
In a follow-up article Reuters reports Exclusive: IRS manual detailed DEA's use of hidden intel evidence
Details of a U.S. Drug Enforcement Administration program that feeds tips to federal agents and then instructs them to alter the investigative trail were published in a manual used by agents of the Internal Revenue Service for two years.
The practice of recreating the investigative trail, highly criticized by former prosecutors and defense lawyers after Reuters reported it this week, is now under review by the Justice Department. Two high-profile Republicans have also raised questions about the procedure.
“It’s a very common complaint about N.S.A.,” said Timothy H. Edgar, a former senior intelligence official at the White House and at the office of the director of national intelligence. “They collect all this information, but it’s difficult for the other agencies to get access to what they want.”
“The other agencies feel they should be bigger players,” said Mr. Edgar, who heard many of the disputes before leaving government this year to become a visiting fellow at Brown University. “They view the N.S.A. — incorrectly, I think — as this big pot of data that they could go get if they were just able to pry it out of them.”
The federal government has demanded that major internet companies turn over users’ stored passwords, two sources told the respected tech website CNet.
“If the government is able to determine a person’s password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user,” the report says. “Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.” But it doesn’t end there. The government is not only requesting the passwords, but its also asking for algorithms and even security questions:
At the same time, the government is doing everything it can to protect its own secrets, today's example, the EPA
The EPA's Game of Secret Science The agency pursues rules that will cost billions but refuses to reveal its research.
As the Environmental Protection Agency moves forward with some of the most costly regulations in history, there needs to be greater transparency about the claimed benefits from these actions. Unfortunately, President Obama and the EPA have been unwilling to reveal to the American people the data they use to justify their multibillion-dollar regulatory agenda.
To cite a few examples of where the EPA would like to take the country, the agency is moving forward with strict new limits on ozone that by its own estimates will cost taxpayers $90 billion per year, which would make the regulation the most costly in history. Other examples include a Mercury and Air Toxics Standard for power plants (previously known as "Utility MACT") that the EPA estimates could cost up to $10 billion a year. Yet more than 99% of the EPA's health-based justifications for the rule are derived from scientific research that the EPA won't reveal. Taxpayers are supposed to take on faith that EPA policy is backed by good science.
When the acclaimed television drama series Homeland climaxed with a devious plot by terrorists to kill America’s vice-president by hacking into his electronic pacemaker, critics scoffed at the ludicrousness of the idea.
But the outrageous storyline was thought credible by many in the world of computer security. Among those was the New Zealand-born computer hacker Barnaby Jack. The 35-year-old — who, unlike many in the business, used his skills ‘ethically’ — had spent his career demonstrating the dangers posed by unscrupulous hackers combined with computer manufacturers’ failure to install proper safety devices on equipment.
Jack thought it highly plausible that a terrorist could hack into someone’s pacemaker and speed up their heartbeat until it killed them. He also believed it was possible to infect the pacemaker companies’ servers with a bug that would spread through their systems like a virus.
‘We are potentially looking at a “worm” with the ability to commit mass murder,’ he said. ‘It’s kind of scary.’ Jack certainly knew what he was talking about — having become famous after demonstrating how he could sabotage cash machines and make them dispense large sums of money (a trick he called ‘Jackpotting’) by hacking into a bank’s computer system.
Another stunt was to reveal how a diabetic’s insulin pump — which is designed to deliver insulin to the body day and night — could be hacked from 300ft away, so it could dispense a fatal dose.
Jack, who had been obsessed with computers since childhood, emigrated to the U.S. at the age of 21 and joined a firm specializing in computer security issues.
In recent years, he had developed a specific interest in what is known as ‘embedded’ technology, the hardware and software built into everyday objects such as cars, banking systems, home appliances and medical devices. Jack thought it plausible that someone could hack into a pacemaker and speed up their heartbeat until it killed them
He was preparing to demonstrate his work two days ago at a major computer-hacking convention in Las Vegas.
In an address to the Black Hat convention titled ‘Implantable medical devices: hacking humans’, Jack was due to show an audience of hackers and cyber security experts at Caesar’s Palace how he could hack into devices such as pacemakers and defibrillators.
