[HN Gopher] U.S. military members' personal data being sold by o...
___________________________________________________________________
U.S. military members' personal data being sold by online brokers
Author : 23B1
Score : 124 points
Date : 2023-11-07 17:39 UTC (5 hours ago)
(HTM) web link (www.axios.com)
(TXT) w3m dump (www.axios.com)
| 23B1 wrote:
| PDF of the study: https://techpolicy.sanford.duke.edu/wp-
| content/uploads/sites...
| jcadam wrote:
| I'm sure the military still has a SSN field on EVERY. SINGLE.
| FORM. they have you fill out while you're in the service. There
| was talk of replacing that with a "service number" but somehow I
| doubt they've got around to it yet.
|
| Between VA employees leaving laptops full of PII laying around
| and that big OPM leak several years ago, I apparently have no
| private life.
| LtWorf wrote:
| The problem is treating the SSN as a username and a password.
|
| It should not be the only information required to authenticate
| people.
| user3939382 wrote:
| It should be used for your social security account and
| nothing else.
| tczMUFlmoNk wrote:
| Huh. As a member of a generation that has grown up tacitly
| understanding that social security will very likely be
| insolvent/cancelled by the time that we're old enough to
| qualify for it, and thus we shouldn't rely on it whatsoever
| --it's surreal to consciously connect these two concepts.
| For me, "social security number" is just the name for the
| ID number that so many of us have and are used to writing
| everywhere. The name is just a string of symbols. It sounds
| silly, but I've never thought about it _in relation to
| social security_. Thanks for the mind-bender. :-)
| SonicScrub wrote:
| There's an interesting story about how the social
| security number evolved to being much more than just for
| social security. Quick 5 minute primer:
|
| https://m.youtube.com/watch?v=Erp8IAUouus&pp=ygUYY2dwIGdy
| ZXk...
| askiiart wrote:
| Short link without tracking id (si=):
| https://youtu.be/Erp8IAUouus
| dragonwriter wrote:
| > As a member of a generation that has grown up tacitly
| understanding that social security will very likely be
| insolvent/cancelled by the time that we're old enough to
| qualify for it
|
| Is it "tacitly understanding" when you've been bathed
| your whole life in active propaganda promoting an idea?
| Because, on this, if you are in any cohort from Gen X, or
| maybe the trailing edge of thr Boomers, on, you have
| been.
| jcadam wrote:
| Nah, we'll get our SS checks - the Fed will turn the
| money printer up to 11 if they have to cover the program.
|
| Inflation will make them worthless, but we'll get our
| checks :)
| dragonwriter wrote:
| SS benefits are indexed to a wage index (which has been
| greater than inflation consistently since thr mid-1980s)
| over working life and to inflation from retirement on.
|
| Cranking the money printer just drives up nominal social
| security benefits to compensate (for current retires) or
| more (because easy money drives higher wages).
| burkaman wrote:
| > social security will very likely be insolvent/cancelled
| by the time that we're old enough to qualify for it
|
| This is not true, it's propaganda promoted by rich people
| who want to get rid of social security. It could be
| eliminated for political reasons, but spreading this idea
| that it's going to "run out of money" only makes that
| more likely. The government cannot run out of its own
| money. It can cause inflation, but continuing to pay
| social security benefits is not going to suddenly cause
| massive inflation. The only way social security could end
| is if politicians and voters decide they don't want it
| anymore.
| cheeseomlit wrote:
| >The government cannot run out of its own money. It can
| cause inflation, but continuing to pay social security
| benefits is not going to suddenly cause massive
| inflation.
|
| Social security is a massive portion of federal spending,
| indefinitely printing money to fund it is not sustainable
| and will cause significant inflation
| burkaman wrote:
| Why hasn't that happened yet? Also, the government is
| going to continue indefinitely printing money whether or
| not we have social security.
| cheeseomlit wrote:
| It has, inflation is rising rapidly in no small part due
| to the gov printing money to cover its obligations, of
| which social security is one of the largest and will only
| become larger as the cost of living increases due to said
| inflation- a vicious cycle. If contributions don't cover
| the payouts (which they don't, and never will unless you
| tax the younger generations to death) then the difference
| has to be made up with printing, which will of course
| cause inflation
|
| You are right that they will continue printing money
| regardless, and at this point it's too late for a 20%
| reduction to fix anything. Might as well just take the
| checks while you can and make the most of it, not much
| else you can do. But that doesn't mean its sustainable or
| will last forever.
