MiceAge on the latest news regarding MyMagic+ : Read it and weep.

Disneyhead'71

Disneyhead'71

Well-Known Member
flynnibus said:
Do you freak out if the waiter or bartender cards you then? Because you know.... they got your address than and they can see you with your kids.
Click to expand...
Well, I haven't been carded in many years. But that is beside the point. But yes I do have concerns about giving up personal info....even outside of WDW.
 
WDWDad13

WDWDad13

Well-Known Member
ford91exploder said:
No it's actually easier as you don't need to implement an access control system, Access control systems are HARD to implement correctly and to work properly have to be fully integrated into all data types handled by system.

IBM's RACF allows every detail of a system's operation down to keys on keyboards having security applied on a per-user basis.

Access controls are usually the FIRST thing to go when projects get severely behind schedule or over budget.
Click to expand...

Not if you are Disney and have to comply legally to SOX auditing requirements
 
Voxel

Voxel

President of Progress City
Cosmic Commando said:
I'm not a programmer, so I could be way off, but I figured they have to build an interface for frontline CMs to use. I doubt they'll be using MS Access or some straight up database management system. I'll go back to my FedEx example: you'll never accidentally get the driver's SSN when you track your package, even though that is in the system somewhere. In my head, the frontline CMs should just have their iPad app that scans the bands and just spits out the non-creepy info. The really personal stuff could be limited access simply by where it can be accessed from.
Click to expand...

You corrected in this assumption, I am gonna assume that the back-end is running on some sort of SQL variant which can limit the information given out based on permission and request information. However this doesn't stop CM's using other CM's information to get High permissions. For instance, when I worked in Retail a few of us new the manager's log-in detail to do over-rides(with his permission), however how do you stop abuse of it.
You can't really expect not giving out that information.

Also a side note about privacy, I will agree with @englanddg, it comes down to the person. You would be surprised how much information is given out by people don't verifying something. The average person is on a security Camera 18 times a day and if you are in London well you can times that number greatly. For the people concerned with personal security, do not go to London they track your every movement. Remember the London riots. They did not arrest anyone over the course of the riots for the most part, but 3 month afterwards, after reviewing all the security footage they arrested, 3,100 were arrested thanks to the camera.
 
IWantMyMagicBand

IWantMyMagicBand

Well-Known Member
Voxel said:
You corrected in this assumption, I am gonna assume that the back-end is running on some sort of SQL variant which can limit the information given out based on permission and request information. However this doesn't stop CM's using other CM's information to get High permissions. For instance, when I worked in Retail a few of us new the manager's log-in detail to do over-rides(with his permission), however how do you stop abuse of it.
You can't really expect not giving out that information.

Also a side note about privacy, I will agree with @englanddg, it comes down to the person. You would be surprised how much information is given out by people don't verifying something. The average person is on a security Camera 18 times a day and if you are in London well you can times that number greatly. For the people concerned with personal security, do not go to London they track your every movement. Remember the London riots. They did not arrest anyone over the course of the riots for the most part, but 3 month afterwards, after reviewing all the security footage they arrested, 3,100 were arrested thanks to the camera.
Click to expand...
You think London is bad: Here is the town I live in in the U.K:
http://www.bigbrotherwatch.org.uk/home/2011/03/britains-first-town-with-nowhere-to-hide.html

Do I worry? No as I have nothing to hide. Aside from being tracked, do I worry about being cloned? No, even though it has happened to me before. How? My mum emptied a drawer into the skip (giant metal open bin that you hire to sit on your driveway then when it's full it gets taken to the dump) when she moved that had an envelope with my name and address on it. That's all. Some lovely lowlife opened accounts in my name using just that info. Luckily the bank was switched on and called me.
If I could microchip my family I would, I know where they are then. In fact I'd quite like a MagicChip so if someone did want to steal my child I can track them!
So long as the permission levels are set correctly for each CM then I am happy. There will always be employees in any company that may have the desire to misuse information. The security guard at the supermarket knows what my kids look like, and could get my name etc by zooming in on my bank card. We don't have to show ID in the UK to purchase alcohol or knives unless we look under 25.
 
