WHERE ARE THE DAMNED HANDCUFFS?
The Market Ticker - Commentary on The Capital Markets
2017-09-08 09:12 by Karl Denninger
in Corruption , 1278 references Ignore this thread
WHERE ARE THE DAMNED HANDCUFFS?
[Comments enabled]  

It's time to start locking people up and destroying businesses with federal criminal indictments.

The Internet has made many things very easy -- and fast.  But it has also made many things quite-insecure, especially when corners are cut.

I can design and implement extremely secure internet-connected data facilities and services.  I not only have done so they're in active use right now.  Some are more-important than others, but all are important to me.   Among other things my home is connected via same, never mind the work product I've developed for the last, oh, 30ish years when working on various pieces of computer-technology.

It has never been penetrated.

Do you know why?  Because to get in you need cryptographic keys that you don't have, and as technology has advanced so has my willingness to regenerate said keys to keep step with same, along with taking proper security precautions with the necessary components to issue said credentials.

In other words I do my ****ing job.

Equifax did not.  Nor did all of the other places that have had ridiculous data breaches over the last few years.  Nor did the people who called me a couple of years ago in a panic because one of their "senior" IT people stripped the protection from their master key and stuck it on a network volume that was backed up to the cloud for convenience purposes.  For the record, that person was not fired and the firm in question did not immediately re-generate all the keys issued by same.

So far I haven't read anything in the paper about them being compromised, but that doesn't mean they haven't been.  It just means it didn't hit the papers.

Yet.

Equifax, along with Trans-Union and Experian, hold data on virtually every US Citizen over the age of about 18 and a large number of those who are not adults.  If you have any sort of credit relationship with anyone they have a file on you.  That file is indexed by something that until about 20 years ago was stamped on the face of said card "Not for Identification" -- your Social Security number.

Congress has permitted these firms to pervert that which it designated not for identification use, but only for the use of the Federal Government in administering retirement and disability benefits under the Social Security program, with the IRS having access to it so as to make sure your contributions to same were accurately recorded.  Since deliberately turning its back on the outrageous abuse of same by private industry Congress has then gone even further and not only allowed and mandated its use by other firms, such as banks, for identification purposes it has effectively barred you from having any such account or access without same.

This, despite the fact that on the face of said cards until fairly recently it was explicitly stated: NOT FOR IDENTIFICATION as that was written into the original law that resulted in the issuance of same.

But what's even worse than that perversion for which every Congresscritter and Executive Branch member should be tried and imprisoned for the rest of their lives is what Congress and the Executive have not done since -- on purpose.

They have not enforced the law with regard to intentional and willful misconduct when it comes to cyber security in these large data stores nor do they give a damn about the material and incalculable harm these large firms inflict on consumers when your data is either stolen or misused because of their intentionally lax security.  Further, the Congress and Executive allow effective extortion of every consumer in the nation by allowing these companies to charge you to freeze your credit, thus denying scammers access, they can charge you again to "unfreeze" it temporarily if you wish to obtain new credit and they deem said data "theirs" instead of "yours" which means you can't insist that they either not collect and store it or delete it.

See, proper security costs money and can be inconvenient.  Having access to such data only when properly-secure machine certificates are used to encrypt same and all communication all the way back to a traceably-secure device would mean that "instant credit" decisions at millions of cash registers (e.g. to sell you a credit card while in the checkout line) could not be made.

Forcing these companies to allow consumers to turn "on" and "off" access to their credit files whenever they want, without cost, would mean that these companies couldn't sell your data to anyone and everyone who has a few bucks, and they'd have much smaller businesses than they have now.  And prosecuting and jailing the executives of firms who put convenience for their customers, which are businesses -- not consumers -- ahead of security would mean they'd have no business at all.  But at the same time it would make defending against someone opening a credit account in your name and stealing your identity very easy since you could disable access to your credit information any time you wish without having to pay to turn it on and off.