| burkaman wrote:
| But social security has been a constant ~20% of spending
| for 50 years. Inflation has not been constant at all
| during that time, and has even dipped below 0. How is
| that possible if social security is a major contributor
| to inflation?
| TheCleric wrote:
| > inflation is rising rapidly in no small part due to the
| gov printing money to cover its obligations
|
| "US Inflation Rate is at 3.70%, compared to 3.67% last
| month and 8.20% last year. This is higher than the long
| term average of 3.28%."
|
| I would hardly call something that's only slightly above
| average (and less than half of what it was a year ago) as
| "rising rapidly".
|
| https://ycharts.com/indicators/us_inflation_rate
| gedy wrote:
| They've been throwing money left and right for years,
| they can throw some when we are unable to work.
| dragonwriter wrote:
| > This is not true, it's propaganda promoted by rich
| people who want to get rid of social security.
|
| Exactly: "social security is going to be gone by the time
| you would get it" is a line peddled almost entirely by
| political activists looking to build support for
| _eliminating social security_ , and it has been such a
| line for the entire life span of people who are now old
| enough to receive SS old age retirement benefits.
| vkou wrote:
| What should we use for all the other government services
| that need to uniquely identify you?
|
| (This a trick question, not a rabbit hole you actually want
| to go down, because no matter what you suggest, I'll
| happily poke a thousand holes in it.)
| BOOTRACER wrote:
| DNA scan
| kwhitefoot wrote:
| It's used for everything here in Norway: banks, insurance
| companies, tax, social security, health, etc. It's just a
| Globally Unique Identifier not a password, it doesn't grant
| you access.
| stonogo wrote:
| The US military does not use the SSN as a username or a
| password. They've had smartcards, even on Linux, as far back
| as 20 years ago or more. Users without smartcards have to go
| through 2FA with a username/password combination and codes
| over SMS or proper TOTP (depending on agency).
|
| The problem is that the entire Department of Defense is still
| very much a paper-oriented organization, and they got rid of
| service numbers in the 1970s, leaving the SSN as the only
| meaningful unique identifier. As a result it gets put on
| every piece of paperwork associated with a service member.
| Their own recordkeeping practices have the consequence that
| if you get almost any paperwork regarding a soldier, it has
| enough information to gain access to _other_ personal
| information.
| swells34 wrote:
| You've hit the nail mostly on the head. Paper is a problem,
| for obvious reasons, especially the amount of triplicate
| hand filled forms that require all of your PII every time.
| The second issue is access control vs. expediency. Millions
| of people, all over the world, can digitally access huge
| amounts of your personal information at a whim, by only
| having your name, or your military email address.
|
| This is an important requirement for quickly checking on a
| person or their orders or their training status, but at the
| sacrifice of personal information security for you. It gets
| even worse going to the VA, which I can say from personal
| experience, will happily allow just about anyone to have
| whatever information they want about you. I got a happy
| surprise letter from them stating that my DD-214, a super
| identity document, containing information found on a birth
| certificate, a social security card, a driver's license,
| plus so much more, had been put on a thumb drive by a third
| party contractor, along with thousands of other service
| members info, and sold to a dark web information broker.
| So, the problem is just that it's to the military's benefit
| to not protect you.
| LtWorf wrote:
| I wasn't talking about the military per se. I was talking
| about how you can open a bank account just by knowing
| someone else's ssn
| hindsightbias wrote:
| You should sit in on a call to dfas.mil sometime. Where
| they ask an 80 year old over a dozen obscure questions on
| their service record and hang up when you get one of them
| wrong, resetting the clock 24 hours.
| kube-system wrote:
| The government doesn't do this though, it's mostly banks that
| are guilty.
| LtWorf wrote:
| The government should regulate the banks.
| kube-system wrote:
| I am sure the executive branch _would_ require banks to
| use a better identifier, if the legislative branch
| allowed the executive branch to create one.
| RobRivera wrote:
| Dipi keys are a thing and have been put to good use
| RecycledEle wrote:
| I've never heard of "dipi keys." Can you tell me about them?
| randombits0 wrote:
| Chinese hackers stole over 70 million records of current/past
| military members from the Office of Management and Budget back
| in April of 2014.
| warner25 wrote:
| I think you're thinking of the Office of Personnel Management
| (OPM), not OMB (although I did just learn that the Trump
| administration proposed to merge parts of OPM into OMB).
|
| https://en.wikipedia.org/wiki/United_States_Office_of_Person.
| ..
|
| But yeah, compared to that, sadly, this acquisition of much
| less detailed information about 30,000 service members seems
| moot.
