The entire US Social Security database was uploaded on a random cloud server, Whistle-Blower Says
Technology
93
Beiträge
54
Kommentatoren
0
Aufrufe
-
This post did not contain any content.
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.
It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.
It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
-
Those are all excellent and valid points, do you think normal thinking Americans will manage that, sustained protests followed by strike action. I completely understand the point made about the young men, the elderly and most vulnerable groups will need support. Right now all I see is some protests in some states but nothing indicates this will evolve.
Honestly, no. US infrastructure for this stuff is scaffolding, at best.
-
Honestly, no. US infrastructure for this stuff is scaffolding, at best.
It's looking very bad eh...
-
OP, please revise your title to match the article, it is currently misinformation.
The complaint is about where the oversight comes from. This is not some random cloud server.
“S.S.A. stores all personal data in secure environments that have robust safeguards in place to protect vital information,” he said. “The data referenced in the complaint is stored in a longstanding environment used by S.S.A. and walled off from the internet. High-level career S.S.A. officials have administrative access to this system with oversight by S.S.A.’s information security team.”
I agree that "random server" is a bad choice of words, but do want to add additional information context as the concern isn't necessarily unwarranted. Another qoute from the article:
“I have determined the business need is higher than the security risk associated with this implementation and I accept all risks,” wrote Aram Moghaddassi, who worked at two of Mr. Musk’s companies, X and Neuralink, before becoming Social Security’s chief information officer, in a July 15 memo.
Its also sounds like they did spin up a new database with limited security/oversight to "move" faster. Why that's worrisome is they aren't denying there is a risk or lack of security, they are just saying it's justified.
-
Zero details or sources other than one disgruntled employee, yeh I’m not buying this at all. They probably count azure or AWS as a “random cloud server”.
Really scraping the bottom of the barrel for anti-doge/elon content these days.
If you read the article, the current head of the SSA acknowledges they did set up the system being discussed and that he's accepted the increased risk of the implementation as there is a "business need".
-
DOGE employees should be executed by firing squad. In fact, we should bring back a whole bunch of capital punishments- hanging, beheading, drawing and quartering, burning at the stake; unless you meet the fascists at their level you’ll never scare them enough to keep their political views private. Like what happened to Mussolini was TOO GOOD for every single person involved in the executive branch right now.
Do this to everyone Trump hired or part of his cohort including him. They are all evil gangster criminals.
-
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.
It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.
It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
Exactly who I trust to create a logically organized database of all peoples within the United States. The current administration..
-
Do this to everyone Trump hired or part of his cohort including him. They are all evil gangster criminals.
Drain the swamp by filling the capital buildings Miyazaki style.
-
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.
It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.
It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
I dont have a problem with that, but what I will object to is the current regime making the replament ID system. 1) there is no way they would design it well or securely, smart people capable of building such a system are usually the first to bounce to another country as they will have the means to do so. 2) it would be too easy for them to lord the new ID over peoples heads (like they are with immigration status now) and impliment a social credit score like China does.
Your correct that SSNs should not be used as IDs, but getting the government to build a modern system for that opens too many avanues for abuse (especially with darth cheeto in charge).
-
Exactly who I trust to create a logically organized database of all peoples within the United States. The current administration..
I don't love the idea of the Trump administration being in charge of creating a national ID system, but this maybe the best time to make one.
If Democrats proposed a national ID database the crazy 'FEMA is coming to round us up' republicans would freak out about it. As proven with Trump sending the national guard into D.C., as long as Trump does it they don't care.
-
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.
It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.
It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
It could be why it's being done, because SSN are being used inappropriately. Potential leaks like this will force banks and other entities to begin making account access more difficult, and this will make it from difficult to next to impossible for a large number of seniors, those who've saved the most and have the biggest accounts, to access it. This would happen even if it was done in a two year controlled manner.
-
This post did not contain any content.
SSN is a good example of the illusion of freedom for Americans, why have a standardized Photo ID when you can have a set of numbers that when leaks can ruin your life.
-
You know, at some point you actually do something to put out the fire, you leave, or you burn.
-
This post did not contain any content.
-
I agree that "random server" is a bad choice of words, but do want to add additional information context as the concern isn't necessarily unwarranted. Another qoute from the article:
“I have determined the business need is higher than the security risk associated with this implementation and I accept all risks,” wrote Aram Moghaddassi, who worked at two of Mr. Musk’s companies, X and Neuralink, before becoming Social Security’s chief information officer, in a July 15 memo.
Its also sounds like they did spin up a new database with limited security/oversight to "move" faster. Why that's worrisome is they aren't denying there is a risk or lack of security, they are just saying it's justified.
Oh yea, agree it's a dumb move. This should be on-prem data IMO.
-
I dont have a problem with that, but what I will object to is the current regime making the replament ID system. 1) there is no way they would design it well or securely, smart people capable of building such a system are usually the first to bounce to another country as they will have the means to do so. 2) it would be too easy for them to lord the new ID over peoples heads (like they are with immigration status now) and impliment a social credit score like China does.
Your correct that SSNs should not be used as IDs, but getting the government to build a modern system for that opens too many avanues for abuse (especially with darth cheeto in charge).
I don't know much about it, but what did they change with the whole Real ID / star on Licenses and such. I believe the purpose was to make it so the IDs were to a minimum standard so they could be accepted in all 50 states. If they all had unique ID numbers (I don't know that they do) they could have just used those, or expanded on those and already have the ID system in place. To travel to another state and have a valid ID, I believe the cut off date is November of this year. (At least for my State, because my spouse doesn't drive and her ID she was told would no longer be valid post November if she doesn't go in and get it done)
-
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.
It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.
It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
No, we don't need this at all. businesses need to be fined out of existence for using the ssn, and lenders should do due diligence without some imaginary score.
-
they will have to get rid of social security now. it's the only way
"You don't have a SSN? Must be an illegal"
-ICE -
Accelerationism like that never works. When it all settles, you get extremely mild improvements for a whole lot of hurt.
Accelerationism can work if you are in position to lead the rebellion. But for the vast majority of us, you'd be a foot soldier, probably die before ever seeing the day of victory.
-
If you read the article, the current head of the SSA acknowledges they did set up the system being discussed and that he's accepted the increased risk of the implementation as there is a "business need".
What cloud servers are they using?
