wiredmikey quotes a report from Security Week: U.S. officials are studying ways to end the use of social security numbers for identification following a series of data breaches compromising the data for millions of Americans, Rob Joyce, the White House cybersecurity coordinator, said Tuesday. Joyce told a forum at the Washington Post that officials were studying ways to use “modern cryptographic identifiers” to replace social security numbers. “I feel very strongly that the social security number has outlived its usefulness, ” Joyce said. “It’s a flawed system.” For years, social security numbers have been used by Americans to open bank accounts or establish their identity when applying for credit. But stolen social security numbers can be used by criminals to open bogus accounts or for other types of identity theft. Joyce said the administration has asked officials from several agencies to come up with ideas for “a better system” which may involve cryptography. This may involve “a public and private key” including “something that could be revoked if it has been compromised, ” Joyce added. Read more of this story at Slashdot.
See the original post:
US Studying Ways To End Use of Social Security Numbers For ID
An anonymous reader quotes security researcher Brian Krebs: The web site that Equifax advertised as the place where concerned Americans could go to find out whether they were impacted by this breach — equifaxsecurity2017.com — is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones. TechCrunch has concluded that “the checker site, hosted by Equifax product TrustID, seems to be telling people at random they may have been affected by the data breach.” One user reports that entering the same information twice produced two different answers. And ZDNet’s security editor reports that even if you just enter Test or 123456, “it says your data has been breached.” TechCrunch writes: The assignment seems random. But, nevertheless, they were still asked to continue enrolling in TrustID. What this means is not only are none of the last names tied to your Social Security number, but there’s no way to tell if you were really impacted. It’s clear Equifax’s goal isn’t to protect the consumer or bring them vital information. It’s to get you to sign up for its revenue-generating product TrustID. Meanwhile, one web engineer claims the secret 10-digit “security freeze” PIN being issued by Equifax “is just a timestamp of when you made the freeze.” Read more of this story at Slashdot. 
An anonymous reader shares an article: Container shipping company A.P. Moller Maersk on Tuesday said it expects that computer issues triggered by the NotPetya cyberattack will cost the company as much as $300 million in lost revenue. “In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco, ” Maersk CEO Soren Skou said in a statement. “Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by USD 200-300m.” Maersk Line was able to take bookings from existing customers two days after the attack, and things gradually got back to normal over the following week, the company said. It said it did not lose third-party data as a result of the attack. Read more of this story at Slashdot. 
New submitter threc shares a report from MIT Technology Review: The tech world descended on Washington, D.C. yesterday to attend a tech summit at the White House. According to MIT Technology Review associate editor Jamie Condliffe: “Trump suggested he might relax his stance on immigration as a way to get tech leaders to help his cause. ‘You can get the people you want, ‘ he told the assembled CEOs. That sweetener may be a response to a very vocal backlash in the tech world against the administration’s recent travel bans. Trump may hope that his business-friendly stance will offer enough allure: if tech giants scratch his back, he may later deign to scratch theirs.” The report continues: “‘Our goal is to lead a sweeping transformation of the federal government’s technology that will deliver dramatically better services for citizens, ‘ said Trump at the start of his meeting with the CEOs, according to the Washington Post. ‘We’re embracing big change, bold thinking, and outsider perspectives.’ The headline announcement from the event was Trump’s promise to overhaul creaking government computing infrastructure. According to Jared Kushner, the president’s son-in-law and advisor, there’s much to be done: federal agencies have over 6, 000 data centers that could be consolidated, for instance, while the 10 oldest networks in use by the government are all at least 39 years old. The upgrade, said Trump, could save the country $1 trillion over the next 10 years.” Read more of this story at Slashdot. 
In the self-driving future envisioned by Tesla CEO Elon Musk, car owners might be saying “goodbye” to a whole lot more than steering wheels. From a Mashable report: Musk is so sure of the safety features bundled into Tesla vehicles that his company has begun offering some customers a lifetime insurance and maintenance package at the time of purchase. No more monthly insurance bills. No more unexpected repair costs. “We’ve been doing it quietly, ” Tesla President of Global Sales and Service Jonathan McNeill explained on the call, “but in Asia in particular where we started this, now the majority of Tesla cars are sold with an insurance product that is customized to Tesla, that takes into account not only the Autopilot safety features but also the maintenance costs of the car.” “It’s our vision in the future that we’ll be able to offer a single price for the car, maintenance and insurance in a really compelling offering for the consumer, ” added McNeill. “And we’re currently doing that today.” Read more of this story at Slashdot. 
An anonymous reader writes: Last month a man sent an email to Elon Musk explaining how his Tesla Model S with Autopilot activated may have saved a pedestrian’s life. Now, it appears Autopilot may have saved the life of a Tesla Model X driver. CNBC reports: “A Missouri man says his Tesla helped saved his life by driving him to the hospital during a life-threatening emergency. Joshua Neally is a lawyer and Tesla owner from Springfield, Missouri, who often uses the semi-autonomous driving system called Autopilot on his Tesla Model X. The system has come under fire after it was involved in a fatal Florida crash in May, but Neally told online magazine Slate that Autopilot drove him 20 miles down a freeway to a hospital, while Neally suffered a potentially fatal blood vessel blockage in his lung, known as a pulmonary embolism. The hospital was right off the freeway exit, and Neally was able to steer the car the last few meters and check himself into the emergency room, the report said.” Read more of this story at Slashdot. 
An anonymous reader writes: On June 28th, a SpaceX Falcon 9 rocket exploded just over two minutes into its attempt to reach the International Space Station. It was a contracted mission from NASA to resupply the astronauts living there. Today, NASA associate administrator William Gerstenmaier said the price tag to taxpayers for that failed launch is $110 million. SpaceX is leading the investigation into the cause of the failure, and NASA officials faced tough questions about whether private companies should be allowed to direct investigations into their own failed launches. A similar inquiry is underway at Orbital ATK. NASA inspector general Paul Martin said his office is looking into the matter. Gerstenmaier added that NASA is thinking about making these companies take out insurance policies that would cover the cost to taxpayers in the event of another failure. Read more of this story at Slashdot. 
An anonymous reader tips an Associated Press report saying that Healthcare.gov is sending users’ personal data to private companies. The information involved is typical ad-related analytic data: “…it can include age, income, ZIP code, whether a person smokes, and if a person is pregnant. It can include a computer’s Internet address, which can identify a person’s name or address when combined with other information collected by sophisticated online marketing or advertising firms.” The Electronic Frontier Foundation confirmed the report, saying that data is being sent from Healthcare.gov to at least 14 third-party domains. The EFF says, “Sending such personal information raises significant privacy concerns. A company like Doubleclick, for example, could match up the personal data provided by healthcare.gov with an already extensive trove of information about what you read online and what your buying preferences are to create an extremely detailed profile of exactly who you are and what your interests are. It could do all this based on a tracking cookie that it sets which would be the same across any site you visit. Based on this data, Doubleclick could start showing you smoking ads or infer your risk of cancer based on where you live, how old you are and your status as a smoker. Doubleclick might start to show you ads related to pregnancy, which could have embarrassing and potentially dangerous consequences such as when Target notified a woman’s family that she was pregnant before she even told them. ” Read more of this story at Slashdot.