[EAS] Feeling Insecure?

Peter J. Kindlmann pjk at design.eng.yale.edu
Wed May 18 21:08:28 EDT 2005

The Germ

A mighty creature is the germ,
Though smaller than the pachyderm.
His customary dwelling place
Is deep within the human race.
His childish pride he often pleases
By giving people strange diseases.
Do you, my poppet, feel infirm?
You probably contain a germ.

       --Ogden Nash

(from Edupage, May 18, 2005)

Graduate students at Johns Hopkins University set out to see how much
personal information they could collect on as many individuals as
possible, using only the Internet and $50. The 41 students were in a
course taught by Aviel D. Rubin, professor of computer science and
technical director of the university's Information Security Institute,
who divided them into groups of three or four and instructed them to
use only legal, public sources of information. The exercise mimicked
the activities of data brokers, such as ChoicePoint and LexisNexis, and
the students were able to collect and aggregate vast amounts of
information, even with limited time and budgets. Although Rubin was
pleased that fewer Social Security numbers were among the data
collected than he had anticipated, privacy advocates insisted that such
information remains easy to obtain, posing enormous risk of identity
theft. Even without Social Security numbers, the data collected
represented for some individuals a very broad picture of who they are,
where they live, and activities in which they participate. Such access
to personal information worries many, including Sen. Ted Stevens
(R-Alaska), who conducted a similar experiment, instructing his staff
to try to steal his identity. Aside from information they discovered
about Stevens, they were told they could buy his Social Security number
for $65.
New York Times, 18 May 2005 (registration req'd)

A report released this week by the Government Accountability Office
(GAO) strongly criticizes the Wi-Fi security of federal agencies.
Wireless networks with no security or with poorly configured security
pose significant risks of unauthorized access. Hackers within range of
the network could access the network and potentially other computers on
the network. Despite guidelines issued by the National Institute for
Standards and Technology stating that government agencies should forgo
wireless networks unless their security can be ensured, 13 of 24 major
agencies do not require security for wireless networks, and 9 agencies
do not have wireless-security plans. Investigators from the GAO
monitored six agencies and detected Wi-Fi signals outside all of them.
The GAO report recommends that the Office of Management and Budget
require all federal agencies to use a variety of security measures,
including encryption and virtual private networks.
Reuters, 17 May 2005


To subscribe, unsubscribe, change your settings,
or access the Edupage archive, visit

Or, you can subscribe or unsubscribe by sending e-mail to
To SUBSCRIBE, in the body of the message type:
SUBSCRIBE Edupage YourFirstName YourLastName
To UNSUBSCRIBE, in the body of the message type:

If you have subscription problems, send e-mail to


More information about the EAS-INFO mailing list