Latest software headlines from Network World:
Quick fix for Firefox 3 bug with Yahoo Mail
Continuent launches open-source database scale-out stack
Wider implications of the Red Hat breach
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Don't use the SSN for authentication
You mention the Social Security Number being used in the US as a ubiquitous identifyer - due to the lack of alternatives and inspite of the fact that the SSN was not originally designed to serve as such a general identifier. You then mention the problem of data aggregation based on this identifier. However, data aggregation is mainly a privacy issue, not a security / identity fraud issue. It seems to me (being Swiss, not American) that the use of SSN becomes a problem related to identity fraud from the moment that SSN is considered as a "secret" and used for authentication. However, an identifier mustn't be considered nor used as a secret.
I say that using