givesomefucks@lemmy.world
on 16 Feb 21:41
nextcollapse
This is a good time to remind everyone that most of the problems with using SSNs for security is because at no point during design or implementation was it supposed to be used as a private thing.
It was supposed to be as common and easily accessible as your name.
It’s just when it’s started, it wasn’t listed anywhere publicly yet
So third parties just started treating it like it was a secret, and eventually it had enough momentum that the government just went with it.
We don’t need to just give people new numbers, we need a new system with both a public identifier and then some kind of secure system.
Devadander@lemmy.world
on 16 Feb 23:13
nextcollapse
So you’re saying we need a new system even if we keep social security
mindbleach@sh.itjust.works
on 17 Feb 04:38
collapse
Or: strenuously avoiding a national ID system, because of how obviously that could be abused. And probably still hacked anyway.
It is possible to do such an ID system sensibly, fairly, and for considerable net good. But we wouldn’t.
🇺🇸 Entire US social security DB¹ was exfiltrated by Elon’s DOGE and leaked to Cloudflare². (¹ SSN, name, home address, medical+bank+credit card info, tax details, work histories,…; ² corp that already sees ~⅓ of all your web traffic)
threaded - newest
This is a good time to remind everyone that most of the problems with using SSNs for security is because at no point during design or implementation was it supposed to be used as a private thing.
It was supposed to be as common and easily accessible as your name.
It’s just when it’s started, it wasn’t listed anywhere publicly yet
So third parties just started treating it like it was a secret, and eventually it had enough momentum that the government just went with it.
We don’t need to just give people new numbers, we need a new system with both a public identifier and then some kind of secure system.
So you’re saying we need a new system even if we keep social security
Or: strenuously avoiding a national ID system, because of how obviously that could be abused. And probably still hacked anyway.
It is possible to do such an ID system sensibly, fairly, and for considerable net good. But we wouldn’t.
“Little known”? It was constantly in the news for the past year.
I assume that’s sarcasm in the article?
¯\(ツ)/¯
I assumed not, but maybe it could be.
Better headline / TL;DR:
🇺🇸 Entire US social security DB¹ was exfiltrated by Elon’s DOGE and leaked to Cloudflare². (¹ SSN, name, home address, medical+bank+credit card info, tax details, work histories,…; ² corp that already sees ~⅓ of all your web traffic)
Interesting extracts here.