Because of how these firms operate and their business practices, choices they have voluntarily made, you get screwed -- again.  This breach is so large and so egregious that no amount of "monitoring" and "credit watching" will do a damn thing.  You're going to get ****ed as a consequence of this and your obsession with posting crap on Facesucker, Twatwaffle and Instrascrew instead of immediately demanding that strong, effective action be taken to put a stop to this crap.

The solution is to force Equifax to eat the cost of ANY fraud that ensues and all costs of its cleanup including liquidated damages for your time and effort on a permanent basis since they, and not you, decided to use an identifier never intended for that purpose and in addition they, and not you, were grossly negligent in failing to secure said data.  In addition forcing all of these firms to allow no-cost lock and unlock options for consumers where locking your file at one bureau does so at all of them and can be  done at zero cost at any time for any reason on a permanent basis would actually mitigate said risk.  Finally, deeming any credit opened while you have locked your file as conclusively fraudulent and uncollectable with liquidated damages payable to you if someone does it anyway would shift the burden from you for said incidents to them.

And finally we can start by indicting right now the executives at Equifax who sold stock after the breach occurred and before it was reported along with indicting the company itself under federal Racketeering statutes -- they claim they didn't know but I call bull**** on that and demand an immediate felony criminal investigation of both the executives and company including but not limited to the immediate seizure of every single electronic device owed by said executives and the company that might hold evidence documenting that they're lying.

But instead of doing the right thing what we get is more mealy-mouthed bull****, and you, America, sit for it.

The breach is Equifax's fault.

The lack of immediate prosecutorial and policy response by the government is your fault, America, because you refuse to demand that it happen right damn now backed up by immediate and no-holds-barred protest, up to and including destroying all credit-issuing businesses through lawful economic action until the above occurs.

Go to responses (registration required to post)
 
Main Navigation
MUST-READ Selection:
A One-Sentence Bill To Force The Health-Care Issue

Full-Text Search & Archives
Archive Access
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

 
Comments.......
User: Not logged on
Login Register Top Blog Top Blog Topics FAQ
Showing Page 1 of 3  First123Last
User Info WHERE ARE THE DAMNED HANDCUFFS? in forum [Market-Ticker]
Jdough
Posts: 85
Incept: 2012-05-04

The Lone Star State
Report This As A Bad Post Add To Your Ignored User List
Who wants to bet their IT shop is a bunch of low ball H1b's? Even so I'm sure someone there knew about the lurking problems, probably even said something but "management" didn't want to take the downtime to fix them, because of profits. The same management that paid themselves out before announcing the issue. Equifax's breach site is a pile of PR massaged bull**** of the highest order, its hard to even take it seriously. I'm affected of course, but at this point I already have enough useless credit monitoring from all the other breaches, so I think I'll just do what I always do and watch my stuff like a hawk.

We as a people completely deserve this for even allowing companies such as this to exist. Companies whose sole purpose is to monitor our lives and assign a debt-slave score...oops I mean "credit" score, and, as you mentioned to flagrantly disregard the law with regards to the SSN. Only a matter of time now, America, until there is a coordinated cyber attack that hits enough things at once to plunge us into Mr. Robot like chaos.

----------
The federal head will possess, without limitation, almost every species of power that can, in its exercise,
tend to change the government, or to endanger liberty; the people will have but the shadow of representation, and but the shadow of security for their rights and liberties
Scottl1023
Posts: 6
Incept: 2016-02-14

NJ
Report This As A Bad Post Add To Your Ignored User List
Insult on top of injury is that you have to " opt in " for the monitoring services at:

https://www.equifaxsecurity2017.com/

After registering, Then you are given a future date to log back to activate... read this BS.

"Your enrollment date for TrustedID Premier is:
09/14/2017
Please be sure to mark your calendar as you will not receive additional reminders. On or after your enrollment date, please return to faq.trustedidpremier.com and click the link to continue through the enrollment process."

These clowns designed more evasiveness and road blocks for the public they screwed than they did into their security systems.