However, he was never to give the demonstration. A week beforehand, Jack was found dead in his flat in the San Francisco neighborhood of Nob Hill. His body was believed to have been found by his girlfriend, Layne Cross, a 31-year-old model. According to friends, he was found dead in bed.
To say his sudden death remains shrouded in mystery is putting it mildly.
Predictably, for someone who worked in such a shadowy world, there have been countless theories about how he was killed. Hackers are a suspicious bunch who have become even more paranoid since the U.S government’s efforts to silence whistleblowers such as ex-soldier Bradley Manning (who faces jail for leaking secret government cables to WikiLeaks). The absence of even the most basic details about Barnaby Jack’s untimely death has ignited a firestorm of speculation that foul play could be involved.
A prolific gang of foreign hackers stole and sold 160 million credit card numbers from more than a dozen companies, causing hundreds of millions of dollars in losses, federal prosecutors charged on last Thursday in what they described as the largest hacking and data breach case in the country.
The scheme was run by four Russian nationals and a Ukrainian, said the United States attorney for the District of New Jersey, Paul J. Fishman, who announced the indictments in Newark.
The victims in the scheme, which prosecutors said ran from 2005 until last year, included J. C. Penney; 7-Eleven; JetBlue; Heartland Payment Systems, one of the world’s largest credit and debit processing companies; and the French retailer Carrefour.
“It is a really potent reminder of what researchers have been saying: The bigger threat is coming from criminal gangs, most of which are coming from Russia,” said Fred H. Cate, director of the Center for Applied Cybersecurity Research at Indiana University in Bloomington. “It’s far more immediately impactful than threats coming from China.”
In a scam that dated back to 2005, the suspects first targeted retailers, surreptitiously visiting their checkout counters and exploiting vulnerabilities in the payment systems they used. By 2007, they were hacking into the financial systems of Nasdaq, the largest US electronic stock market, and major corporations like 7-Eleven, France’s Carrefour SA, JCPenney and the Hannaford Brothers supermarket chain.
They hit the real paydirt, authorities allege, when they hacked directly into some of the biggest credit card payment processors themselves to steal literally oceans of personal financial data.
Once inside the network, they used malware (malicious code) to create a “back door” that gave them return access, even after some companies identified breaches and thought they had fixed them. Then they installed “sniffers,” or programs to identify, collect and steal vast amounts of personal financial data, individually known as dumps, that they secreted in a network of computers around the world.
John Fund reports on Obamacare’s Branch of the NSA Community organizers will use a Federal Data Hub to sign up people for subsidies — and even ballots.
The Department of Health and Human Services is about to hire an army of “patient navigators” to inform Americans about the subsidized insurance promised by Obamacare and assist them in enrolling. These organizers will be guided by the new Federal Data Hub, which will give them access to reams of personal information compiled by federal agencies ranging from the IRS to the Department of Defense and the Veterans Administration. “The federal government is planning to quietly enact what could be the largest consolidation of personal data in the history of the republic,” Paul Howard of the Manhattan Institute and Stephen T. Parente, a University of Minnesota finance professor, wrote in USA Today. No wonder that there are concerns about everything from identity theft to the ability of navigators to use the system to register Obamacare participants to vote.
This spring, House Oversight and Government Reform Committee lawyers were also told by HHS that, despite the fact that navigators will have access to sensitive data such as Social Security numbers and tax returns, there will be no criminal background checks required for them. Indeed, they won’t even have to have high-school diplomas. Both U.S. Census Bureau and IRS employees must meet those minimum standards, if only because no one wants someone who has been convicted of identity theft getting near Americans’ personal records. But HHS is unconcerned. It points out that navigators will have to take a 20–30 hour online course about how the 1,200-page law works, which, given its demonstrated complexity, is like giving someone a first-aid course and then making him a med-school professor.
Indeed, voter registration is among the goals of the folks hawking Obamacare. The People’s World newspaper reports: “California’s Secretary of State Debra Bowen is designating the state’s new Health Benefit Exchange, Covered California, as a voter registration agency under the National Voter Registration Act. That means Covered California will be incorporating voter registration into every transaction — online, in-person and by phone — it has with consumers.” It seems as if some Obama supporters have found a new way to fill the void left by the bankruptcy of ACORN, the notorious left-wing voter-registration group that saw dozens of its employees in multiple states convicted of fraud.
