|
|
|
|
|
|
by thaumaturgy
4650 days ago
|
|
|
I had to go through a similar process when ordering a machine from an outfit called "Mac of All Trades" (http://www.macofalltrades.com/) recently (on behalf of a client). They requested my driver's license and the front and back of my business credit card. I went back and forth with their customer support over this. I pointed out how easy it was to use free software to fake the "credentials" they were asking for; I pointed out that the business email address they used to contact me + the business phone number they used to contact me + the business website that listed both + web.archive.org were at least as useful for verification of identity; I pointed out that we order piles of stuff from tons of different vendors and they were one of only two that requested this. They stonewalled and I eventually acquiesced. (They were the only non-eBay source for a machine that this client wanted at anything resembling a decent price.) I pointed them to SiftScience and Bruce Schneier's article on security theater. In the end it didn't seem to do any good. I was friendly with them about it at the time but have gotten grumpier about it since. I think I'll send them a link to this article and this thread. |
|
|