cross-posted from: https://lemmy.ca/post/60478981
Borges alleges that a little-known federal tech team called the Department of Government Efficiency, or DOGE, copied the government’s master Social Security database into a cloud system that lacked normal oversight.
If his account is correct, the mishandling of this information could expose hundreds of millions of people to fraud and abuse for the rest of their lives.
Spoiler: They won’t change them.
The entire concept of a single number that you share with every employer and can be used to impersonate you and steal your identity is already mind-bogglingly stupid.
The system was never designed to be used for anything beyond Social Security, and from the beginning using it as an identifier has been discouraged. That doesn’t stop companies from using it like that though.
Using it as an identifier isn’t really a problem. Using at as credentials, being somehow able to impersonate someone just by reciting a not very secret identifier, that is mind-bogglingly stupid.
Well, they probably wouldn’t if there was a viable alternative.
National ID cards are not a way to impersonate someone, because they ARE NOT authentication. By themselves, they’re almost public information, and just because you know someone’s ID number does not mean you’re them, like nobody thinks you’re someone else just because you know their phone number.
Many countries are rolling out ID cards that do include authentication - they have integrated chips, like bank cards, and you can use your secret pin to prove you’re who you say you are, but that’s totally different.
The US system is what’s mind bogglingly stupid. There’s this magic number that you’re supposed to keep secret because nobody has any other way of checking if someone is who they say they are?
The Estonian system with these cards is absolutely amazing and should be a role model for the world.
And was specifically restricted, back in the day.
Mind-boggingly stupid has another name: the American way!