“Giving community organizers access to the Federal Data Hub is bad policy and potentially a danger to civil liberties,” House Budget Committee chairman Paul Ryan told me recently. “But it’s one of the most underreported stories I’ve seen. If people only knew about this Data Hub program, it would touch off a huge public outcry.”
"It's the greatest collection of private identification information ever assembled on Americans that will be put into one place," said Rep. Patrick Meehan, who chairs a House cybersecurity subcommittee. "It is every bit of sensitive information one would need to know to completely take over the identification of a person," said the Pennsylvania lawmaker.
The Obamacare data hub, he added, "creates a honey pot and the day that it goes online it is going to be a target for hackers and others and they are unprepared to protect the system."
To combat wide spread skepticism, ‘Obamacare’ National Marketing Campaign To Cost Nearly $700 Million
Study: Obamacare could cause 1 million low-income Americans to move from work to welfare
Hackers aren't going anywhere any time soon, so Russian spies are wising up and taking their most sensitive intelligence offline. Not offline like off the internet. Offline like off computers altogether.
The Russian state procurement agency FSO recently announced that it was interested in spending up to 486,000 rubles (about $14,800) on at least 20 old fashioned typewriters to handle top secret documents. After all, cyber security isn't an issue when ink and tree are involved.
Web-users who want to protect their privacy have been switching to a small unheard of search engine in the wake of the 'Prism' revelations.
DuckDuckGo, the little known U.S. company, sets itself aside from its giant competitors such as Google and Yahoo, by not sharing any of its clients' data with searched websites. This means no targeted advertising and no skewed search results.
Aside from the reduced ads, this unbiased and private approach to using the internet is appealing to users angered at the news that U.S. and UK governments (the National Security Agency (NSA) in the U.S. and GCHQ in the UK), have direct access to the servers of big search engine companies, allowing them to 'watch' users.
Entrepreneur Mr Weinberg had the idea for the company in 2006….From there he had the idea to develop a 'better' search engine, that does not share any user information with any websites whatsoever.
Search data, he told the paper, 'is arguably the most personal data people are entering into anything. You're typing in your problems, your desires. It's not the same as things you post publicly on a social network.'
DuckDuckGo, named after an American children's tag game Duck Duck Goose (though not a metaphor), was solo-founded by Mr Weinberg in 2008, in Valley Forge, Pennsylvania. He self-funded it until 2011 when Union Square Ventures, which also backs Twitter, Tumblr, Foursquare and Kickstarter, and a handful of angel investors, came on board.
The 33-year-old CEO, who lives in Paoli, a suburb of Philadelphia, PA, with his wife and two children, explains that when other search engines are used, your search terms are sent to that site you clicked on; this sharing of information is known as 'search leakage'.
'For example, when you search for something private, you are sharing that private search not only with your search engine, but also with all the sites that you clicked on (for that search),' he points out on his website.
'In addition, when you visit any site, your computer automatically sends information about it to that site (including your User agent and IP address). This information can often be used to identify you directly.
'So when you do that private search, not only can those other sites know your search terms, but they can also know that you searched it. It is this combination of available information about you that raises privacy concerns,' he says.
A computer virus that steals bank details and empties money from accounts has been found on Facebook.
Eric Feinberg, who controls the U.S National Football League Facebook page, discovered the malicious links were being posted on his brand's page by fake profiles.
The links are believed to be controlled by the Russian Business Network - an online criminal gang accused of stealing internet users' identities and private information.
The link discovered by Feinberg was for a page called 'Bring the N.F.L to Los Angeles'. The page has since been removed.
Security firm Trend Micro claim that there may be many more hidden on pages, or even being spread inadvertently by Facebook friends.
When a Facebook user clicks the links the Trojan - which gets its name from the Trojan horse the Greeks used to enter the city of Troy undetected - is installed on their computer. It then scans all the personal files and steals any private information.
The malware is also able to collect login details, even if they aren't stored in documents on your PC, by using keystroke logging. Keystroke logging, also known as keylogging, can record which keys on a keyboard are being pressed. It can then wait until the user types in their online banking address and login details and steal them.
