Cybercrime 3.0: stealing whole houses
Articles in the UK and US press describe fraudsters who used public document registries to steal entire houses, using forged documents to list the houses for sale, transferring title to them, and disappearing (or attempting to) with a lot of money in their pockets.
Both articles focus on the cybercrime dimension. The fraudsters were able to commit their crimes because there were online repositories that made it easy to get the houses' owners addresses, ID numbers, signatures, etc, and from there, it was trivial to forge the necessary paperwork to complete the sale.
But neither article discusses the underlying economic and technical contexts, and that's a shame, because that's where the meat of the story is.
It's not a coincidence that fraudulent house theft is occurring in places where there's a lot of property speculation: New York, London, Detroit. Detroit, especially, has been the locus of house theft since the crash, through robosigning foreclosure mills, through which giant, too-big-to-fail, bailed-out banks employed armies of petty criminals to do exactly what the thieves in these articles did: forge documents to allow them to take houses away from people who owned them.
All three cities are places in which people have been encouraged to buy houses as investments. Rich people have always bought and sold property, but this century has seen an explosion in normal people speculating on property. Part of that was easy subprime lending, but the other part is the collapse of employer-backed guaranteed pensions in favor of stock-market-based pensions, in which normal people, without any particular financial expertise, bet their entire future on their choose to hire a money manager (who almost certainly performs below random chance) to try and wring gains out of a market dominated by multi-billion-dollar funds that use high-speed, high-volume trading algorithms, designed by virtually all the PhD math and physics grads from Oxbridge, the Big 10, and the Ivies who've graduated this century.
Property seems to have an honesty and a legibility that stocks lack. You can see a house, see the neighborhood, see the rents being advertised. You know where it is. When something bad happens to it, you can see it without having to read through a shareholder disclosure form.
But property isn't just property: it's shelter. Number two on the Maslow Hierarchy, right there above food. The widespread conversion of shelter from a human right to an asset class that the dwindling middle-class relies upon as their sole hope of dignity in old age eases the elimination of tenants rights -- rent controls, limits on evictions -- driving up the value of the asset, and the precarity of the necessity.
The viciousness of this cycle is especially pointed across the generations. The parental need to stay solvent (and not dependent on their kids) in old age means that your kids are never going to be able to afford a house and will be the tenants of some other set of desperate parents who have to decide between being decent humans to their tenants and being a burden on their kids as they age. Given that their kids are barely holding onto shelter themselves and have no wiggle-room to accommodate their aging parents, it's a no-brainer.
But this isn't bad news for everyone. The participation of the middle class in the property speculation market has inflated property prices all over the world (because when there's a shortage in a fundamental human necessity, being on the sell-side of that market is a sweet, Immortan-Joe-grade deal). So our cities' buildings are being remade as safe-deposit boxes in the sky for corrupt offshore millionaires who can be assured that their investments will appreciate ahead of inflation because of all those scrambling middle-class speculators who're inflating the bubble with every gasping breath.
That's the economic story, and it's terrible. But when it meets technology, it gets a lot worse.
Our identity information is paradoxically awful. On the one hand, it's easier than ever to clone someone's identity and rip them off. Every service wants you to generate a password and leave behind a payment method to ease future transactions. Most of them handle our data really badly, and face little to no liability for breaches.
On the other hand, identity information is collected, handled and retained as though it were worthless.
In the USA, virtually every merchant I deal with wants to make a copy of my ID. Not one of them has ever been able to show me their data-handling practices. My daughter's martial art studio wanted a copy of my fingerprints to sign her up for after-school classes. Social Security Numbers are used as identifiers and authentication tokens by phone companies and banks, and can be trivially derived from public data sources. The public school system wants to give your home address to private contractors and the US military. You can't open an account with a public utility or a private mailbox without handing over copies of your ID and your home address.
Most services you authenticate to want to use a "security question" for password recovery. These security questions -- date of birth, mother's maiden name, etc -- are matters of public record and things you can't change when they breach.
All of this is retained indefinitely and secured indifferently. What's more, a savvy fraudster can build from one or two pieces of this information into a takeover of some of your accounts. Once they're inside your phone, they can use that to leverage a takeover of something harder, like your utilities. From there, they can get the paper statements used to interact with the government or the banks.
Migrants get all of this and more. We have to deal with private government contractors who routinely require us to transmit all this information, along with things like copies of our passports, long-form birth certificates, biometric identifiers, all using low-to-no-security methods, for retention by yet more third parties whose own data-handling practices are no better than anyone else's, which is to say, fucking awful.
Everyone knows that these procedures are terrible, and no one gives a shit. It's above everyone's paygrade. The major risk analysis undertaken by firms isn't "Will we destroy someone's life?" It's "Are we indemnified or insured?" The UK story is telling: a woman rented her income property to a tenant who then listed it for sale with a fat-commission-taking real estate broker called Foxtons, who stand out in a field known for sleaze and misery as particularly terrible. Foxtons let this person sell someone else's house without any checking even though the sale was so dodgy its badness could be seen from orbit.
There is structural, society-level, existential risk in this calculus, and I think it's probably worse than the risks that led up to the 2007 crash. We are approaching an era of automatable, mass-scale attacks of the sort presently used to gain access to things like your online dating profiles or home security cameras, except these ones will piece together multiple forms of compromise and direct them to automated attacks on your whole bank balance, your home, and your retirement funds.
If you're thinking about getting into a life of crime, you should definitely become an identity thief and steal houses. It has never been easier, and it will get easier still, every day, for the foreseeable future.
(Image: Cotton-Ropkey House for sale, Nyttend, Public Domain)
EPA Inspector General Report finds massive waste from Trump's Pruitt flying business class, staying in swanky hotels
Trump's initial appointee to run the EPA was Scott Pruitt, who resigned in disgrace in 2018 amid a massive corruption scandal in which he was found to have spent lavishly and assigned improper personal duties to government employees.
Axon makes false statements to town that bought its police bodycams, threatens to tase their credit-rating if they cancel the contract
Axon -- formerly Taser International -- makes police bodycams that they sell to towns on the cheap, betting that they'll make it up by gouging the towns for cloud-based storage for footage from the cameras (what could possibly go wrong?!).
Lawyer involved in suits against Israel's most notorious cyber-arms dealer targeted by its weapons, delivered through a terrifying Whatsapp vulnerability
NSO Group is a notorious Israeli cyber-arms dealer whose long trail of sleaze has been thoroughly documented by the University of Toronto's Citizen Lab (which may or may not be related to an attempt to infiltrate Citizen Lab undertaken by a retired Israeli spy); NSO has been implicated in the murder and dismemberment of the […]
Heads up: The clock is winding down on a free-entry contest to win not only one of the best smartphones on the market but a handy pair of earbuds. A simple sign-up is all you need to be eligible to win a 256 GB iPhone XS Max, along with AirPods. And while “free” is tough […]
Kudos to those of us who have chosen a less wasteful third option to “paper or plastic” at the supermarket or club stores. Tote bags are reusable, but they can be a pain to tote around. Here’s an upgrade to that planet-saving measure. The Club Cart Lotus Trolley Bag is that rare tote you’ll want […]
Looking for a career in IT, gaming or software development? In the ever-changing world of the internet, versatility is your biggest asset. In other words, mastering Java might not cut it in an interview if you don’t know C#. However, there’s a bundle that covers the essentials in most any language. The Legendary Learn to […]