<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
When something is felt to be a secret, but is really something you
give to everyone, I call it a semi-private numbers. You'll see them
everywhere, social security numbers, credit card numbers, biometrics
of all sorts, your maiden name, etc. It's weird how people get upset
when huge collections of semi-private numbers get stolen. I'm
referring today to the Global Payment compromise, but tomorrow it'll
be because Trusted Traveler got compromised or something.<br>
<br>
When Trusted Traveler gets compromised[1] people are going to whine
about how some nefarious person has a copy of their fingerprints.
But they give out their fingerprints every time they return a glass
of beer to the local bar. <br>
<br>
Probably it would scare people even more if they realized that any
hacker who could steal the financial data from their credit card
could also track them down in real time as they spent it. Imagine if
you Baidu'd your name, and what came back was a Russian website that
listed every piece of porn you've ever purchased. How cool would
that be!<br>
<br>
Deep down the Secret Service looking into problems like this is a
secondary tax on consumers - the easy solution is to move everyone
to <a href="http://www.google.com/wallet/">mobile phone
applications that digitally sign every transaction</a>, such that
it can't be replayed or used to steal any additional money. It's
simple technically, and complex politically. Like all the best
security problems. :><br>
<br>
-dave<br>
[1] Obviously by this I mean "When you find out about it in the
news" since it has probably already happened.<br>
</body>
</html>