Voxel

Voxel

President of Progress City
IWantMyMagicBand said:
You think London is bad: Here is the town I live in in the U.K:
http://www.bigbrotherwatch.org.uk/home/2011/03/britains-first-town-with-nowhere-to-hide.html

Do I worry? No as I have nothing to hide. Aside from being tracked, do I worry about being cloned? No, even though it has happened to me before. How? My mum emptied a drawer into the skip (giant metal open bin that you hire to sit on your driveway then when it's full it gets taken to the dump) when she moved that had an envelope with my name and address on it. That's all. Some lovely lowlife opened accounts in my name using just that info. Luckily the bank was switched on and called me.
If I could microchip my family I would, I know where they are then. In fact I'd quite like a MagicChip so if someone did want to steal my child I can track them!
So long as the permission levels are set correctly for each CM then I am happy. There will always be employees in any company that may have the desire to misuse information. The security guard at the supermarket knows what my kids look like, and could get my name etc by zooming in on my bank card. We don't have to show ID in the UK to purchase alcohol or knives unless we look under 25.
Click to expand...

That's pretty impressive from a technical point of view, though admittedly somewhat scary.

Your right about microchip and tracking, When Disney first announced MyMagic+ I didn't freak out because Disney could track me, I was happy because this would help in cases of lost children/family members (I like to wonder off, so if its helps my Girlfriend find me she is happy). I wonder how some of theses people would react to the movement to place GPS and monitors into clothing that would Call emergency service is something happened.

As for tracking, almost every Major Retail store uses Wifi on cell phones to track what area guest go the most for statistic and data analysis. This is the future, and while most of it is devised for good and the betterment of situations, you can never fully stop people from taking advantage. But you can place safe guard into place.
 
Goofyernmost

Goofyernmost

Well-Known Member
ford91exploder said:
Sorry I guess because I actually worked on a drivers license project for state government in another life I don't know what I'm talking about. SSN if used by the state is on band 3 of the magstripe, It is NOT human readable but every time your DL is swiped at the grocery store to buy alcohol or tobacco products it is READ. Whether it is STORED somewhere is up to the system implementor.
Click to expand...
I have to ask what planet you reside on. I have had a drivers license for 50 years and never once has anyone ever swiped my DL. Not once! Looked at for birth date (not so much anymore, as I guess I'm starting to look over 21) and picture verification (which also surprises me because frankly I have no idea who the old guy is in the picture). I guess the point is that we can spend ourselves into a nervous breakdown if we attempt to consider the absolute unlimited ways that we can become victims. However, to be able to stay sane we must also factor in the likelihood of those things happening, with or without information. The locations that we are dealing with, the motives and the gross amounts of information being let out to random individuals.

Soc. Sec. #'s...I am under the medical care of the VA. All I have ever had to give them to ID myself is the last 4 digits. Even if I could think of any reason why Disney would publish the entire thing (which I cannot) I am at a loss to understand why it would be needed by anyone. Do we know that currently that info actually appears to lower level, no need to know, personnel? Or any level, as far as that goes? Personally, I doubt it.
 
flynnibus

flynnibus

Premium Member
Goofyernmost said:
I have to ask what planet you reside on. I have had a drivers license for 50 years and never once has anyone ever swiped my DL. Not once! Looked at for birth date (not so much anymore, as I guess I'm starting to look over 21) and picture verification (which also surprises me because frankly I have no idea who the old guy is in the picture)
Click to expand...

It's newer technology. Instead of having to type something in from the DL - they can just scan the license like they would a UPC symbol. Maybe your licenses don't have it.. or you simply have come across a vendor who has a system updated to use it.
 
danlb_2000

danlb_2000

Premium Member
WDWDad13 said:
Not if you are Disney and have to comply legally to SOX auditing requirements
Click to expand...