Once they have the logins, the cybercriminals can enter your online accounts and steal your money.
It is a six-year-old malware program that has seen a resurgence recently on Facebook and other social network sites. The Zeus Trojan, also known as ZBOT, has infected millions of computers worldwide - with reports claiming 3.6 million are in the U.S alone - and can sit in the background dormant and virtually undetected.
‘If you tell me your date of birth and where you’re born on Facebook, I’m 98 per cent of the way to stealing your identity,’
'World's greatest conman' Frank Abagnale says social network is rich seam for identity thieves. He said children in particular need to be made aware of the serious risks of unwittingly revealing information online…..‘Technology breeds crime.’
‘What I did 40 years ago as a teenage boy is 4,000 times easier now,’ said Mr Abagnale, who is known as one of the most successful impostors of all time, assuming the identities of pilots, doctors, lawyers, and even a U.S. prison agent.
"Something seemingly innocent, like posting our birthday on Facebook, can provide thieves with just enough information to access bank accounts, credit cards, sign up for credit and more."
You also give away a few more pieces of the identity puzzle by sharing whom or what you "like" or "follow." When you like a particular store or your neighborhood bank, for instance, you are giving a potential thief one more link to steal your information.
Hackers utilize the following distribution "touch points" to deceive users: malicious links and code, spam, friend requests, private messaging, user groups, gaming forums, videos and music.
"Social networking scams are 10 times more effective in spreading malware than email" is, said George Waller, executive vice president and co-founder of StrikeForce Technologies in Edison, N.J.
Blanton, who was once a police officer, added that people have always used personal information to commit crimes.
"The Internet just makes it easier," she said. And now social media has provided a gold mine for bad guys.
1. Change your name. If you tweak your name just a little, or use a nickname, life will be easier for you after the inevitable hack.
2. Stop geotagging your photos.
3. Lie about your age. While it's fun to get birthday greetings on your wall, it's a key piece of information needed to steal your identity. At least post the wrong year.
4. Don't store your credit card information on the site. Facebook has several services that require a credit card. Buyer beware.
5. Have some boundaries. When Facebook asks you where your photo was taken, keep it to yourself.
6. Less is more (peace of mind). …. Go through your timeline and remove posts that provide personally identifiable information.
7. Deactivate your account.
Bonus Pro Tip: Don't use your Facebook password anywhere else. That's making it way too easy for the bad guys.
Suicide is now the leading cause of injury deaths. Too many people are living lives of despair as the miserable economy takes its toll.
More people commit suicide than die in car crashes. A report in the American Journal of Public Health says suicide ranks first followed by car crashes, poisoning, falls and murder.
"Suicides are terribly undercounted; I think the problem is much worse than official data would lead us to believe," said study author Ian Rockett, a professor of epidemiology at West Virginia University…. For the study, Rockett's team used data from the U.S. National Center for Health Statistics to determine the cause of injury deaths from 2000 to 2009.
Deaths from intentional and unintentional injury were 10 percent higher in 2009 than in 2000, the researchers noted. And although deaths from car crashes declined 25 percent, deaths from poisoning rose 128 percent, deaths from falls increased 71 percent and deaths from suicides rose 15 percent, according to the study.
In 2009, more than 37,000 Americans took their own lives, and more than 500,000 were at risk of suicide, according to Pamela Hyde, administrator of the U.S. Substance Abuse and Mental Health Services Administration.
Medical errors kill enough people to fill four jumbo jets a week. A surgeon with five simple ways to make health care safer.
All of them have to do with transparency
A staggering 94 million Americans exposed to potential identity theft through breaches in government agencies. And it's probably much worse.
Furthermore, out of 268 breach incidents reported since 2009, the 67 of the public agencies responsible (and I use that term loosely) couldn't even figure out how many records were lost. That fact alone will tell anyone with basic math skills and a lick of common sense that this epidemic is much worse than we know. …..
Premeditated attacks by hackers accounted for only 40 breaches since 2009, a mere 15 percent of the total….Plain and simple stupidity and negligence caused most of the rest.
the sad truth is that our own government's security policies -- or lack thereof -- have put us all at risk. …The GAO's report found that out of 24 major government agencies, 18 had inadequate information security controls….the Department of Veterans Affairs and the Department of Health and Human Services, each of which have met just over 50 percent of the law's requirements.
