Around the Blogosphere…
This past week, researchers at Carnegie Mellon discovered it’s possible to figure out people’s social security numbers. Researchers used statistical techniques to predict the SSNs solely from an individual’s date and birth location. They were able to identify all nine digits for 8.5 percent of people born after 1988 in fewer than 1,000 attempts; and for people recently born in smaller states researchers needed just 10 or fewer attempts to predict all nine digits. This may be a wake-up call for security experts. Here are three opinions on the research.

Emergent Chaos
Social Security Numbers are Worthless as Authenticators
Told you so—Adam Shostack believes SSNs are “a godawful authenticator”. For years, Adam has agreed with the security and privacy professionals against the use of SSNs for identification, and only now people are paying attention.

Digital Soapbox – Preaching Security to the Digital Masses
[RANT] Forget SSNs
Rafal Los does not see the point in having SSNs at all, and believes we should ditch them all together. For obvious reasons, everyone goes to great lengths to protect their SSNs, but what’s the point, he asks? Now someone can just come along and guess it by your DOB and birth location. Rafal suggests using another identification number, such as a patient ID

Security Fix | Washington Post
Predicting Social Security Numbers
Brian Krebs wrote an article in the Washington Post, but hones in on additional resources and information in his blog. In his post he includes FAQs about the study and the full report.

IT Security…
VPN: The Pros and Cons
John Edwards lists the pros and cons of VPNs. We thought the drawbacks listed in the article were important to highlight, because they are important considerations to make when picking out a VPN. Choose a universal and flexible solution—it will make your life easier.