Social security numbers too social, not secure

Pax Arcana

Last week the Internet shark that processes my student loans changed its online payment provider, requiring me to create a new account on some other Web site for some goddamn reason. Of course the thing asked me for my User ID and Password first — things which I didn’t actually have since the site is brand new.

So I click on the Forgot User ID or Password? button to have the site email me my login information.

Two minutes later I find out that my default password is a random smattering of numbers (yay student loan company!) but my default User ID is my social security number (boooooooooo student loan company!).

SSNs are notoriously bad security devices. They are easily stolen since every American has been forced to hand that information over to credit card companies, DMVs, hospitals, universities, employers, and many other institutions typically run by idiots.

And if the Washington Post is to be believed, that’s not even the worst of it. Turns out that a reasonably sophisticated software program could actually GUESS your social security number based only on your date and place of birth:

The Social Security number’s first three digits — called the “area number” — is issued according to the Zip code of the mailing address provided in the application form. The fourth and fifth digits — known as the “group number” — transition slowly, and often remain constant over several years for a given region. The last four digits are assigned sequentially.

As a result, SSNs assigned in the same state to applicants born on consecutive days are likely to contain the same first four or five digits, particularly in states with smaller populations and rates of birth.

Using only birth-related information in the so-called Death Master File, researchers at Carnegie Mellon were able to guess the first five digits of the SSN for 44% of dead people born after 1988 on the first try. They were able to guess all nine SSN digits for the same group 8.5% of the time in less than 1,000 attempts — an effort that would take only fractions of a second using a software program.

Most thieves wouldn’t even have to get all nine, since the only digits unique to you are passed around like blame at a congressional hearing:

Linda Foley, founder of the Identity Theft Resource Center, a San Diego based nonprofit, cited another potential problem. She said many businesses have errantly rely upon or have moved to redact all but the last four digits of a person’s SSN, the very digits that are most unique to an individual.

“Because of the way the SSN has been designed, asking for the last four numbers of the SSN puts people at risk because those are the only numbers that are unique to you and cannot be guessed easily by someone who might want to use your identity,” Foley said.

The Carnegie Mellon research has some — including the Social Security Administration — calling for private business to stop using the number as an authentication number. Companies resist this because it will cost money — plus consumers don’t want to have to remember dozens of totally random numbers for each bank or other account. I think the answer is to let people create their own authentication numbers in whatever sequence or language they like and then use that everywhere. Mine would be “serendipity” only the e’s would be made of dolphins and there would be a rainbow from the s to the y. Just like my lower back tattoo.

Researchers: Social Security Numbers Can Be Guessed [Washington Post]

Pete Hoekstra tweets his own demise

Pax Arcana

Despite a massive uptick in users over the past few months, Twitter has done very little to enhance our ability to make fun of retarded politicians from flyover states.

That all changed yesterday, when Rep. Pete Hoekstra (R-MI) used the digital communications tool to spell out for the world what a tool he is when it comes to digital communications:

Iranian twitter activity similar to what we did in House last year when Republicans were shut down in the House.

When a politician says something that stupid in front of a live audience, the gaffe generally dies quietly. When he says it in front of a camera, it becomes a soundbyte for the next 24 hours.

When he posts it to Twitter, it inspires a glorious revolution of snark and hilarity. Witness the carnage:

lunayapravda @petehoekstra My mp3 player froze this morning and wouldn’t reboot.  Now I know what the Germans felt like invading Russia in winter.

rebeccarose2004 @petehoekstra  Climbed up in my attic this morning to put away a box.  I think I’m going to publish diary of ordeal, just like Anne Frank.

ImagistTD @petehoekstra I stubbed my toe this morning.  Now I know what it feels like to have your leg amputated.

LawrenceH @petehoekstra I just sent you a twitter reply which is similar to Tolstoy writing War and Peace.

will_watson @petehoekstra: One time, I waded a few steps into the ocean and ran back real fast. Now I know what it was like to storm Normandy.

paganmist @petehoekstra Had to move all my stuff to a new office w/o a corner view. Now i know what the Trail of Tears was like

brianicoleman @petehoekstra  i had to reach into the oven to get my pizza out for lunch.  now i know what the holocaust must have been like.

RevCyn @petehoekstra – When I got to McDonald’s I found my coupon for fries had expired.  It was like the great Irish potato famine.