| trvrsalom wrote:
| There are DOD ID numbers, but they've updated the forms to just
| ask for both.
| jcadam wrote:
| ... sounds like DoD.
| warner25 wrote:
| In my experience, though, people now freak out if you fill in
| the SSN field on the form, because that makes it PII with a
| bunch of requirements for proper storage and transmission.
| This is despite the fact that most of the other information
| on the form already makes it PII, regardless of the presence
| of a SSN.
|
| It did take a few years in the mid-2010s for the forms to
| catch up and replace the SSN field with the DOD ID number. In
| 2021, I think I was supposed to get new ID tags (dog tags)
| that would have my DOD ID number instead of my SSN.
| jklinger410 wrote:
| I heard this on NPR and I appreciate the avenue by which the red
| flag is being raised, but it bothers the shit out of me, because
| EVERYONE'S personal data is being sold by online brokers.
|
| The implication that their data is more important or something
| just seems like a ploy to get more eyeballs on the research.
| _yo2u wrote:
| Sometimes that is all that is needed to move the needle. Tik
| tok almost moved it but that just made certain swaths of the
| political spectrum ask for a direct ban (with other downsides
| eg. 1st amendment concerns) instead of overarching policy
| reform.
|
| "Policymakers should consider the following steps:
|
| Congress should pass a comprehensive U.S. privacy law, with
| strong controls on the data brokerage ecosystem. The most
| effective step to prevent harms from data brokerage for all
| Americans would be a strong, comprehensive privacy law."
| permo-w wrote:
| if you don't just ban it, you get the whole GDPR consent
| banner issue. what is the downside of banning it? it's not
| like businesses couldn't manage advertising before the
| internet was around
| kube-system wrote:
| More specific statements can be more impactful to the listener.
|
| "Everyone's car is getting stolen these days" ... "Yeah, isn't
| that crazy? What are ya gonna do?"
|
| "Your car is getting stolen right now" ... "Wait, what!?!?"
|
| I think people really just write off the scale and scope of
| data privacy in this country as "yeah, sounds bad, but since
| it's happening to everyone there's nothing I can do about it"
| tbihl wrote:
| Yeah, I thought this was about the sale of data that had been
| collected by the military on a compulsory basis; this article
| is not news.
|
| I clicked through because I wanted to see whether the data was
| health info or OPM breach data.
| akira2501 wrote:
| Service members are uniquely vulnerable. They are employed by
| the government which makes them a target of hostile foreign
| powers, and they're often ordered to give away their personal
| information while in service often out of habit and not out any
| genuine need to have the service members SSN.
| swells34 wrote:
| All very correct, and to add to this as someone who's had
| direct consequences due to my information being sold: we have
| more sensitive personal information, and that information is
| more sensitive than that of an average civilian.
|
| The holy Grail of documents is the DD-214, which has every
| single piece of sensitive personal information a civilian
| has, all in one place, and we are REQUIRED to keep it
| indefinitely, to present it under a large number of
| circumstances. It's a complete identity package; full name,
| signature, photo, work history, residence history, dates,
| personal description, mother's maiden name, date of birth,
| location of birth, name of birth hospital and doctor. Then
| there's security clearance paperwork, which may be even
| worse, extensive un-redacted medical records, etc.
|
| All of these documents are viewed hundreds of times by
| hundreds of people during a military career, scanned,
| photocopied, emailed, printed, all without any sort of
| authorization or even knowledge by the service member. It's
| legitimately scary. And then after you're out, all of this
| information is managed by the VA by people who have nearly
| unrestricted access to it, and in my case along with
| thousands of others, put on a thumb drive and taken home and
| sold to a broker. It's a life ruiner.
| 23B1 wrote:
| You mean SF-86, not DD-214
| moandcompany wrote:
| The SF-86 used in the US security clearance background
| investigation process is very personal information dense...
|
| - https://en.wikipedia.org/wiki/Standard_Form_86
|
| The OPM data breach (2015) affected service members,
| civilian government employees, and other civilians
|
| - https://en.wikipedia.org/wiki/Office_of_Personnel_Managem
| ent...
| libraryatnight wrote:
| Nothing you listed is unique to the military. The private
| sector is also the target of hostile foreign powers. The
| private sector is also made to feel obligated to give away
| more personal information that is likely necessary.
