Stolen Data is a Risk, Here’s an Example of Altered Data That is Worse

Stolen Data is a Risk, Here’s an Example of Altered Data That is Worse

The entire system is based on the license plate database being connected to all of the automated plate readers. All it took for this to become a problem was for part of that not to stay safe. Since the license plate database isn’t, anyone can create a fake license plate, pop it on a similar-looking vehicle, and the collected data is tainted. All those people who had nothing to hide now have a system that assumes they were driving illegally, causing accidents, etc. They are facing actual fines, increased insurance costs, and possible arrests because of surveillance data that’s been hacked. Data that should show them as innocent but false information has been injected into it.

This Was Entirely Predictable – Hackers Tricking People Into Facial Scans

This Was Entirely Predictable – Hackers Tricking People Into Facial Scans

Collecting all of that information to verify the age of website visitors creates an extra-large target for that biometric information. When I applied online for unemployment, I had to provide copies of my social security card, driver’s license, and a live facial scan. Remember that this is the same state government with the entire DMV driver’s license database sitting on MoveIt when that tool got hacked, requiring me to store even more of my identity online with a third-party service.

The risk level is outrageous.

Linked – In major gaffe, hacked Microsoft test account was assigned admin privileges
|

Linked – In major gaffe, hacked Microsoft test account was assigned admin privileges

As the article below points out, I bet this wasn’t a technical issue. It’s not a bug. It’s a poor configuration choice, yes, likely made worse by a poor change management process. Somewhere along the way, you’d think someone would have it written down that this existed, and someone would see it written down and act on it. That didn’t happen. You’d also like to think there would be a hard rule to enable MFA in any environment, including testing ones.

Linked – Surveyed drivers prefer low-tech cars over data-sharing ones

Linked – Surveyed drivers prefer low-tech cars over data-sharing ones

It’s nearly impossible to know how much data is being collected. The obvious answer is to assume everything you do is being tracked somewhere. Online, you bet. In an internet-connected vehicle? Clearly. In a public space that has any surveillance? Probably.

Linked – AI and Mass Spying

Linked – AI and Mass Spying

Imagine, if you will, your smart TV or home assistant listening in on conversations you’ve been having about layoffs in your industry, and that data is shared with a financial institution that then decides that you’re not a good credit risk. The AI took that conversation and combined it with a ton of financial information from other people who work in your industry and made that call. Is it accurate? Probably not, but when you start grabbing data from all over the place and building these huge algorithmic models, things can get a little messy. You become less of an individual and more of a conglomeration of all the people who do things like you, and when you add in a little spying, that can lead to all sorts of disastrous consequences. 

Do we want governments and corporations to have that much power? No, but as Bruce rightly points out, we haven’t done much of anything to stop them from taking it so far. 

Linked – The Most Popular IT Admin Password Is Totally Depressing

Linked – The Most Popular IT Admin Password Is Totally Depressing

Well, this isn’t great.

“After sifting through more than 1.8 million pages identified as admin portals, researchers made a disheartening discovery — 40,000 of them used “admin” as its password, making it the most popular credential used by IT administrators.”