Thursday, September 24, 2015

Identity Theft Made Easy

So, I call $company. The automated system guides me through the hoops, in particular, asking for my "secure credentials", normally "the last four". Then it connects me to a representative.

And the first thing the representative says is: "What are your last four"?


I just identified myself to your automated system.
It authenticated me.
Why do *you* need to hear it again?

If this is a part of the $company's protocol, it's redundant.
If this is an unscrupulous employee harvesting personally identifiable information, it's a vulnerability.

The problem is, you cannot distinguish between the two. So either way, we're screwed.

Thursday, August 20, 2015

Full-Time Employees: Who wins? Who loses?

Just read The Case Against Full-Time Employees.

There's no TL;DR, read it if you care to compare it with my counterpoint, which is pretty simple:

  • A long term full time employee is a known variable.
  • Freelancers and contractors are the unknown.
  • The more is known, the less uncertainty.
  • The more uncertainty, the more risk.
  • The more risk, the more threat.
  • The more threat, the more contingency.
  • Somebody has to pay for the contingency.
  • Business can't pay the contingency, it has to be profitable.
  • That leaves only one party that can be held responsible for paying.

That party is *you*, the customer.

Note that pay is not necessarily monetary.