Language Selection

English French German Italian Portuguese Spanish

Burden is on us to protect our data

Filed under
Security

If you had to guess, how many companies would you say have enough of your personal data stored in various databases to make even a rookie crook ready for prime-time conning?

Ten, perhaps? What about 50, 100 or 1,000?

You probably don't know the answer, and that is exactly the problem.

In the past six months, the personal data of millions of consumers have been lost, stolen or sold to identity thieves. The most recent case involved a financial unit of Citigroup Inc. CitiFinancial, which provides a wide variety of consumer loan products, disclosed that personal information (Social Security numbers, loan account data and addresses) of 3.9 million of its customers was lost by UPS in transit to a credit bureau. So far CitiFinancial said it had no reason to believe that the information has been used inappropriately.

So far.

Every time we hear of one of these cases, the companies involved tell their customers not to worry. Trust us, they say. They pledge to enhance their security procedures.

The promises don't make me feel any safer about my personal data. How about you?

It's time for the federal government and the states to step in and make sure the companies fulfill those promises.

There have been some efforts to protect people's financial information. On June 1, a new federal rule took effect that requires businesses and individuals to destroy sensitive information derived from consumer credit reports.

I was initially encouraged when I heard about this rule. It seems to cover all the bases -- individuals, and both large and small organizations that use consumer reports, including consumer reporting companies, lenders, insurers, employers, landlords, government agencies, mortgage brokers, car dealers, attorneys, private investigators, debt collectors and people who pull consumer reports on prospective home employees, such as nannies or contractors.

There's just one little problem with this "Disposal Rule." There is no standard for how the documents have to be destroyed. Here's the direction the Federal Trade Commission is giving to businesses and individuals: "The proper disposal of information derived from a consumer report is flexible and allows the organizations and individuals covered by the rule to determine what measures are reasonable based on the sensitivity of the information, the costs and benefits of different disposal methods, and changes in technology."

How strong is a standard if it has no standard? Basically, those who have our information get to decide how and when it is to be destroyed.

"The burden is completely on the consumer to protect what is important," said Evan Hendricks, editor and publisher of the newsletter, Privacy Times.

Full Article.

More in Tux Machines

Zuul: Proven open-source continuous integration/continuous delivery

If you think Zuul is the Gatekeeper, demigod, and minion of the ancient Hittite god Gozer, then you're a Ghostbusters fan, too. But, if you're interested in continuous integration/continuous delivery (CI/CD) and not "human sacrifice, dogs, and cats living together... mass hysteria," then you want Zuul, OpenStack's open-source CI/CD platform. Zuul originally was developed for OpenStack CI testing. For years, OpenStack, the Infrastructure-as-a-Service (IaaS) cloud, got all the attention. Over time, people began to realize that as impressive as OpenStack was, the CI system behind it, which enabled contributors and users across many different organizations to work and develop quickly together across multiple projects, was impressive in its own right. Read more

Smallest RK3399 hacker board yet ships at $129 with 4GB DDR4

FriendlyElec has launched a 100 x 64mm, $129 “NanoPC-T4” SBC that runs Android or Linux on a Rockchip RK3399 with 4G DDR4, native GbE, WiFi-ac, DP, HDMI 2.0, 0 to 80℃ support, and M.2 and 40-pin expansion. FriendlyElec has released its most powerful and priciest hacker board to date, which it promotes as being the smallest RK3399-based SBC on the market. The 100 x 64mm NanoPC-T4 opens with a $129 discount price with the default 4GB DDR4 and 16GB eMMC. Although that will likely rise in the coming months, it’s still priced in the middle range of open spec RK3399 SBCs. Read more

today's leftovers

  • How to dual-boot Linux and Windows
    Even though Linux is a great operating system with widespread hardware and software support, the reality is that sometimes you have to use Windows, perhaps due to key apps that won't run under Linux. Thankfully, dual-booting Windows and Linux is very straightforward—and I'll show you how to set it up, with Windows 10 and Ubuntu 18.04, in this article. Before you get started, make sure you've backed up your computer. Although the dual-boot setup process is not very involved, accidents can still happen. So take the time to back up your important files in case chaos theory comes into play. In addition to backing up your files, consider taking an image backup of the disk as well, though that's not required and can be a more advanced process.
  • Weather Forecasting Gets A Big Lift In Japan
    This is a lot more compute capacity than JMA has had available to do generic weather forecasting as well as do predictions for typhoons, tsunamis, earthquakes, and volcanic eruptions – the weather forecasting alone is predicted to run 10X faster, according to Cray.
  • Bitwarden Password Manager Adds Command Line Vault
    Bitwarden, the secure, open source password manager we talked about recently, added a command line tool to its list of apps you can use to access your passwords. Bitwarden CLI is currently in public beta testing, and according to its documentation, it includes all the features available in other Bitwarden client applications, like the desktop or browser extension.
  • GSoC’18 Week 1
    The first week of the coding period was great and I got to learn a lot of new things. My mentors help me on every stage and the work is going on as planne [...] Improvement in the overall UI is still in progress. Other than this, I have been working on refactoring the current code for this activity and breaking the whole code into various elements. For the next week, my main task is to complete the overall UI of this activity and add more geometries for drawing.
  • Time to Test Plasma 5.13 Beta
    The forthcoming new release of Plasma 5.13 will have some lovely new features such as rewritten System Settings pages and Plasma Browser Integration. But we need testers. Incase you missed it the Plasma 5.13 release announce has a rundown of the main features. If you are an auditory learner you can listen to the Late Night Linux Extra podcast where Jonathan “great communicator” Riddell talks about the recent sprint and the release.
  • GSoC students are already hacking!
    We always enjoy that new people join openSUSE community and help them in their first steps. Because of that, openSUSE participates again in GSoC, an international program in which stipends are awarded to students who hack on open source projects during the summer. We are really excited to announce that this year four students will learn about open source development while hacking on openSUSE projects. The coding period started last week, so our students are already busy hacking and they have written some nice articles about their projects. ;)
  • CryptoFest a openSUSE Conference již tento víkend v Praze
  • openSUSE Conference a CryptoFest 2018
  • Aaeon reveals two rugged, Linux-ready embedded PCs
    Aaeon unveiled two Linux-friendly embedded systems: an “AIOT-IP6801” gateway equipped with an Apollo Lake-based UP Squared SBC with WiFi and LoRa, and a “Boxer-8120AI” mini-PC with an Nvidia Jetson TX2 module and 4x GbE ports. Aaeon announced that three of its Linux-ready embedded systems have won Computex d&j awards, including two previously unannounced models: an Intel Apollo Lake based AIOT-IP6801 gateway based on Aaeon’s community-backed UP Squared board, as well as a Boxer-8120AI embedded computer built around an Arm-based Jetson TX2 module.
  • Last Call for Purism's Librem 5 Dev Kits, Git Protocol Version 2 Released, LXQt Version 0.13.0 Now Available and More
    Purism announces last call for its Librem 5 dev kits. If you're interested in the hardware that will be the platform for the Librem 5 privacy-focused phones, place your order by June 1, 2018. The dev kit is $399, and it includes "screen, touchscreen, development mainboard, cabling, power supply and various sensors (free worldwide shipping)".

Programming: GNU Parallel, Rust, Go