[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ANYONES CREDIT CARD # per your request.
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 20 Sep 1996, Lynne L. Harrison wrote:
> You can go to their web page (http://www.lexis-nexis.com), click "Just
> In" and request via email that your name be removed from their database by
> filling out the form.
> Problem, of course, is that one doesn't know if one's name and info is in
> the database unless one is a subscriber and can look it up. I, personally,
> do not feel comfortable in filling out a form with my personal info and
> sending it along - 1) for the obvious reasons; and 2) what if I'm not even
> in their nefarious database? If not, then I've just entered my personal
> info and sent it on its merry way to whomever and wherever unnecessarily -
> whether by email, fax, or snail mail.
There is an easy technical solution to this: store a one-way hash of each entry
in a database field, so if one wants to be removed, all one has to do is send
the one-way hash of their personal information. If there is a database entry
that matches the hash, then it is up to the database maintainer to remove the
entry. If there isn't a matching entry, then no personal information will have
been given out. I wonder how many "privacy conscious" database maintainers
will actually implement a scheme like this.
> I tried just entering my name, email address, and state but, as
> anticipated, received a msg that ALL info has to be supplied, so I'll chk
> with someone I know that has an account to see if my name is there.
> However, the BIGGEST problem I foresee with this database (and others
> like it) is that someone eventually is going to hack it - and then watch the
> fun and games ensue.
TRW credit databases have been broken into many times, and they have more
information then Lexis-Nexis (credit-card numbers minus the last four digits,
addresses, telephone numbers, and of course, credit histories). Nothing
really devestating has happened because of these incidents.
PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----