| autoexec wrote:
| Unfortunately, thanks to surveillance capitalism, _everyone_
| is "uniquely vulnerable". You can never know which of the
| billions of data points that make up your dossier could make
| someone target you. Your political views, your religion, your
| employer, your sexual preferences, your genetics, any of it,
| however inaccurate or outdated, can make you a target to
| someone and all that data never goes away.
|
| Hostile foreign powers are a problem, but so are hostile
| domestic extremists along with a large population of the
| mentally ill who over the last century have gone from being
| abused to being ignored, which means that while most of the
| mentally ill are harmless, nobody is keeping an eye on the
| ones who aren't. Not even after they get repeatedly reported
| to authorities by concerned family members (Robert Card,
| Ethan Crumbley, Orlando Harris, etc).
| RajT88 wrote:
| > The implication that their data is more important or
| something just seems like a ploy to get more eyeballs on the
| research.
|
| If I had to guess at a motivation, it's jockeying for reasons
| for congress to care about data privacy issues.
|
| I am sure some enterprising person is going to purchase all the
| data on members of congress and release it at some point.
| maximinus_thrax wrote:
| > The implication that their data is more important or
| something just seems like a ploy to get more eyeballs on the
| research.
|
| So? Their data IS more important from a national security
| perspective, as the study suggests. If you handle nukes, your
| personal information would probably be more valuable than the
| data of someone flipping burgers at McD.
|
| If this framing - 'the data brokerage industry is in itself a
| threat to national security' - forces congress to better
| regulate the industry, I think it is a win even if the
| regulations will only target military folks. It's a foot-in-
| the-door and objectively a good thing for the US national
| security.
| warner25 wrote:
| Yes, the most troubling "red team" ideas are about attacking
| service members in their personal lives at home. Rather than
| attacking our nuclear bombers, submarines, and ICBMs, an
| adversary could target the people who operate and maintain
| those things, or their families, in their personal financial
| lives and neighborhoods where they are soft targets and
| reliant on law enforcement for protection.
| dfxm12 wrote:
| I'm not sure they are implying their data is more important.
| FWIW, the research claims:
|
| _Most of the previous research on data brokers and national
| security focuses on data about all U.S. persons, rather than
| focusing on servicemembers as we do in this report. Research in
| both categories is described here._
|
| Also, I think of note is that Military personnel are unique in
| that they are banned from using tiktok, at least right now, as
| of recently. This research, combined with earlier and future
| research might be able to determine what kind of effect this
| ban has on data collection/data brokers.
|
| I also think it is unique in that the US government is the
| employer of military personnel, so if they take any action
| related to protecting their employee data from brokers or from
| selling, maybe this can be a model for all US citizens, or at
| least for other employers.
| warner25 wrote:
| To my knowledge, I'm not banned from using TikTok as a US
| military service member. The ban is about using it on
| government furnished equipment / devices / networks.
| jjkeddo199 wrote:
| Seeing drone dropped grenades everywhere in Ukraine has made me
| worried about normalized "drone drop murders" spreading to the
| rest of the world. With widely available addresses gang violence,
| political killings, and even online flamewar escalations will
| become much much uglier.
|
| Who needs to do a driveby shooting if you could drop a homemade
| bomb from a McDonalds bathroom 20 miles away using some
| jailbroken drone? Violence isn't the only issue either -- Imagine
| what will happen when courts catch up to the internet age. Get
| ready for the normalization of digging through decades of comment
| history to character assassinate people on a whim. This is
| getting really bad. I don't think society at large is ready for
| the coming nightmare.
|
| --
|
| We need immediate privacy reforms to:
|
| 1. Fine companies for requiring unneeded personal data. Fine
| companies for collecting addresses and numbers when they don't
| need them. Address + number specifically should be dumped when no
| longer needed.
|
| 2. Fully regulate+audit data-based industries to confirm that
| anonymized user profiles are truly anonymous.
|
| 3. Raise the legal bar allowing usage of personal data to harm an
| individual. Lawyers and employers shouldn't be able to
| find+splice your Youtube comment history to try and character
| assassinate you outside of some felony-tier criminal case.
| fusslo wrote:
| are explosives as easy to get as bullets & guns where you live?
| permo-w wrote:
| explosives are a 10 minute youtube video away
| wutwutwat wrote:
| Wait until someone puts a gun on a drone and shoots up a
| concert from states away, or another country...
| micromacrofoot wrote:
| we're not talking about UAVs here though, someone needs to
| configure the drone very locally
| wutwutwat wrote:
| You realize they are using drones that you or I can buy
| right now to blow up tanks and people in an ongoing war?
