To many, it’s not a surprise to find out the privacy dangers associated with some online quizzes, and things of that sort. A recent PCWorld article entitledSecrets of Online Quizzes talks about how some of the quizzes out there are using the data collected to target online ads to the recipient. It also refers to an article that talks about how facebook quiz developers are automatically granted access to your profile when you agree to take their quiz.

I consider both of these to be frightening scenarios. It also got me thinking again about one of the other big privacy and security loopholes I’ve seen out there. The online name quiz. I suspect you’ve seen it… “what’s your Jedi name?” or “your stripper name?”

A quick google search gave me some of the sample questions:

DETECTIVE NAME:(favorite color, favorite animal)
Red Kangaroo

DRAG QUEEN NAME: (first pet + mother’s maiden name)
Margo Webster

MOB NAME (Dad’s name, favorite Italian restaurant)
Bill Regina

MOVIE STAR NAME: (grandfather/grandmother on your Mum’s side, your favorite candy)
Evelyn Reese

MOVIE STAR VAR 1: (grandfather/grandmother on your dad’s side, favorite candy)
Graham Reese

MOVIE STAR VAR 2: (favorite snack food + grandfather’s first name)
Doritos Graham

MOVIE STAR VAR 3: (first pet’s name + Favorite teacher’s name)
Margo Levine

NASCAR NAME:(first name of your mother’s dad, father’s dad)
Sidney Bill

NEWSCASTER NAME (your middle name, moms maiden name)
George Webster

PORN NAME: (1st pet, a street you grew up on)
Duff Veronica

PORN VARIATION: (first pet and current street name)
Duff Verdun

PORN VARIATION 2: (middle name, father’s middle initial, street you grew up on)
George T. Randall

PORN VARIATION 3: (current pet’s name, street you grew up on)
Amber Veronica

SOAP OPERA NAME:(middle name, city where you were born)
George Syracuse

WITNESS PROTECTION NAME:(mother and fathers middle names)
Julie Tracy

WITNESS VARIATION: (grandfather and grandmothers first name
Graham Ruth

(I’ve changed the answers that I’d pulled off the website, so as to not endanger the person who posted it.)

See the problem? These are all questions that banks, financial institutions, and other groups out there might ask you, as ‘questions that you’ll only know the answers to’ to prove your identity. With the current state of the internet, once that data is out there, it’s out there forever.

People really need to understand the implications of what happens when they put their data out there. I still think we’re in for a big problem very soon with all of this. This just makes identity theft that much easier.

I was reading Bruce Schneier’s recent post on his blog and was thinking “hey, I’ve been meaning to write this.”

In general, this bothers me. What bothers me just as much is the blind acceptance that goes along with it. I’ve often heard the argument of “Oh, I’m sure that all of that information is out there anyhow, it’s no longer worth my effort to try and protect it.” More disturbingly, I’ve heard this argument from people who have been entrusted with the data of others.

On the whole, the US has been lulled into a complacent attitude towards their personal information and privacy. With the steady rise in identity theft, and a weak economy, I really have to wonder when we’ll reach the point of personal identity information being worthless, since none of it can be trusted.

I often think of my bank. Banks are built with the image of security involved. What could be physically safer than a big thick vault? In fact, when I hear of a bank being robbed, it is usually a daytime robbery, which involves bypassing the humans, and not cracking the vault.

Compare that to modern life on the internet. You may do your banking on the internet… how do you know that it’s safe? More importantly, how does the bank know that it’s really you? There are basic protections in place, but with the amount of data about people on the internet, it’s getting very hard to be sure that the person on the other end of the wire is really who they say they are.

I’m increasingly convinced that there is going to be a big technology/privacy “incident” sometime soon. I don’t know what it will be, or who it will effect. I hope we all survive it. More so, I hope we all learn from it, finally.