Note the URL - https://www.equifaxsecurity2017.com/ Looks like they are preparing for 2018..2019...2020....

Redbrian
Posts: 25
Incept: 2010-06-25

Report This As A Bad Post Add To Your Ignored User List
Fifteen years ago my personal data was stolen from a local hospital. I personally visited all of my congressmen and representative's offices asking for a free credit freeze for any reason. They gave me a "we care" speech. Nothing changed.

Five years ago my personal data was stolen from the state health department. I personally visited all of my congressmen and representative's offices asking for a free credit freeze for any reason. They met me in a secure room with bullet proof glass and video monitoring and gave me a "we care" speech. Nothing changed.

I looked up the campaign contributions for the aforementioned people and they all received ten grand per year from the credit bureaus. I gave them no money.

The best government that money can buy...

Whitehat
Posts: 107
Incept: 2017-06-27

New York City
Report This As A Bad Post Add To Your Ignored User List
A lot of state DMV's including NYS started requiring the social security number around 15 years ago for all and it was earlier for CDL's. Essentially it has become a national ID number which is not all bad except that if this is to be codified, then strict usage laws and rules need to be in place such as secure use discussed here and parameters of use.

One thing that the consumer should have a right to do is publicly reject certain forms of contract acceptance. Why is it not possible for a person to elect to not sign up for any credit or loan or other obligation unless it involves wet-ink signatures, originals archived and available for inspection until the contract is completed or the account closed. Even things that are applied for digitally would not be in force or active until the paperwork is delivered. This would mean that identity theft would be an act of forgery against consumers opting out in this fashion which brings in a better form of investigation, federal, FBI.

Related the consumer should not have to pay for credit monitoring or insurance because the credit reporting agencies should be required to notify anytime an account is submitted to them and the consumer is given a statutory time frame to reject the obligation without consequence. This could be further enhanced by legislation requiring all credit bureaus to be notified of any new application. This prevents the hidden issues when some only report to one or two.

The Electronic Signatures Act and all of the new options have an insidious nature as they eventually force people to accept them and the consequences of such. Personally, I do not want my signature delivered by fax to be binding, yet the system does not allow me to publicly state that I will never do this and anyone that relies upon such is doing so at his own risk, not mine.

This does not mean that the advances that we have need to be quenched, but they should not be vehicles to eventually force people into something where they carry all of the risks and expense for errors and prevention.

Working with the financial industry for over two decades has taught me one thing. There is a lot of slop in their systems. They make a big deal over counting things to the percentage of the penny and this form and that, but under the surface reveals that this is just window dressing. The sloppy record keeping is the avenue for hiding the true nature of their financial fundamentals. They are very used to be accepted at their word even in legal settings. When you are in a dispute with any financial entity, just try to get even digital copies of documents let alone a data dump of account history. In many cases they truly do not have it which I know from insiders. In this era of cheap storage, there is never an excuse for this now or even forty years ago.

Whenever you see slop in any organization, scandal always follows because it reveals a dropping of standards and is a sign to predatory interests that this is fertile ground for their scams. In all of my business years, whenever I see sloppiness in person, especially paperwork and documents and operations, it becomes apparent that the risk of corruption is there if not already present.

It is still recent memory that a check would not clear if not endorsed or written properly or if your signature was off a bit. While not perfect, a reduction in this standard does not go good places. Selling more public stocks that one actually has is easier than when paper certificates existed. People think that data on a computer is more accurate when electronic records allow for so much shadow work. I actually know dirtbags who go into disordered organizations such as non-profits to take advantage of the situation, same in business. Flies do not attract garbage, garbage attracts flies.

----------
There are two ways to be rich: One is by acquiring much, and the other is by desiring little.
Nickdanger
Posts: 646
Incept: 2011-06-12

Report This As A Bad Post Add To Your Ignored User List
This is so frustrating! I get at least one breach notice per year from various companies I have done business with, and am sick and tired of having to closely monitor everything all the time. Our tax returns were even compromised a couple of years ago, which caused a major headache.

