Worst Advice Ever?

march 19, 2008

Hi, I'd like to lose my identity. From the "Help & How-To: Tips and Tricks To Make Tech Easier" section of the tech rag Computer Shopper (April 2008, page 80):

Tip of the Month: E-Archive Your Personal Papers I scan all my important documents (such as copies of my Social Security card, passport, U.S. citizenship certificates, and county tax bills) and upload them onto PBase (www.pbase.com), then secure it with a key [password]. PBase costs me an annual fee, but I can print a copy of my important documents at any time, from anywhere. -Anupam Bhomia Thanks for another great tip, Anupam! This is a great idea for frequent travelers or others who often need access to critical papers, yet don't wish to carry copies. Obviously, PBase isn't the only image-hosting service you can use for this. But I like that it lets you create nonpublic photo galleries that are not only password-protected, but also invisible to snoopers -- no one can try guessing the password unless he or she has been given the gallery URL. Nonetheless, identity theft is well worth being vigilant about, so use a secure, unguessable password incorporating letters, numbers and characters.
Quite possibly the worst advice ever given -- and the worst "published" support of bad advice ever. Don't ever put unencrypted versions of documents that have anything to do with your identity online. Hell, don't ever put any version of your these documents online -- and carry a copy when you're traveling. The question is not if a bug on PBase (or whatever hosting site you choose) exposes your documents to the world, it is when something like that will happen. Though I've actually communicated with the owners of PBase before and they are nice people, what if you put up your documents on a different site -- and those owners are not so nice? They put together the software, so your images aren't protected on their servers from their eyes.  Now, you've just handed over your identity to these people.  Remember, your files may seem like they are protected from the public, but they are not.  On the back-end, unscrupulous admins still have access to your files in raw readable formats without the password protection.  On the front-end, well anything can happen and your files can become readable by the public.  You really want your Social Security card floating around on the internet?  Probably not. Don't be stupid like Anupam. Don't listen to Computer Shopper when they praise Anupam. This is one of the worst ideas ever.