Robert Morgenthau: The Death of Peter Wielunski
For every soldier killed in combat, 25 veterans are dying by suicide. It's time to broaden efforts against PTSD.
Online storage service Dropbox has admitted to a security breach that led to many of its members receiving unsolicited emails. A stolen password had been used to access an employee's accounts and copy a 'project document' containing user emails addresses.
The US company said that usernames and passwords stolen from other sites had also been used to sign in to some of its members' accounts.
'The Dropbox incident underlines the necessity of having different passwords for every website,' said Graham Cluley, senior technology consultant at Sophos. 'As people pile more confidential information onto the web, hackers are being given a greater incentive to penetrate accounts.
Matt Honan over at Wired tells how his entire digital life was destroyed.
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.
Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location.
An amazing illusion that I found here.
Speaking of illusions, how safe are you from identity theft?
A report by the Treasury Inspector General for Tax Administration (TIGTA) reveals that that taxpayer identity theft more than doubled in 2011, skyrocketing to 641,052 taxpayers affected as compared to 270,518 the prior year.
As Eileen Ambrose of the Baltimore Sun explains, once a fraudster has someone's Social Security number, all they have to do is "make up W-2 information, submit a return before the legitimate taxpayer files and receive a refund directly deposited on a debit card."
That, said Taxpayer Advocate Nina Olson during a July 10th House Judiciary Committee hearing, can mean a nightmare for victims. "Identity theft wreaks havoc on our tax system in many ways," explained. "Victims not only must deal with the aftermath of an emotionally draining crime, but may also have to deal with the IRS for years to untangle the resulting tax account problems. Identity theft also impacts the public …(Treasury)… as Treasury funds are diverted to pay out improper refunds claimed by opportunistic perpetrators….Identity theft is not a problem the IRS can solve on its own."
Phishing emails, stolen Social Security numbers, and fraudulent tax preparers are all cited as potential pathways for taxpayer identity fraud to occur.
Amy Feldman, writing for Reuters, says that "Fighting taxpayer identity theft is a bit like going after Nigerian email scammers, a constant battle that seems unlikely to be won anytime soon."
Cary Doctorow in Technology Review, The Curious Case of Internet Privacy, Free services in exchange for personal information. That's the "privacy bargain" we all strike on the Web. It could be the worst deal ever.
What we agree to participate in on the Internet isn't a negotiated trade; it's a smorgasbord, and intimate facts of your life (your location, your interests, your friends) are the buffet.
Why do we seem to value privacy so little? In part, it's because we are told to. Facebook has more than once overridden its users' privacy preferences, replacing them with new default settings. Facebook then responds to the inevitable public outcry by restoring something that's like the old system, except slightly less private. And it adds a few more lines to an inexplicably complex privacy dashboard.
People don't value privacy until they lose it.
You aren't the customer, you're the product being sold says Michael van der Gallen in The 8 ways Big Brother's Facebook's New Changes Alienate Its Users
Most of the changes aren’t meant to make life easier for users — that means: for you and me — but for advertisers. The goal clearly is to make it easier for them to target people whose Internet behavior implies they may be interested in a company’s products. If that means that you and I have a more difficult time using the world’s largest social network, so be it. Facebook has more important things to consider, namely money.
I am horrified to learn that Facebook is asking users to share their medical history, that the new profiles are "The biggest Breach of Your Privacy in Facebook's History" and that its new "Open Graph" creates a permanent record over which the user has no control.
Lauren Weinstein — an expert on the Internet and privacy – adds rather succinctly: Biggest fans of Facebook’s new Open Graph:
FBI, CIA, NSA, TSA, + (all Department of Homeland Security departments and assets)
Local Law Enforcement
Your medical and life insurance companies
Your auto insurance company
Department of Motor Vehicles
All lawyers (especially divorce and personal injury)
Anyone else who might want to know how you’ve spent your time, at any point in the future, based on the permanent data record created automatically by your activities at vast numbers of sites, all collected in one place for ease of court orders.