TahirDuckett “@petehoekstra ran through sprinklers this morning, claimed solidarity w/victims of Hurricane Katrina

stryder619 @petehoekstra I sat in a meeting as work today. Reminded me of Slavery

blanket Hey @petehoekstra The neighbor kid threw his frisbee at my window. It felt like 9/11 all over again.

darathedamned petehoekstra I was out of pomegranate yogurt this morning. Now I know how Donner party felt

jamestimmer @petehoekstra I saw two spiders in the shower this morning. I felt like I was at the Alamo.

They don’t even have to make sense to be funny! Hahaha moron learn the innernet.

Weed-powered airplane about to get high

Pax Arcana

You may remember when we posted about jatropha, the wild growing weed that some energy scientists say is a good bet for mass-production of a reliable biofuel.

OK, you probably don’t remember that at all. Hell, I didn’t remember it until I did a Google search for “jatropha” and this Web site was listed among the results. There it  was — a whole post about the freaky weed with my name on it — and still I don’t remember writing it.

I guess an addiction to huffing spray paint really is a bad thing.

Anyway, according to the Tech Review, a Boeing 747 owned by Air New Zealand is set to be the first aircraft to test the new fuel. The first flight is set for December 3.

While other planes have flown on biofuels before, jatropha offers several advantages over other sources:

Unlike many other biofuels, UOP’s jatropha jet fuel can replace conventional fuel without requiring changes to existing engines. Indeed, by several measures, the fuel is better than conventional jet fuel. It has a lower freezing point and can be exposed to higher temperatures onboard a plane without degrading. It also contains slightly more energy than conventional jet fuel, so a plane powered by jatropha could travel farther.

Also, jatropha plants are inedible — which is good for farmers worried about the government subsidizing competition — and scrub the atmosphere of carbon dioxide.

Also, you can put your weeeeed in it. OK I guess that doesn’t make any sense.

A Weed-Powered Passenger Jet [Tech Review]

Broadway shows are about to get even more annoying

Pax Arcana

As a certified member of the print media, I get all sorts of crazy whackjob press releases in my inbox every morning. Whether you’re selling apple coring machines or door-to-door pet grooming services, chances are that cut-rate PR firm you hired has spammed me with sloppily written missives on your behalf.

Here’s something I learned from these things — the only thing worse than Scientologists are anti-Scientologists.

Here’s something else — the hilariously named American Federation of Musicians of the United States and Canada (AFM) is pissed that the FCC decided to allow broadband Internet transmissions across the so-called “white space.”

The FCC says the use of the white space — which are basically the empty channels on the television spectrum — promotes broadband competition. But the AFM says unlicensed broadband devices may interfere with wireless microphones, thereby disrupting symphony concerts, church services, and musicals that depend on them.

In other words, when you take the family to see the Cats revival at the local playhouse, that audio you hear may just be errant transmissions from someone watching this over and over:

Of course, government lackies say there’s nothing to worry about:

FCC Chairman Kevin Martin, who pushed for the white-spaces proposal, said the vote will allow many kinds of new technology, including enhanced home broadband networks and intelligent peer-to-peer devices.

“Opening the white spaces will allow for the creation of a Wi-Fi on steroids,” he said. “It has the potential to improve wireless broadband connectivity and inspire an ever-widening array of new Internet-based products and services for consumers.”

Lord knows the only we’re missing out on these days is wireless connectivity.

Sent from my iPhone/BlackBerry/Treo/InternetShoe

US FCC Approves Rules Allowing White-space Devices [PC World]

Is there nothing Google Earth cannot do?

Pax Arcana

Well here’s a bit of serendipidous news for you. Not only can Google Earth spot north-south facing bovines on the plains of Nebraska, but also it can win you a gold medal in the Olympics.

Cyclist Kristin Armstrong ventured to Beijing last December and rode the time trial course for her event wearing a GPS unit in order to track the course elevation metrics for training purposes. She then returned to the states and mapped the GPS data using several different technologies, including Google Earth. Then she went back to China and won the time trial in a stirring race that might have been on TV if not for NBC’s 4-hour block of Olympic Bouncing Sexy Asses.

