Announcement

Collapse
No announcement yet.

Frank Abagnale gives advice on very simple identity theft prevention precaution.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Frank Abagnale gives advice on very simple identity theft prevention precaution.

    Is good advice...

    From somebody who would know.

    https://www.yahoo.com/finance/news/f...142210933.html

    #2
    Originally posted by Dr. Gonzo View Post
    Is good advice...

    From somebody who would know.

    https://www.yahoo.com/finance/news/f...142210933.html
    Wonderful.
    '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

    My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

    Comment


      #3
      If they get rid of passwords in the next 2 or 3 years, as he says, what will they use instead?
      Combatives training log.

      Gezere: paraphrase from Bas Rutten, Never escalate the level of violence in fight you are losing. :D

      Drum thread

      Pavel Tsatsouline: kettlebell workouts give you “cardio without the dishonour of aerobics”.

      "Disliking someone is not evidence of wrongdoing or malfeasance or even bias." --Dung Beatles

      Comment


        #4
        Originally posted by Diesel_tke View Post
        If they get rid of passwords in the next 2 or 3 years, as he says, what will they use instead?
        Biometrics and AI.

        That's what they use in bathrooms in China today to ration toilet paper, facial recognition.

        I'm not joking.
        '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

        My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

        Comment


          #5
          Originally posted by Diesel_tke View Post
          If they get rid of passwords in the next 2 or 3 years, as he says, what will they use instead?
          A biometric combined with a two factor authentication is growing in popularity.

          We'll see.

          Comment


            #6
            Originally posted by Dr. Gonzo View Post
            A biometric combined with a two factor authentication is growing in popularity.

            We'll see.
            2FA will be replaced by nFA, where your identity won't be proven with 1 or 2 things, but a potential million or more.

            DNA illustrates this in theory and practice, which is why it's allowed forensically in court via Daubert. And even then, there's a very small potential of error.

            Future authentication may involve providing your DNA, your face, voice, with an AI that knows exactly where you are, or were, or will be after authentication.

            Amazon is right now building a way to guess what you will order in the future, so it can deliver it to you as fast as a pizza.

            If this sounds like Skynet..it is exactly that.
            Last edited by W. Rabbit; 9/16/2019 12:01pm, .
            '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

            My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

            Comment


              #7
              Interesting. So, which of these companies are leading the R and D in those areas? As in, where should I invest my money. ;)
              Combatives training log.

              Gezere: paraphrase from Bas Rutten, Never escalate the level of violence in fight you are losing. :D

              Drum thread

              Pavel Tsatsouline: kettlebell workouts give you “cardio without the dishonour of aerobics”.

              "Disliking someone is not evidence of wrongdoing or malfeasance or even bias." --Dung Beatles

              Comment


                #8
                IMO, has to be "something you have and something you know."

                Password can be stolen or social engineered, so you need...

                a token - DNA, facial match, iris match, fingerprint, RSA device, etc... but those can be stolen so you need...

                A password.

                (this is where APT comes into play)

                There's a tradeoff between security and usability. If you make systems too hard to access, you lose productivity. If you're losing productivity, there's no point in having the systems in the first place.
                Consider for a moment that there is no meme about brown-haired, brown-eyed step children.

                Comment


                  #9
                  Originally posted by submessenger View Post
                  IMO, has to be "something you have and something you know."

                  Password can be stolen or social engineered, so you need...

                  a token - DNA, facial match, iris match, fingerprint, RSA device, etc... but those can be stolen so you need...

                  A password.

                  (this is where APT comes into play)

                  There's a tradeoff between security and usability. If you make systems too hard to access, you lose productivity. If you're losing productivity, there's no point in having the systems in the first place.
                  Three things: Something you have, know, or are. E.g. Token, password, retina. Smart card, security question, fingerprint.

                  Theft is the biggest risk but all 2fa does is make it harder and or more expensive to attack. And yes, it makes some biometric attacks particularly gruesome, something they love to spoof in action movies.

                  Many modern tokens no longer simply spit out nonces you can use as second factors. Newer ones are basically OTP generators with their own authentication.That change came about a few years ago from the massive RSA token breach. You won't find many places using PRNG fobs nowadays...turns out you don't need the fob if you can't just steal or generate the number it displays.

                  Really, the idea of extending 2fA to nfA is to keep lowering the probability of a successful theft, replay, etc through a simple cost/benefit play. And by making authentication more seamless with ML/AI, like all seamless tech eventually you don't even see it when its working.

                  And yes, APTs don't care how many you use, which is where concepts like kill chains and defense in depth come in.

                  Already AI can be used to see what you do after successful authentication, for exactly that reason. You have to account for unauthorized access or you're gonna have a bad day.
                  '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

                  My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

                  Comment


                    #10
                    Originally posted by W. Rabbit View Post
                    Three things: Something you have, know, or are. E.g. Token, password, retina. Smart card, security question, fingerprint.

                    Theft is the biggest risk but all 2fa does is make it harder and or more expensive to attack. And yes, it makes some biometric attacks particularly gruesome, something they love to spoof in action movies.

