The security hole in Verified by Visa (26 Mar 2012)

For discussions about security.
Post Reply
Message
Author
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

The security hole in Verified by Visa (26 Mar 2012)

#1 Post by nooby »

Not good at all. Is this true all over the world or only in UK/USA?

Davey Winder reveals how a date of birth is all that's needed to circumvent credit card security

Rik Ferguson is a senior security researcher at Trend Micro in the UK, and a well-known face on the security conference circuit around the globe. As well as sharing an interest in rock music, tattoos and security, Rik and I also have something of a dislike for stupid password reset procedures.

End of quote
I use Google Search on Puppy Forum
not an ideal solution though

Bruce B

#2 Post by Bruce B »

A few days ago the State send me a letter saying they lost a number, my unique employer ID number which makes discovering everything else about me easy. According to the letter I need to register with some anti-fraud places or whatever.

I was sort of pissed and didn't want to deal with it immediately.

Later I can pull the letter out and cite exact quotes.

Here is how the breach purportedly happened: A box containing my information (the number) broke. No other details mentioned.

A box broke?

It leaves me with many more questions than answers.

Let me see if I have this right. The State wanted information from me which I gave in a hard copy reply, the box it used broke, thereby putting me at high risk for identity theft.

I suppose it will be the same State who arrests me for the crimes the thief commits.

In any event it wasn't my idea to give them the information, they wanted it and I complied.

I'm responsible for its screw-up.

For one thing I think I should keep the letter to use in my partial defense should someone steal my identity.

I don't know. According to other posts in the Off-Topic Area, the world will warm up and we will probably be dead.

It is becoming too hard to keep the things I'm supposed to worry about prioritized.






~

User avatar
Terryphi
Posts: 761
Joined: Wed 02 Jul 2008, 09:32
Location: West Wales, Britain.

Re: The security hole in Verified by Visa (26 Mar 2012)

#3 Post by Terryphi »

nooby wrote:Not good at all. Is this true all over the world or only in UK/USA?

Davey Winder reveals how a date of birth is all that's needed to circumvent credit card security
End of quote
Is anyone stupid enough to reveal their date of birth anywhere on the internet (including forums)?
[b]Classic Opera 12.16 browser SFS package[/b] for Precise, Slacko, Racy, Wary, Lucid, etc available[url=http://terryphillips.org.uk/operasfs.htm]here[/url] :)

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#4 Post by Barkin »

Bruce B wrote:A few days ago the State send me a letter saying they lost a number, my unique employer ID number which makes discovering everything else about me easy. According to the letter I need to register with some anti-fraud places or whatever.
That sounds phishy [sic] ... http://en.wikipedia.org/wiki/Phishing

Scammers do pretend to be government ... http://www.theinternetpatrol.com/new-online-scam-claims-your-federal-tax-payment-has-been-rejected/

Bruce B

#5 Post by Bruce B »

Barkin wrote:
Bruce B wrote:A few days ago the State send me a letter saying they lost a number, my unique employer ID number which makes discovering everything else about me easy. According to the letter I need to register with some anti-fraud places or whatever.
That sounds phishy [sic] ... http://en.wikipedia.org/wiki/Phishing

Scammers do pretend to be government ... http://www.theinternetpatrol.com/new-online-scam-claims-your-federal-tax-payment-has-been-rejected/
Very good and the thought crossed my mind as a first thought.

Except, I was the one who sent them hard copy for processing. In other words: It was over the top, but not out of the blue.

~

dogle
Posts: 409
Joined: Thu 11 Oct 2007, 12:41

#6 Post by dogle »

1 Much gratitude to nooby for pointing me in the direction of Davey Winder.

2 I was in search of the date-of-birth storyline; Davey accredits another
for this. For the benefit of others who may share my intense interest in the ever-expanding, inappropriate, inept and illegal intent to grab this bit of our data, here is the missing link -
http://countermeasures.trendmicro.eu/verified-by-visa/
(right now I'm in a hot war with the City Hall over this ... can't fight the? ... wrong, can't win maybe, but -heh!- C turret is being traversed).

3 Terryphi asks if anyone is stupid enough ...... well yes, not us, but about 95% upwards of the online population I'd guess. As someone was alleged to have said a while back - "Forgive them ...... they knoweth not what they do".

4 I can well appreciate Bruce B's misgivings, because for long I feared that the personal data which Gubmint requires of us was under the care of utter morons, at the lowest level .... I now better understand that it's the sub-morons at the highest level who are selling us down the river.

dogle
Posts: 409
Joined: Thu 11 Oct 2007, 12:41

#7 Post by dogle »

1 Much gratitude to nooby for pointing me in the direction of Davey Winder.

2 I was in search of the date-of-birth storyline; Davey accredits another for this. For the benefit of others who may share my intense interest in the ever-expanding, inappropriate, inept and illegal intent to grab this bit of our data, here is the missing link -
http://countermeasures.trendmicro.eu/verified-by-visa/
(right now I'm in a hot war with the City Hall over this ... can't fight the? ... wrong, can't win maybe, but -heh!- C turret is being traversed).

3 Terryphi asks if anyone is stupid enough ...... well yes, not us, but about 95% upwards of the online population I'd guess. As someone was alleged to have said a while back - "Forgive them ...... they knoweth not what they do".

4 I can well appreciate Bruce B's misgivings, because for long I feared that the personal data which Gubmint requires of us was under the care of utter morons, at the lowest level .... I now better understand that it's the sub-morons at the highest level who are selling us down the river.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#8 Post by Lobster »

I'm in a hot war with the City Hall
Stay well Dogle.

I am at war with the whole of reality. So far reality has the upper hand but only just . . . :lol:

Public access information and sharing:
As we are all aware the wealth of the world is being shared amongst the banking fraternity as part of their efforts to enrich everyone (or not). Part of the control process involves ownership of the means of enrichment and their whole history - that would be us plebs [speaking for myself].

However in the near future it gets interesting . . .
Farcebook and similar tweets to mindshare and index, leads to open source mind sharing. You can create the Internet as a military exercise but can you control AI, genetic manipulation, hackers from the future breaking into past and alternative time streams?

Nooby and others are concerned about breaks in conventional security.
I do not consider my thoughts as immune from 4 dimensional access.
http://www.physicsforums.com/showthread.php?t=5526
Fortunately I never do sufficient thinking to register any interest . . .
:wink:

Good luck with your efforts.
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

Post Reply