[81134] in North American Network Operators' Group
Re: Stanford Hack Exposes 10,000
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Thu May 26 10:45:24 2005
Date: Thu, 26 May 2005 07:44:49 -0700 (PDT)
From: Joel Jaeggli <joelja@darkwing.uoregon.edu>
To: "Jay R. Ashworth" <jra@baylink.com>
Cc: nanog@merit.edu
In-Reply-To: <20050525204930.G11445@cgi.jachomes.com>
Errors-To: owner-nanog@merit.edu
On Wed, 25 May 2005, Jay R. Ashworth wrote:
> The major problem, as has been pointed out in Privacy and RISKS digests
> in the past dozens of times, is that people persist in using as
> authenticators things (like SSN's, Mother's Maiden Name, etc) which are
> patently not suitable for that.
pre-existing sources of of unabigious uniqueness that map to people are
hard to come by...
fwiw, most universities that I'm aware of, have moved away from using
ssn's as an authentication tool.
joelja
>
> Cheers,
> -- jra
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