|
| > The logic was simple, Pharmacist says: Exploding drones
| cost roughly $400 to make, while a conventional
| projectile can cost nearly 10 times as much. Even if it
| requires multiple drones to take out a tank -- and
| sometimes it does -- it is still worth it.
|
| > But first they had to modify commercial drones with
| hardware and software to suit the battlefield, enabling
| them to penetrate deeper behind enemy lines without being
| detected or jammed. A breakthrough came through the
| clever use of several drones in unison.
|
| https://www.pbs.org/newshour/world/h ow-ukraine-soldiers-
| use-inexpensive-commercial-drones-on-the-battlefield
|
| Pretty sure with some time and experimentation you could
| change things so that you could remote operate a DJI
| drone via any cell phone's 5G connection. There are
| countless drones with 3 axis gimbals which you can aim
| remotely intended for aerial camera work. Some of them
| are big enough to lift Red cameras, and even people. A
| drone that can carry a person can carry a lot of
| explosives or ammo. You don't need a predator drone, you
| can make something with parts from amazon that can hover
| in place and maneuver in ways that a giant prop
| propelled, winged unmanned plane couldn't ever do, and
| still deliver an ordnance that can demolish a house and
| everyone inside of it. It's is very much an obtainable
| possibility.
| wutwutwat wrote:
| You can buy Tannerite without an explosive license from the
| ATF. It's been used in past bombings. Plus, unless they
| outlaw anything from crude oil, alchohol and the plants used
| to produce it, gun powder, fireworks, and most chemicals
| under your kitchen sink, there are thousands of combinations
| that produce a material that can be used to make explosives.
| Access or lack of isn't the limiting factor, people's
| willingness to do it is and always will be the case. Air can
| make an explosive.
|
| https://en.wikipedia.org/wiki/Tannerite
| eli wrote:
| Seems like being able to look up people's home address is a
| pretty minor part of that threat?
| jjkeddo199 wrote:
| At the risk of sounding hyperbolic:
|
| Imagine Iranian agents using these address books to track
| down naval officers in San Diego from across the border in
| Tijuana. Having a global address book lowers the barrier for
| hunting people down and hurting them. This is already
| happening to off-duty Russian officers mowing the lawn at
| home.
| autoexec wrote:
| Being able to look up someone's address normally isn't a
| problem. Extremists and nut jobs being able to compile a list
| of people whose religion, political views, sexual
| preferences, medical conditions, and purchase habits makes
| them a target for violence is the problem. At that point
| being able to find them (using their street address or even
| real time geolocation data) becomes a pretty big part of that
| threat.
| cycomanic wrote:
| Sometimes the US perspective of things is completely surreal
| for me as a European. In a country where you can buy assault
| rifles with minimal background checks, people worry about
| addresses being available because someone might be able to look
| up the address to kill them with a drone and a home made bomb.
| kajecounterhack wrote:
| > In a country where you can buy assault rifles with minimal
| background checks, people worry about addresses being
| available because someone might be able to look up the
| address to kill them with a drone and a home made bomb.
|
| Drones and IUDs may be less traceable than guns and offer
| even less risk to the user. Currently if you're going to use
| a gun, you basically have to be suicidal or care zero about
| the consequences.
|
| But that also brings up a good point -- people worry about
| addresses being available because someone might be able to
| use a gun and kill them as well. Or hell, just their fists.
|
| Doxxing is dangerous, is this not the case in Europe as well?
| fullspectrumdev wrote:
| Doxing remains dangerous in Europe, the posters just trying
| to score cheap points.
| edot wrote:
| > Drones and IUDs may be less traceable than guns and offer
| even less risk to the user.
|
| Gotta watch out for those intra-uterine devices - they can
| take out a city block. ;)
| oaththrowaway wrote:
| Curious what you define as "minimal background checks" and
| "assault rifles" as
| digdugdirk wrote:
| They already said they're European. The terms you mentioned
| are very Americanized/America-centric phrases.
|
| The rest of the world doesn't really have the same concern
| or context, because the rest of the world doesn't have the
| same issues or political/media environment.
| oaththrowaway wrote:
| I was quoting their terms
| YetAnotherNick wrote:
| Not American, and curious about the checks required for
| different weapons. I get lot of contradictory information
| online.
|
| Also read in many places buying illegally is easy. How true
| is that?
| oaththrowaway wrote:
| To purchase a firearm from a store or any "licensed"
| individual (someone who has an FFL:
| https://en.wikipedia.org/wiki/Federal_Firearms_License)
| you must pass a background check done by the FBI. You can
| read more here: https://www.fbi.gov/how-we-can-help-
| you/more-fbi-services-an...
