Equifax Should Go Away

As most everyone who absorbs a daily dose of news knows, Equifax got hacked and now the personal information for 44% of the US population has been stolen. Most likely, if you’re an avid consumer participating in the credit industry machine, your information got pwned. It’s likely that most of the people you know who work, pay bills, use the Internet, and buy things with credit cards or with loans got pwned.

This has got to stop. Equifax was hacked due to Apache Struts CVE-2017-5638, and a patch was available, but not applied to their web-servers!

I do IT stuff. So to say. I also know that no matter what operating system I use that there are automated ways of updating my OS and software. If there aren’t, then I’ll script something that will do it for me. I install security and functional updates as soon as they’re available. I watch the blogs, security advisories, email lists, news feeds, etc… And it’s probably still not enough. If I had the budget, I’d dedicate someone to security as I don’t think even a small company can afford the type of breach that Equifax will most likely weather and carry on, using our personal information as their product.

And we have to face it: we are their product. Our information is what they use to make money. How the hell is that even legal? Oh, probably because money. Money. That tends to drive most everything doesn’t it? Or at least the love of it and the greed for as much as possible. It’s worse than Heroin, as it seems.

The vulnerability that allowed Equifax to get hacked was specific to Apache Struts, a framework for running Java under Apache. It’s not super common because most people running Apache are using PHP — most new servers deployed on the Internet last year (2016) were supposedly using PHP. Anyway, my point is that you shouldn’t worry that it is a common exploit — it’s been patched and Struts is popular, but not used by everyone.

Still, you have to wonder about their architecture that allowed the balance of all their sensitive information to be plucked away so easily. Did they not perform Risk Management? I would think that such a company with such incredibly sensitive information would have. And if they did and it still happened then maybe they hadn’t implemented their plan to fix any weak parts? I just can’t believe that Equifax took information security serious enough. Equifax is a company with the EXACT information that hackers are always looking for — you’re a prime target! When I worked in the video game industry I found out that as developers, you’re targeted constantly and you have to always be proactive. You can never let your guard down. And in the case of Equifax, they’re probably one of the biggest treasure troves a hacker could ever hope for besides the keys to the bank itself.

When I hear about massive IT failures on this level, I first experience a bit of sympathy for the staff and people who have to work 24×7 until it’s fixed and they’re confident the intrusion has been contained. But, with this, their IT staff blundered in such a way that it will most likely affect me and cause me to have to spend my own time dealing with it. It’s a huge inconvenience to me, their unwilling product.

Deep in my heart, I’d like to see Equifax go away. I’d like to see it sued out of existence. I’d like to see the government step up and slap some hardcore regulations on the industry but there’s no chance of that happening right now. In fact, sad to say, all we can do right now is be mad and buy some credit protection. We don’t have a choice but to be part of this credit industry machine — there’s no way off this ride if you want to be an active part of society and buy things. Even greater is the affect the credit industry has had on renting property, leasing, and even employment — what happens now?

I want to see regulations that say they can’t keep my personal information at all. But you know that’s not going to happen — we have an established industry that has money to lobby and influence. I’d like to see regulations in place that prevent them from at least storing my SSN but that’s the key identifier in credit reporting. A number that was never intended to be used for it — but try to get credit or a loan without giving it up.

So the way I see it now is that they have us and there’s little to nothing we can do aside of hoping for laws and regulations to protect our information. When industry giants screw up it can hurt everyone and in this case, it probably will. We’re their product, unwillingly. And in America, corporations have more power than me or you.

Advertisements

Double Fine MEGA-FAN PACK!

I used to work for Double Fine Productions. I no longer want these items and I figured that someone, somewhere, a fan or not, might be interested in them so here you are. I want to sell these items as one lump lot. I will ship them, but only after I receive the payment and the buyer will have to pay for the shipping. I don’t want to take international bids for these items, unless they’re really good ones! If you’re interested in this Double Fine MEGA-FAN PACK, then reply to this post and I’ll get back to you — no replies will be made public.

I will include one surprise item in the pack that was not made available to the public.

Continue reading

Moving Slowly – Hotel Utah Open Mic

I don’t think I’ve ever shared this song short of a few open mics. This was recorded recently at the Hotel Utah’s awesome open mic on January 7th 2013. (It really did take me 3 months to finish this post!)

Michael Beese was kind enough to improvise over it for me on his vio-fiddle thing.

Moving Slowly – Brent Shinn, Hotel Utah Saloon January 7th 2013 (Michael Beese – Fiddle) You can also hear more of my music on the site as well as an amazing archive of music from the performers as well as upcoming Utah related shows, tweets, and more!

Continue reading

New song: Said and Done

It’s taken me some time to get around to making a recording of this – especially one that I didn’t screw up! I’m never happy with my recordings but I’m getting better with it. This song was written for an optional assignment for a songwriter group I attend – to write a waltz. I’m still not entirely sure about the arrangement in the end and I’m liking playing around with timing in certain parts for accents. Anyway, I hope you enjoy. I’ll record it again soon and hopefully even better!

PS – I’m going to make all the older videos private once I record new versions. I’ve only been writing songs and singing for around 3 years now and I think I’ve definitely improved and newer recordings would surely represent my work much better. I also need to hook up a better microphone – soon!

Brent

 

??

Gregg Allman – Trampled by Turtles – The Spazmatics!

Last week was a busy week for shows. A friend of mine invited me to see Gregg Allman – which I didn’t even know was coming to town and probably wouldn’t have went on my own but I’m certainly glad I did. Honey Honey opening for Trampled by Turtles? LOVE! and then a new discovery in the amazingly awesome 80’s cover band The Spazmatics.

Continue reading

I’m the featured performer tonight at Neck of the Woods Open Mic (12/26/12)

Tonight (Wednesday 12/26) at 9:30PM I will be the featured performer at Neck of the Woods Open Mic – formerly the Rockit Room. Sign-ups start at 7:30PM with Rory Cloud as the host and Brentando slinging the brews. This was kind of a last minute thing so there was no way to really spam out an early notice and I know a lot of people are away for the holidays – anyway, I’m playing tonight! If you’re around…

Continue reading