                    Many modern tokens no longer simply spit out nonces you can use as second factors. Newer ones are basically OTP generators with their own authentication.That change came about a few years ago from the massive RSA token breach. You won't find many places using PRNG fobs nowadays...turns out you don't need the fob if you can't just steal or generate the number it displays.

                    Really, the idea of extending 2fA to nfA is to keep lowering the probability of a successful theft, replay, etc through a simple cost/benefit play. And by making authentication more seamless with ML/AI, like all seamless tech eventually you don't even see it when its working.

                    And yes, APTs don't care how many you use, which is where concepts like kill chains and defense in depth come in.

                    Already AI can be used to see what you do after successful authentication, for exactly that reason. You have to account for unauthorized access or you're gonna have a bad day.
                    3FA is bullshit - they took 2FA and busted out part of the "have," to be a bio factor. It's marketing gee-whiz, at best.

                    We all know that this is only keeping the honest people honest, anyways. Trouble is, most people are actually honest, so the fear-mongering gets a little shrill.

                    Slight correction to my previous - DNA is not readily available as an instant test, that was an error on my part. At best, with current "widely," available tech, you would have blood typing or an encoding of DNA (which is just another have, and easily copied).
                    Consider for a moment that there is no meme about brown-haired, brown-eyed step children.

                    Comment


                      #11
                      Originally posted by submessenger View Post
                      3FA is bullshit - they took 2FA and busted out part of the "have," to be a bio factor. It's marketing gee-whiz, at best.

                      We all know that this is only keeping the honest people honest, anyways. Trouble is, most people are actually honest, so the fear-mongering gets a little shrill.

                      Slight correction to my previous - DNA is not readily available as an instant test, that was an error on my part. At best, with current "widely," available tech, you would have blood typing or an encoding of DNA (which is just another have, and easily copied).
                      We're talking about identity, not intentions. And plenty of dishonest people can abuse any number of factors to do damage. Donald Trump has access to "the button". OH, the war stories I could tell you about people with privileges..

                      And based on cyberpharmacogenomics, it turns out that the best way to authenticate yourself is, well, to be you, with as many factors determining that as possible. Hence, nFA.

                      AFTER that, is a subject for many other dimensions beyond proving "identity". This is actually the subject my own graduate research, if you are really interested. The cardinality of dimensions.
                      '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

                      My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

                      Comment


                        #12
                        Originally posted by W. Rabbit View Post
                        OH, the war stories I could tell you about people with privileges..
                        Who better than you?

                        You're in your 40's and still receiving, accepting, and arguably depending on economic subsidies from your parents and in laws.

                        Despite the fact that you were born white, male, to a well off family, with direct close relatives that held high government position.

                        You are the most demoralizing case example a minority could be exposed to from the perspective of a well off kid with privilege who gets to skate despite gross incompetence and lack of individual redeeming qualities.

                        Then again, you represent the opportunity for those born without privilege to rise above those born with privilege because of the low bar you set.

                        So, everything has a yin and a yang, I suppose.
                        Last edited by Dr. Gonzo; 9/16/2019 8:19pm, .

                        Comment


                          #13
                          Originally posted by Dr. Gonzo View Post
                          Who better than you?

                          You're in your 40's and still receiving, accepting, and arguably depending on economic subsidies from your parents and in laws.

                          Despite the fact that you were born white, male, to a well off family, with direct close relatives that held high government position.

                          You are the most demoralizing case example a minority could be exposed to from the perspective of a well off kid with privilege who gets to skate despite gross incompetence and lack of individual redeeming qualities.

                          Then again, you represent the opportunity for those born without privilege to rise above those born with privilege because of the low bar you set.

                          So, everything has a yin and a yang, I suppose.
                          Which one of my TEN THOUSAND war stories is worthy of your judgement.

                          Again with the galloping. What the fuck does this post have to do with the topic, G3? Everything you said just now wrong, especially the part about being born to a "Well off family". Shut the fuck up.
                          '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

                          My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

                          Comment


                            #14
                            Originally posted by W. Rabbit View Post
                            Which one of my TEN THOUSAND war stories is worthy of your judgement.

                            Again with the galloping. What the fuck does this post have to do with the topic, G3? Everything you said just now wrong, especially the part about being born to a "Well off family". Shut the fuck up.
                            I kinda like drunk Rabbit.
                            Consider for a moment that there is no meme about brown-haired, brown-eyed step children.

                            Comment


                              #15
                              Originally posted by submessenger View Post
                              I kinda like drunk Rabbit.
                              If I was drunk I'd be chasing Mrs. Rabbit.
                              '�I am no advocate of passivity,� Coffin Mott said in an 1860 speech. �Quakerism, as I understand it, does not mean quietism. The early Friends were agitators; disturbers of the peace; and were more obnoxious in their day to charges, which are now so freely made, than we are.�'

                              My Glossary: https://www.bullshido.net/forums/sho...d.php?t=129294

                              Comment

                              Collapse

                              Edit this module to specify a template to display.

                              Working...
                              X