|
| If you buy a gun from someone on a classifieds site or
| friend/family, in most states you don't have to get a
| background check to transfer ownership of the firearm.
| This is typically the "loophole" that people refer to
| when they want Universal Background Checks.
|
| I'm not sure what you mean by buying illegally - whether
| you mean to someone prohibited from owning firearms (like
| a felon or something), or buying "illegal" guns... Either
| way there are usually stiff penalties for owning
| restricted devices. For example if I were to 3D print an
| auto-sear for an AR-15 (making it full-auto), that's a
| ticket to a 10 year sentence in federal prison. Assuming
| I don't have the permission slip from the ATF. As for
| prohibited persons buying a firearm, I'm not sure what
| the penalties are, but at the least it'd be a violation
| of their release?
| jjkeddo199 wrote:
| Buying legally in the US isn't that hard to make it worth
| it to buy illegally unless you are a broke teenager
| buying one to try and "look cool and tough" to your
| friends.
| gottorf wrote:
| > unless you are a broke teenager buying one to try and
| "look cool and tough
|
| Or unless, of course, you're a criminal who is forbidden
| from legally buying a gun.
| filoleg wrote:
| > Buying legally in the US isn't that hard to make it
| worth it to buy illegally unless you are a broke teenager
|
| Or unless you have a felony, which would make up a much
| larger share of illegall firearm purchases than
| teenagers.
| micromacrofoot wrote:
| in most states someone who has multiple assault violations
| and a history of mental health problems can walk into a gun
| show with $700 and 15 minutes later walk out with a semi-
| automatic AR-15
| oaththrowaway wrote:
| Are these gun shows in the room with us now?
| micromacrofoot wrote:
| not necessarily gun shows of course, that's just where
| it's easy to find private sellers - private sales don't
| require background checks
| oaththrowaway wrote:
| Depending on the state yeah
| marfil wrote:
| As a European who has been living in the US for a decade,
| yeah, you're pretty spot on. Americans are a scared people,
| probably the most scared I've ever seen. Afraid of the gov't,
| the neighbors, and random people they don't even know. I've
| gotten a ton of hate as a foreigner and I am not surprised a
| hateful, greedy and selfish population like here is afraid
| somebody will take them out with an improvised device.
| justrealist wrote:
| And yet, you live here.
|
| Annals of revealed preferences.
| marfil wrote:
| Oh no, don't get me wrong, I've been dying to leave,
| nothing I would like more. But I am sure you've heard of
| the term economic slavery, and that's what I have become.
| Don't make enough to make the ends meet, and don't make
| enough to leave. Have to pay the debts before I can give
| up the passport.
| thieving_magpie wrote:
| I'm sure we could pull some money together to get you out
| of economic slavery. Don't want that on our conscience
| slingnow wrote:
| You poor soul. Moved to such a terrible nation full of
| those awful people you described and now you seem to be
| completely powerless to leave. And I'm 100% sure this is
| everyone elses fault.
|
| At what point do you look inward for someone to blame for
| your circumstances?
| marfil wrote:
| I was forced to move here when my parent got married.
| Never wanted to come here, didn't have a choice, tried to
| like it and I don't think that's humanly possible. Don't
| be a dick.
| justrealist wrote:
| Debt does not stop you from leaving, if you have a second
| passport.
| marfil wrote:
| US is one of the only countries in the world where you
| still have to pay US taxes no matter where you live or
| work and what passports you have, as long as you are a US
| citizen, and you can't give up US citizenship, which is
| also a paid process, unless you've paid all taxes.
| justrealist wrote:
| 1. Only on income over $120,000 (it's inflation indexed),
| so it doesn't matter for the OP.
|
| 2. The US does not collect, if you don't want to come
| back to the US it doesn't matter.
| potatopatch wrote:
| The US extends its power over financial institutions
| whenever it wants, so anyone who leaves the US without
| renouncing and then can't renounce due to incompliance is
| likely to end up unbanked eventually.
| justrealist wrote:
| "likely" and "eventually" are doing a lot of work for you
| here.
| dwringer wrote:
| Generally making disparaging bigoted comments about a
| nationality is to be avoided here. It's certainly not
| productive to this discussion to label anyone as hateful,
| greedy, and selfish, and it runs afoul of the HN comment
| guidelines.
|
| There are plenty of ways to contribute to discussion
| without making remarks that are emotionally charged and
| inflammatory.