Thanks, Karl. I now understand why they charge to freeze and unfreeze your credit. What a racket!

----------
Grammar: the difference between knowing your **** and knowing you're ****.
Bodhi
Posts: 131
Incept: 2008-02-23

Georgia
Report This As A Bad Post Add To Your Ignored User List
Quote:
A lot of state DMV's including NYS started requiring the social security number around 15 years ago for all and it was earlier for CDL's.


Georgia was already trying to implement this when I first moved here in 1993. They don't require your SS# to be the same as your driver's license#, but they strongly "encourage" it. When I first went to the license bureau to get my GA license the clerk asked if I wanted my SS# on my driver's license. I said no, I want a different number. She rolled her eyes and grudgingly got the state computer to spit out another number.
Ginnie
Posts: 24
Incept: 2017-04-03

Report This As A Bad Post Add To Your Ignored User List
My son got to see the decision-making that leads to these security breaches first-hand as an intern this past summer. His job was in the Data Security area and the hot task was to integrate some newly acquired companies. An older man had been hired as a consultant to draw up a plan for data security and he was very forthright telling the interns what was going to happen (some of the data also had HIPAA added into the mix). He said he would draw up a proposal that would make their data rock-solid safe. It would cost more money than the executives would spend so the execs would have a fit, pare it down to uselessness, implement something stupid and continue buying companies and managing more unsecured data.

So an American company paid my son almost $6000 to learn how screwed up they are with a side dish of HR idiocy and office politics. He did learn about two college courses worth of data security from the consultant so the end result was he got paid to take classes - win/win.

I'm sure that company is the rule rather than the exception. And all the executives should be behind bars. They know what they should do and they choose to break the law instead. There could be several shovel-ready jobs building new federal prisons for these people and most of our politicians.
Ktrosper
Posts: 3287
Incept: 2010-04-06

ft collins co
Report This As A Bad Post Add To Your Ignored User List
It's pure lawlessness and corruption - Pure recklessness and it's going to turn a lot of lives upside down.

My BIL nearly turned suicidal because of the problems it caused him. And yes, he daydreams of taking matters into his own hands in seeking revenge against those who were so careless with his info.. That's the consequence of the lawless/corrupt environment we've allowed... What we allow, we condone.

God help us when everyone simply defaults to "taking matters into their own hands" - that's the end of a civil society.

----------
The unexamined life is not worth living.-Socrates
The only stable state is the one in which all men are equal before the law.-Aristotle
Liberty exists now in the spaces government has not yet chosen to occupy.-Doc Zero
I anticipate that 10 Dallas Cowboys Cheerleaders will blow me this evening.-K.D
Ckaminski
Posts: 4198
Incept: 2011-04-08

Mass-Hole!
Report This As A Bad Post Add To Your Ignored User List
I've had my license # not my SSN since I started driving in the early 90's. In fact my mom was pissed because she'd already put me on the insurance with my SSN.

I'm not sure why I did it that way - but 16 yo me was super-smart in the clinch.

Top quote over on the reddit about this:
Quote:
By the way, they're directing users to sign up for TrustedID, which they own. Signing up for it requires you to forfeit your right to sue Equifax.



https://www.trustedid.com/premier/terms-....

Basically your standard FOAD Terms of Use.

Tickerguy
Posts: 149712
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
They can bite me.

----------
Winding it down.
Crossthread
Posts: 6022
Incept: 2007-09-04

Wilmington, NC
Report This As A Bad Post Add To Your Ignored User List
Quote:
Redbrian:Fifteen years ago my personal data was stolen from a local hospital. I personally visited all of my congressmen and representative's offices asking for a free credit freeze for any reason. They gave me a "we care" speech. Nothing changed.