SOX auditing only applies to data and systems that directly impact financial reporting. IT control frameworks do enforce access control best practices like how access is requested, removal of terminated employee's etc., but it doesn't necessarily enforce what data a user can see. If they developed an application that allows CM's to see all the data about a guest, there is nothing requiring them to put in extra access controls so that CM in role A can only see the customers name, role B can see name and address, role C can see name and Fastpass reservations, etc. Those sorts of access controls are a good idea but they add to the cost of developing and supporting the system, so are often either dropped or not done at all.
 
Last edited:
flynnibus

flynnibus

Premium Member
lazyboy97o said:
I think its stupid they still look for an exact date when my card format is only available to those over 21.
Click to expand...

Much like the audit discussion here... I think it's a way of enforcing checking and covering liability. By requiring a date input, they can then go after the fact and 'prove' they asked for ID and were presented with one, etc. Of course someone can still lie, etc.. but it's a way of making sure cashiers follow policy.
 
lazyboy97o

lazyboy97o

Well-Known Member
flynnibus said:
Much like the audit discussion here... I think it's a way of enforcing checking and covering liability. By requiring a date input, they can then go after the fact and 'prove' they asked for ID and were presented with one, etc. Of course someone can still lie, etc.. but it's a way of making sure cashiers follow policy.
Click to expand...
That I understand, for me most of the time there is no entry of the date for verification.
 
ford91exploder

ford91exploder

Resident Curmudgeon
Goofyernmost said:
I have to ask what planet you reside on. I have had a drivers license for 50 years and never once has anyone ever swiped my DL. Not once! Looked at for birth date (not so much anymore, as I guess I'm starting to look over 21) and picture verification (which also surprises me because frankly I have no idea who the old guy is in the picture). I guess the point is that we can spend ourselves into a nervous breakdown if we attempt to consider the absolute unlimited ways that we can become victims. However, to be able to stay sane we must also factor in the likelihood of those things happening, with or without information. The locations that we are dealing with, the motives and the gross amounts of information being let out to random individuals.

Soc. Sec. #'s...I am under the medical care of the VA. All I have ever had to give them to ID myself is the last 4 digits. Even if I could think of any reason why Disney would publish the entire thing (which I cannot) I am at a loss to understand why it would be needed by anyone. Do we know that currently that info actually appears to lower level, no need to know, personnel? Or any level, as far as that goes? Personally, I doubt it.
Click to expand...

Visit a Bar in MA - most of the 'better' establishments swipe your DL as a precondition of alcohol service. The MICROS POS systems for hospitality have DL verification systems.

Swiping a DL in my home state is pretty common especially since selling alcohol to Minors is a First offense Misdemeanor second offense Felony. And it's the SERVER who gets busted and the state liquor commission does not plea bargain and they run stings weekly.
 
ford91exploder

ford91exploder

Resident Curmudgeon
flynnibus said:
Much like the audit discussion here... I think it's a way of enforcing checking and covering liability. By requiring a date input, they can then go after the fact and 'prove' they asked for ID and were presented with one, etc. Of course someone can still lie, etc.. but it's a way of making sure cashiers follow policy.
Click to expand...

Of course the format itself shows that you are over the age required, But in most cases data is never requested
 
ford91exploder

ford91exploder

Resident Curmudgeon
englanddg said:
Also, news flash...SSNs are NOT unique. They have been reissued, and they have also been double issued.

Plus, Disney NEVER asks you for SSN.

As another poster noted

1- If you are a CM
2 - If you are DVC
3- If you have ever done consulting for TWDC

Disney most certainly DOES ask for SSN,
Click to expand...
 

Register on WDWMAGIC. This sidebar will go away, and you'll see fewer ads.

Back
Top Bottom