| PrimeMcFly wrote:
| Non-American also been living here for a decade, and can
| only say your experiences are not representative, and you
| seemed to have picked a poor place to live.
| matheusmoreira wrote:
| > Afraid of the gov't
|
| They should be. As should you.
| fullspectrumdev wrote:
| As an European living in Europe I worry about addresses being
| available because someone suitably unhinged and upset can
| come to my house and stab me, set it on fire, etc.
| jjkeddo199 wrote:
| As other commenters have mentioned, US American's ease of
| access to firearms does not extend to their usage. If you buy
| a weapon and wrongly shoot someone, there is a system in
| place to make sure you are found and punished. There is no
| such system in place for catching people flying drones.
| TheCleric wrote:
| Sure there is (if you use that drone as a weapon). It would
| be the same investigation as someone putting a bomb at your
| front door. They'd analyze the components and narrow down
| the people with the motive and figure out which one bought
| them.
| alex_lav wrote:
| It's hilarious and excruciating for many Americans too.
|
| Source: get me out of here
| elorant wrote:
| Most of the footage from Ukraine is from flat empty landscape
| targeting stationary targets. Trying to do the same on an urban
| environment with moving targets is way more complicated.
| rurp wrote:
| Changing posession of personal user data from a financial asset
| to a liability is probably the most effective thing the
| government could do in the near term to protect people's
| information. Companies right now are incentivized to collect
| tons of personal data because it's worth real money to them and
| others, and the liabilities mostly fall to the users. If there
| were heavy financial consequences to leaking personal data then
| companies would self regulate away a lot of terrible behavior
| that is currently common.
| ethbr1 wrote:
| Imho, the test should be "Is targeted advertising barely
| profitable?"
|
| It should cost enough to retain personal data that, unless
| that's your primary business and you're very good at it, it
| doesn't make financial sense.
| krisoft wrote:
| > Who needs to do a driveby shooting if you could drop a
| homemade bomb from a McDonalds bathroom 20 miles away using
| some jailbroken drone?
|
| Driveby shootings are super easy. Drone bombing someone is way
| harder. Especially from 20 miles away. I don't see how Ukraine
| would change that.
|
| Getting away with driveby shooting requires about the same
| amount of faff as getting away with a drone murder. (Because in
| both cases unless you biff it spectacularly the police is not
| going to catch you red-handed. They are going to find you based
| on who wanted the person gone.)
| mschuster91 wrote:
| > Because in both cases unless you biff it spectacularly the
| police is not going to catch you red-handed.
|
| The barriers for police have also gotten lower over the time.
| The thing where _a lot_ of criminals get caught is dragnet
| surveillance - just subpoena Google, Apple and the operators
| of cellphone towers for a list of everyone who was in the
| proximity of where a crime happened, and they have no choice
| but to deliver the data you yourself collected to the police.
|
| This is also getting worse because it's just a matter of time
| until states with abortion bans subpoena Google, Microsoft
| and Apple for which persons that are regularly in that state
| have visited known abortion providers in another state in a
| timeframe consistent with an abortion visit, or who have
| searched about abortions on the Internet.
| ethbr1 wrote:
| https://www.comparitech.com/blog/vpn-privacy/us-
| surveillance...
|
| It's gotten a lot harder to drive off into the sunset when
| there are massive CCTV networks.
|
| Drone physically distances the operator from the crime.
| matheusmoreira wrote:
| Completely agree. Personal information should be a liability to
| corporations. It should actively cost them money to know
| anything at all about us. They should be scrambling to forget
| all they can the second we're done transacting with them.
| wutwutwat wrote:
| On Linkedin there's all kinds of "Top Secret/Security Clearance"
| groups which lists all the members in that group. Some have 5
| thousand people.
|
| Sure, some of those users don't actually have clearance at all,
| but many actually do, and work at firms all doing contracting for
| the federal government. Call me crazy, but giving out a list of
| people with clearance to the highest levels of secrets, usually
| doing tech work, is a bad idea. Even if a tiny fraction of them
| has anything that can be used as leverage to flip them, they all
| have targets on their backs and it kinda blows my mind that they
| all run around proudly plastering such things on their profiles
| and in public groups. It seems that's the last thing they would
| all be doing, as to not draw any attention from "the enemy"
|
| "TS/SCI cleared IT Professionals" -
| https://www.linkedin.com/groups/3967699/
| permo-w wrote:
| in a similar area, it absolutely pains me to see the amount of
| personal information demanded by online job applications.