Redbrian, back in the day.... I posted a rather looong, (before I got My DL's back), post in the Ticker Forum Bar then that I obtained TRASH along the highway Median, of Medical Record(s), billing, Patient records, And a assortment of personal info, Including bank/credit card/insurance billing records.. Way back then.. It's not changed one bit..
I STILL get/or see occasionally pieces of paper(s) etc blown off the Trash/Garbage truck that happens to be on the Same Route(s) of several banks AND our Local Hospital...
that is all...

----------
Cognitive Co-Dependency is when a normal rational person, internalizes irrational illogical presentations, and somehow reconciles them to fit their scripted indoctrination of logical analysis.
Quote:
Samuel L. Clemens:There is NO Native Criminal Class; EXCEPT for CONgress
Geckogm
Posts: 4308
Incept: 2007-06-26

Canyon Lake
Report This As A Bad Post Add To Your Ignored User List
If you sign up for credit monitoring you waive your right to participation in a class action which is joke as well. As you'll get a .32 cent check to wipe your ass with.
Attilahooper
Posts: 2741
Incept: 2007-08-28

New York, by way of Montreal Canada.
Report This As A Bad Post Add To Your Ignored User List
Wolf Richter of wolfstreet has an article on this. He suggests: "Have each of the three credit bureaus put a security freeze on your account."

Is this a valid action? He goes on to say that the freeze ****s the bureaus out of the ability to sell your data.

Pls remove link if it's a banned url
https://wolfstreet.com/2017/09/07/how-to....

----------
We are the Champions - No time for losers - Queen
https://www.youtube.com/watch?v=04854Xqc....

Twincam
Posts: 41
Incept: 2014-10-06

Report This As A Bad Post Add To Your Ignored User List
Quote:
Who wants to bet their IT shop is a bunch of low ball H1b's?


Came here to say this.

Most likely it was incompetence, but how about outright malice?

If you're paid slave wages and come from some hellhole where indoor plumbing is a luxury, if there's little chance of getting caught, what wouldn't you sell that data for?
Jduwaldt
Posts: 635
Incept: 2010-06-10

Orange County, CA
Report This As A Bad Post Add To Your Ignored User List
Here's a non-paywall link to a Bloomberg article on a class action suit (keep your speakers down if you are at work, it has a video interview of the Bloomberg reporter):

https://www.bloomberg.com/news/articles/....

----------
It's not an issue of "cooperation" vs "go it alone": it's a question of involuntary vs voluntary relationships.
Vernonb
Posts: 1879
Incept: 2009-06-03

East of Sheol
Report This As A Bad Post Add To Your Ignored User List
Interesting timing for all this. Some scammers evidently got a hold of some of my personal info this past week but it was evident it was not totally correct. First they made up some BS story to serve me papers because I refused to answer their letters or calls (there have been none) and told me I had better be at home or work at certain time so papers could be served. How convenient for them -lol.

I ignored the first call. They called the second day with the same high pressure routine wanting me to call a number and give them the "case #". The woman changed her last name the second time she called. Some are even spoofing IP court identities.

What they got from me was a phone call explaining why I and others in those areas are heavily armed and what would happen if they trespassed at my home or business pretending to be officers of the court. I gave them no info but their own "case" number.

No more phone calls.

It is bad enough these scammers can run these routines to frighten people not familiar with due processes of the law. It is bad enough that many can cobble together information at other internet search sites for $20.00 to ruin people's lives. But now equifax has just given them a mainline to people's good names. They just cut out the middleman to run these scams.
These jerks need to be imprisoned, ruined finanacially, and beaten eveny 2 hours for the rest of their short miserable lives.

Reminds me of the Blue Cross/Blue Shield Breach. These bastards later came back prommoting themselves with some type of ID theft protection that was being created to hide their own incompetence. Really? Trust you? ahahahahahahaahah. Of course our own HR people were their biggest promoters.

Too bad the stupid is not instantly inflammable.





