My social security card states “DO NOT CARRY THIS CARD WITH YOU”. However, I am not a US citizen, so my social security card may be different.
I don’t know about prisons, but here’s what happened in the US Army:,
“the security was so lax that many of the 300 soldiers on the base had access to the computer room and passwords to access the intelligence computers were stuck on “sticky notes” on the laptop screens.”
Mine doesn’t. Then again, it was issued in 1976, and they may have changed the verbiage since then.
If you set a document open password (as opposed to just one to restrict certain actions), it can be very difficult to crack, assuming a decent password strength. Acrobat/Reader 7+ support 128-bit AES and versions 9+ support 256-bit AES.
Mine doesn’t either. I also got mine around 1976. At the time you didn’t get one until you needed it, usually right before getting your first job. It doesn’t say on the card, but the letter with instructions that came with it specifically said to carry it always. And believe me, if I didn’t I probably would have lost it 35 years ago.
Writing down proprietary internal system information is not the same thing as carelessly discarding one’s customers personally-identifying information. In the first case, the only people who can access the information are ones with physical access to the facility. In the second case, it can be accessed by anyone with the time and determination to rifle a dumpster. Neither is a good security practice, but the latter demonstrates far more flagrant disregard for security protocols.
Just write it out like
five seven two, dash, two five, dash, nine zero zero six.
Something skimming digitally for a SSN should blow right over that.
Or mix it up a bit
five 7 two, dash, two five, dash, 9 zero zero six.
Presumably, writing it out is meant to foil computers… But computers have been smart enough to sniff that out for at least thirty or forty years. You don’t actually gain any security at all by doing that.
So how about writing it out as words, but mixed with other words that are not numbers?
I assume that computers sniff for 9 digit numbers.
So if I write " hello, Bob. the first part of my number is one-two-three
and you’ll need to write that down before the next part, which is 45
and then add the ending, which is 6789"
That provides your complete number as 123-45-6789, but would a hacked computer recognize it?
But then, it won’t help the OP much, because the clerk at the prison probably won’t be willing to recognize it either 
I’d be much more worried about the sticky note in the trash can, anyway.
This is almost exactly correct. I say “almost” because they don’t do it quietly; they’re very up-front about it. My experience is with the Federal prison system: in this system, inmates are allowed a list of approved visitors. The number of visitors allowed on this list varies from prison to prison. To get on the approved list, visitors must fill out a form providing name, address, SSN, and likely some other information that I can’t remember. The prison authorities use this info to run background checks on the visitor to approve or deny them. If you’re not on the approved list, you don’t get to visit that inmate.
When I filled out the form, my husband and I were approved in short order. Funnily enough (well, funny to us), my mother- and father-in-law took longer and (I think) had to provide additional information to get approved. And they’ve been up to visit the guy, while SpouseO and I haven’t yet!
ETA: All that obviously applies only if you’re going to a prison with the intent of visiting an inmate. If you’re going there for other reasons (contracting perhaps, or maybe a job interview or what have you), other procedures would apply.
I understand that the docx, xlsx etc. formats introduced in Office 2007 use much more secure encryption. Those tools you can get only work with the older doc, xls etc.
For all those people suggesting encrypted PDFs, DOCs, etc…
How do you propose to share the key securely?
Hmm?
Apparently you call the recipient up and tell them the password.
They send you their public key. You encrypt with their public key. They decrypt with their private key.
The point I think beowulff is making is that putting a password in the document then sending that document to someone does not involve public key encryption and has the password distribution issues that public key cryptography was invented to solve.
Perzactly.
This thread started by some asking how to send an SS# securely. People suggested encrypting the SS# in a document, but nobody then explained how to send the key securely…
Public Key encryption handles this very nicely, but I can absolutely guarantee that nobody a a prison has ever heard of the tools necessary to do this, and is never, not ever, going to jump through the hoops necessary to generate their key pair.
OK, how about Diffie-Hellmann? According to Wikipedia, you can do it by sending cans of paint to each other. Not really. It’s just an illustration of the idea, and a rather nice one.
Yet they can’t recognize pen 1s v1@gr@.
Have you tried framing your SSN for a crime it didn’t commit?
It always cracks me up on these security threads…
- As others have pointed out - no one at a prison is going to download and learn pgp.
- Most hackers have better ways of stealing identities than looking through emails
- Your SSN is on tons of documents stored unsecured around the world
- Personally - I would just send it. Is there a risk - yes. You could send it as an image or use the text manipulation. This would get rid of 99.9% of anyone scanning for XXX-XX-XXXX. Yes they could write something to do OCR on an image - and something to recode four as 4. I can assure you this doesnt happen very often.
- if I was real worried - I would call, but you still have the risk that it would end up on their system anyway. If they are going to store it electronically - in theory a hacker could get it. A hacker could also in theory sniff out the packets being sent. Most breaches (known anyway) - are done by breaking into systems and stealing data - not sniffing packets. The only people you hear regularly doing packet sniffing is NSA et al.