| realistically how hard would it be for me to set up a fake job
| listing on Indeed and just hoover up highly valuable PII? you
| could even take it further with personality tests, IQ scores,
| RATs, etc.
|
| if you were a foreign power wanting to gather data on defence
| programmers, for blackmail, corruption, surveillance etc, why
| wouldn't you do this?
| wutwutwat wrote:
| I've been personally dealing with this exact thing. And it
| doesn't help that linkedin is a shit show of fake companies
| and job postings that seem to be doing exactly what you said,
| phishing for PII. Like, why the fuck is a job application
| asking me for my address? It's a remote job, the absolute
| _most_ you would ever need is my city. There 's a lot of
| companies that think I'm the very lucky resident at 123 Main
| St :) The day a job application asks for my SSN is the day I
| quit tech for good and go work for cash only under the table
| jonnybgood wrote:
| It's pretty normal for job seeking since there are jobs that
| require a clearance before any other consideration. There's a
| whole job site dedicated to clearances.
|
| https://www.clearancejobs.com
| wutwutwat wrote:
| Nice now I know where my moles need to submit their resumes!
| warner25 wrote:
| Normal and allowed, yes, but I share the sentiment that it
| makes me a little uneasy. I don't mention my clearance on my
| LinkedIn page, and I'm vague about many other things. Of
| course, anybody who understands this stuff (like any foreign
| intelligence agency) could probably infer who's cleared
| Secret vs. TS/SCI vs. NSA polygraph, etc. based on other
| information like job skills, locations, and military rank /
| time-in-service.
|
| I'm also not job seeking, just using it as a rolodex in case
| I ever need it later. Maybe I'll need to lay out the details
| if I ever do use it for job seeking.
| pvg wrote:
| I'm not going to call you crazy but the opposite policy -
| trying to keep these secret would definitely be crazy. It would
| be impractical, ineffective and at odds with all sorts of
| notions of an open, democratic society.
| wutwutwat wrote:
| Not mentioning something Vs. putting it on blast online are
| two ends of a spectrum of common sense when you have access
| to privileged information that others are willing to kill, in
| extreme cases, to obtain. This is the only time I can think
| of where security through obscurity actually can have an
| impact on your life, and the lives of those around you.
| PrimeMcFly wrote:
| Most people's data is being sold. No reason military people would
| be exempt.
| 23B1 wrote:
| The reason is twofold:
|
| 1. Servicemembers hold security clearances and thus access to
| critical things.
|
| 2. Leaked PII is a national security threat. This report, I'd
| argue, is good 'marketing' for the very real need for privacy
| protections nationwide. The U.S. military is, despite its best
| efforts, still an admired and respected institution.
| PrimeMcFly wrote:
| That doesn't have any relevance to my point. Currently there
| is no infrastructure in place to secure people with clearance
| more than anyone else, so it's no surprise their data is
| available.
|
| As for your second point, big shrug. All the data is already
| out there and isn't going away anytime soon. Best case is to
| protect future data from being leaked, but the US isn't going
| to outlaw data brokers anytime soon and holding companies
| with poor computer security practices to account is _very_
| recent.
| 23B1 wrote:
| You are incorrect that there's no infra to secure people
| with clearances. WRT your second point, 'all the data is
| out there' is an awful argument.
|
| The solution is simple: if you want to do business with or
| in the United States, you must respect its citizens'
| rights. There's plenty of other comparable regulatory
| frameworks; food safety, weapons, etc.
| PrimeMcFly wrote:
| > You are incorrect that there's no infra to secure
| people with clearances
|
| I'm not. If there was, their data wouldn't be lumped in
| with everyone else when it's leaked/hacked from all these
| large different organizations.
|
| > WRT your second point, 'all the data is out there' is
| an awful argument.
|
| It's a fact. You won't be able to remove that stuff now
| that it's out. IT's somewhat an instance of the Streisand
| effect. Numerous people have it torrented and downloaded
| locally.
|
| > The solution is simple: if you want to do business with
| or in the United States, you must respect its citizens'
| rights.
|
| That's not any kind of solution, especially when much of
| the issue is internal.
| asix66 wrote:
| What ever happend from John Oliver's privacy expose last year?
| [0]
|
| Seems he was going to submit a docket of info collected on
| congress people which was supposed to nudge actions towards
| regulating data broker collections and online privacy.
|
| [0] https://www.youtube.com/watch?v=wqn3gR1WTcA
___________________________________________________________________
(page generated 2023-11-07 23:01 UTC)