On a Google blog, Armstrong describes how this process helped her train for the event:

I was then able to trace the entire course from the comfort of my home half a world away and find a similar route to train on back in Boise. This capability along with having the elevation profile proved invaluable in my preparation for my Gold Medal race. It was also very nice to be able to show family members and friends the course from the excellent satellite views presented by Google Earth.

By coincidence, last night I used Google Earth to show my friends and family where I trained to be an astronaut. The resolution wasn’t sharp enough to see all the details, but I know an abandoned refrigerator when I see one.

How Google Earth Helped Win a Gold Medal [TechCrunch]
From Google Maps to gold medal [Lat Long Blog]

You are paying more than NASA for your data

Pax Arcana

Sending and receiving text messages from your cell phone — or as Pax Arcana calls it, the “gossamer communicatron” — involves a complicated array of technologies.

First the signal is transmitted from your handheld device to a nearby television antenna, where it is sent into ether and converted into radio signals. Then a series of tree-shaped radio receivers convert the signals into morse code and pipe the dots and dashes through a complicated network of underground tubes called “The Internets.” Once the morse code is translated by a crew of protocol droids, gasoline-powered turbines push the messages in hermetically sealed envelopes to a storehouse dedicated to your recipient’s cell phone number. An operator then reads the message and types the text onto the recipients cell phone screen through some sort of inscrutable black magic called “satellite.”

Speaking of satellites, one British space scientist (via Boing Boing) says the cost of sending and receiving text messages is four times higher than NASA pays for digital transmissions from the Hubble telescope. Which is way the fuck out there in space.

Ready to be bored?

“The maximum size for a text message is 160 characters, which takes 140 bytes because there are only 7 bits per character in the text messaging system, and we assume the average price for a text message is 5p. There are 1,048,576 bytes in a megabyte, so that’s 1 million/140 = 7490 text messages to transmit one megabyte. At 5p each, that’s £374.49 per MB – or about 4.4 times more expensive than the ‘most pessimistic’ estimate for Hubble Space Telescope transmission costs.”

Of course there are infrastructure costs — switching stations, towers, mall kiosks — that cell phone companies have to pay for somehow. The Hubble got its money from John Q. Taxpayer.

Speaking of, how much did the Hubble cost anyway? Oh, here it is. $6 billion. That sounds like an awful lot of money, doesn’t it?

Not so, says this one guy:

NASA space science chief Ed Weiler is quick to put that seemingly huge number in perspective.

“Thats about $6 billion spread out over 30 years,” he said. “And that equates to about two cents a week per American taxpayer over that period of time.”

Two cents a week? That’s more than a dollar a year! Do you know how many text messages that buys?

SMS data rate is 4x more expensive than data from the Hubble [Boing Boing]

This machine is deadly

Pax Arcana

Microwave ovens were invented to give divorced men a quick, easy way to heat up their Hot Pockets while pondering where it all went wrong. But it turns out they’re good for other things, too.

The New York Times reports that one scientist has devised a plan to use microwaves to kill invasive bacteria and other organisms that stowaway on huge cargo ships.

The ships take on water to maintain stability while empty, then dump the water at a different port when they’re being loaded. Meanwhile, all those little critters in the water are transported from place to place and dumped out into the ocean.

Dr. Dorin Baldor of LSU says using microwaves to quickly heat the water to 140 degrees before purging it will kill off the potentially invasive organisms:

The system he developed uses a 5,000-watt microwave unit (most home ovens are 800 watts or less) and a “resonance cavity” that focuses the energy on a water pipe. By varying the power and water flow, the researchers raised the water temperature quickly to about 140 degrees, high enough to kill the organisms they studied, including algae, brine shrimp and oyster larvae. The findings are published in Environmental Science and Technology.

If my experience with this technology is any indicator, the main obstacle to success will be even heating of the organisms. The edges of the boat’s ballast tank will be piping hot while the middle will still be lukewarm, even after following the goddamn instructions. You can stir and stir, but still you’ll get some pockets that stay cool while others set the entire roof of your mouth on fire. Goddamn pizza rolls.

Microwave Is Redirected to Kill Shipboard Pests [New York Times]

Pax Cranium: Inside the mind of Pax Arcana

Pax Arcana

This morning, Pax Arcana had an MRI on my noggin to determine whether my intermittent arm numbness is caused by carpal tunnel syndrome, a pinched nerve, or the lingering effects of that zombie poison the natives sprayed at me in the Haitian jungle (Spring Break ’99! Woot woot!!).