----------
"Mass intelligence does not mean intelligent masses."
Aztrader
Posts: 7817
Incept: 2007-09-10

Scottsdale, AZ
Report This As A Bad Post Add To Your Ignored User List
The blog Sovereign man also had some loud comments on this.....

https://www.sovereignman.com/personal-re....
Aztrader
Posts: 7817
Incept: 2007-09-10

Scottsdale, AZ
Report This As A Bad Post Add To Your Ignored User List
Just tried to log into my Chase account and they locked it out for a new password. Looks like they are being proactive.....
Geckogm
Posts: 4308
Incept: 2007-06-26

Canyon Lake
Report This As A Bad Post Add To Your Ignored User List
"Have each of the three credit bureaus put a security freeze on your account."

Yes, if your not in the market for credit. (house, car macy's) It is the only way to fly. Everyone should do this!!!![\b]

If you buying washer and dryer and they offer you 30% off with credit app the bureau will call you in most cases and ask if you are applying for the credit.

I have asked do_the_math to post information/link so that TF'ers here have a clean way to do this without calling. She is busy now she said she would get to it in a few hours or so. She is a credit guru so hang in there.

Local_yokel
Posts: 228
Incept: 2008-12-18

Report This As A Bad Post Add To Your Ignored User List
Can I copyright my financial information and transactions? Would be nice to collect royalty checks from these bureaus.
Geckogm
Posts: 4308
Incept: 2007-06-26

Canyon Lake
Report This As A Bad Post Add To Your Ignored User List
From DTM

Hello Everyone,

The Equifax data leak is pretty serious business, and I hope everyone will take the time to make reasonable precautions to protect your identity and credit.

Equifax is offering one year free enrollment in TrustedID Premier for those whose information may have been impacted. To enroll, you have to go to Equifaxs website to start the enrollment. Please note that if you are impacted by the data breach and enroll in TrustedID the agreement includes language that waives your right to sue Equifax or join in a class action suit. Experts are already opining that the clause is void. Im not an attorney, and all I can say is to follow the news on this issue. With that said, a Class Action has already filed.

Other options are to place a credit freeze or credit alert on your credit. The credit alert is for 90 days, whereas a credit freeze can be permanent. A freeze is the most effective means of protecting your credit. However, it costs $10 to freeze, and there are charges to remove the freeze when you apply for credit. Please also note that you will have to provide a government issued ID and copy of utility bill, bank or insurance statement.


Credit freeze requires ID and the process takes longer in my opinion the better choice vs credit alert

FRAUD ALERTS and CREDIT FREEZES

I also recommend either placing a Fraud Alert on your credit or freezing your report as a precaution due to the Equifax Security breach. Here are the links:

TRANSUNION

TransUnion Fraud Alert:

https://www.transunion.com/fraud-victim-....

TransUnion Credit Freeze:

https://www.transunion.com/credit-freeze....


EXPERIAN

Experian Fraud Alert:

https://www.experian.com/fraud/center.ht....


Experian Credit Freeze:

https://www.experian.com/freeze/center.h....

EQUIFAX


Equifax Fraud Alert:

https://www.alerts.equifax.com/AutoFraud....


Equifax Credit Freeze

https://www.freeze.equifax.com/Freeze/js....

Reason: added her text
Tickerguy
Posts: 149712
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
Yep -- and placing a fraud alert DOES NOT COMPROMISE YOUR ABILITY TO SUE.

If you take their "free monitoring offer" IT DOES.

----------
Winding it down.
Tphedlund
Posts: 4
Incept: 2017-01-27

Report This As A Bad Post Add To Your Ignored User List
From the Equifax site for requesting a 90 day credit alert:

"Once your selected alert is placed on your credit file, we will forward your alert request to Experian and TransUnion so you don't need to contact each of them separately."

So you only have to do it once, if you can trust Equif*** to actually contact those other 2 bureaus.

Tickerguy
Posts: 149712
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
That's correct -- but I would do it on one of the OTHERS, since Equi****youuptheass has already proved they're untrustworthy.

----------
Winding it down.
Login Register Top Blog Top Blog Topics FAQ
Showing Page 1 of 3  First123Last