The blogosphere is a twitter with the news that a CMU researcher demonstrated that some SSN can be predicted with a person’s date and location of birth:
The nation’s Social Security numbering system has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.
Big freaking deal. It’s not like you haven’t told hundreds of people your SSN already.
We have got to move past pretending that there is any security associated with a number that you give every medical, financial, and governmental institution you deal with. There is only one way that will happen; we have to make the entire DB of SSNs public records available to all. Otherwise companies just won’t stop using them for authentication.
We need to make the SSN only a primary key into a giant table of common names (if I could mix database and directory metaphors for a moment).