These days, they hand you a CD of the images the machine generates when you leave the MRI center. You then take them to your doctor, who points out where the Q-Tips and paste bottle tips must have gotten lodged. Before that happens, though, you put the CD into your computer at work and look at disturbing images of your brain, carotid artery, and blood vessels with Father Scott.

Here is what my brain looks like (click to enlarge):

The Neanderthal-like protruding brow says it’s working

To help you navigate this image, I have created a guided tour of my brain below. It’s a complex mechanism, so I was forced to leave out some of the smaller areas, but the majority of it is correct:

(Click to enlarge. No seriously, dude. Clicking this will enlarge my brain. Please?)

The death of DRM draws nigh

Pax Arcana

Maybe I’m just a yellow-bellied namby pamby pollyanna goody-two-shoes (insert more 1950s insults for cowardice here), but I am not in favor of downloading unlicensed music from the Internet. Call me crazy, but working in the publishing industry has me conditioned to think people should pay for what they consume in one fashion or another.

At the same time, I am firmly against DRM — which for those who don’t follow this stuff closely — stands for Digital Rights Management. DRM is essentially software that is encoded into the music sold on many legal music outlets — such as iTunes — that prevents it from being copied.

The problem with DRM is that even after you spend the money to buy a song or album, you are still limited in what you can do with it. DRM is why you can’t make copies of music you buy on iTunes or put it on a non-Apple device, for example. This makes people like me angry. It’s an exploitative attempt to lock you into buying more products from a particular company down the road.

The good news is that some major online outlets have come around to public distaste for DRM, and are beginning to offer music in DRM-free formats such as MP3.

I get most of my music in the form of MP3s from eMusic. I pay a $15/month subscription fee in exchange for 50 downloads. That amounts to about 4 albums of music per month, which would cost me at least $40 at iTunes. The only problem with eMusic is that while it boasts hundreds of the best indie bands out there, mainstream acts with major record deals are not to be found there.

Fortunately, Amazon.com recently struck a deal with many of the major record companies that allows them to offer MP3s on its site. Better yet, full albums are typically $2 – $3 cheaper than they are on iTunes, meaning you are getting a legal product of superior quality (in terms of your potential reuse) for less.

Now comes news that Wal-Mart is jumping on the MP3 bandwagon. According to Wired (via Techdirt) the retail behemoth has abandoned its DRM in favor of the reusable standard MP3 format. Wal-Mart had been selling music on its Web site that was protected by Microsoft-designed DRM. That technology prevented those songs from being played on iPods. Which, if you haven’t heard, are pretty popular.

Anyway, the Wired article says artists on the Sony/BMG label will not be available for download — presumably because Wal-Mart hasn’t worked out a multi-million dollar licensing deal with them.

But anyone who covers the business world at any level knows that Wal-Mart can be a powerful force for change, good and bad. Even in the relatively soft-goods world of online media sales, I’m betting Wal-Mart’s enormous gravitational pull will help bring in the tide on DRM.

Now back to our regularly scheduled making fun of scientists and old people.

Wal-Mart Abandons Windows DRM, Sony/BMG and Warner [Wired]

The escalators are trying to kill our old people

Pax Arcana

The New York Times today reports a dramatic rise in the rate of escalator attacks against old people. In fact, the yearly rate of escalator injuries increased more than 100% from 1991 to 2005 — to an average of 2,660 sweet old ladies per year:

Nobody knows why the rate is rising. “Perhaps the exposure is greater than it was in 1991,” said the study’s lead author, Dr. Joseph O’Neil, an associate professor of pediatrics at Indiana University. “We don’t know if there are more escalators, but there are certainly more active older adults.”

Welcome to hell. Please use the hand rail.

Also, they always put the Friendly’s on the second floor of the mall.

Dr. O’Neil’s report cautions older people to use care when riding the mechanized death traps. At any time, he said, the steel jaws of misfortune can clamp down on your velcro shoes and drag you, bloodied and wailing, into the fiery pit of H-E-doublehockeysticks.

Senior citizens especially are encouraged to get their affairs in order before engaging in any way with technology — especially mechanized conveyances, robots, VCRs, and the eBays. Danger lurks around every corner.

Escalator Injuries Rise in Older Adults [New York Times]