So vote no Republicans.

  1. They let crackers grab personal info.
  2. They offer free year of credit monitoring, which only catches things AFTER SOMEONE STEALS YOUR IDENTITY AND OPENS UP ACCOUNTS IN YOUR NAME.
  3. Trying to put on a credit freeze using their website reported that they were “unable to process at this time.”
  4. Trying to go to their consumer Customer Service Center page gave me only a Java server (JSP) error about an IllegalException.

And now Equifax corporate execs are selling their shares in Equifax? I think my opinion of Equifax has me hoping they be up on charges of illegal, criminal negligence.

For contrast, I put in credit freezes at TransUnion and Experian WITH NO PROBLEMS AT ALL.

Update 9/13/2017

They finally let me put in a credit freeze for my wife. It was her info they gave to crackers. So they didn’t charge us for the freeze.

When I tried to put one in for myself, they announced that they couldn’t process it and that I should MAIL them the info (with fee). Is it just me, or is Equifax the LEAST functional of all the credit reporting agencies?

Update 9/15/2017

Equifax finally let me put in a credit freeze. My son-in-law, who works in IT, told me earlier that the Equifax Security site (about the crack) has been known to provide different results depending on what IP you come from, and can be wrong about half the time. So earlier today I rechecked my end of it, and they still were saying “As far as we know, you’re not affected by this.” So tonight I put in a credit freeze on my credit report. They didn’t charge me for it, so I think they’re finally getting the idea …

Also, Equifax “retired” their Chief Information and Chief Security Officers today. Replaced them with the immediate underlings who would have been the people actually responsible for making sure the security updates were applied to their server … so I don’t necessarily consider this an improvement.

These are the people behind:

Equifax reportedly used ‘admin’ as password in Argentina

Equifax’s hack checker is a hot mess — here’s what to do

Equifax’s credit-monitoring site also reportedly hackable

As security expert Bruce Schneier pointed out in his essay On The Equifax Data Breach:

This market failure isn’t unique to data security. There is little improvement in safety and security in any industry until government steps in. Think of food, pharmaceuticals, cars, airplanes, restaurants, workplace conditions, and flame-retardant pajamas.

Market failures like this can only be solved through government intervention. By regulating the security practices of companies that store our data, and fining companies that fail to comply, governments can raise the cost of insecurity high enough that security becomes a cheaper alternative.

Just put in a credit history freeze, and put up with having to pay a fee when you need to temporarily unfreeze it to get that car loan or mortgage you want.

And hope that Senator Warren’s bill to require no-cost credit freeze changes is passed by our otherwise hateful and dysfunctional Republican-controlled Congress.

Update 2017.5.6: Yesterday, a resident of a different address came to my door with my package. Turns out the UPS driver had delivered it to the wrong address. So I change what’s below to: “UPS: Teach your drivers to read addresses and deliver to the address on the package.”

Mahalo, fellow honest package recipient!

Don’t just leave packages “at front door or on the porch.” Especially when someone is visibly home AND the door is open. Ring the doorbell and actually hand the package to your customer. Don’t just silently drop the package at the front door and race back to your delivery truck as if the customer was going to bite you.

All you’re doing is actively participating in an industry thriving all across the United States: STEALING PACKAGES LEFT UNATTENDED BY DELIVERY DRIVERS AT FRONT DOORS.

Stupid UPS. YOU just enabled thieves to steal my package.

NOTE: This is not the “IT” mentioned in the previous post. THAT is still coming. IT IS COMING IT IS COMING!

Hollywood IT

Hollywood IT is what you see in movies. What Hollywood scriptwriters and directors think is Information Technology. The only connection between Hollywood IT and real IT is they both use the word “computer”.

Here’s some Hollywood IT: Any password for a hypersecure system can be guessed in only 2 tries. Even though such systems don’t allow their users to use easily-guessed passwords like the user’s first name, somehow the user’s password is their first name. Failing that, all you need to do is type OVERRIDE and you’re in.

But here’s an example that pertains to the real world.

When we saw the most recent Bourne movie, a whistleblower stole a flash drive of super-secret information from the CIA. It held 3D animations, video, full documentation, plans, scans of all project reports, etc, all about the project that produced Bourne and the other assassins. Maybe a gigabyte total?

Once plugged into a computer, a virus on the drive notified the CIA that someone was reading the flash drive. Worse: Sharing the files with someone else. This Must Be Stopped or we’ll be un-CYAed, bringing about The End of the Free World.

In the movie, the CIA’s computer whiz hacker remotely finds a hackable smartphone near the laptop, somehow uses that to hack the laptop, and starts erasing the flash drive. (Why didn’t they just use the laptop’s wifi connection that the virus used to report in the first place? Eludes me.)

A few minutes later, it was done. I presume to full government disk wiping standards. Not just sequentially translated through 256 random languages on Google Translate into unreadable gibberish.

(Technical note: Encryption via Google Translate cannot be cracked. But you may find the output in the instruction manual for that cheap MP3 player you picked up at a garage sale.)

A real world situation

When I see something that still works, my first few reactions are: “It still works. Someone else could use it.” (Actually, that’s my second reaction. My first reaction is: “How can I still use it?” I’m that sort of person. I HATE throwing away things that still work. Or could be fixed. Explains the junk I’ve collected.)

So when I recently replaced a 1TB hard drive with a 2TB drive, I found it very difficult to apply the Sacred Hammer of Divine Data Destruction to it. That would be sacrilegious.

Read More