Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security IT

Schneier Mulls Psychology of Security 101

Posted by ScuttleMonkey from the idle-musings dept.
bednarz writes "Cryptography expert Bruce Schneier says security decisions often are much less rational than one would prefer. He spoke at the RSA conference about the battle that goes on in the brain when responding to security issues. Schneier explains 'The primitive portion of the brain, called the amygdala, feels fear and incites a fear-or-flight response, he pointed out. "It's very fast, faster than consciousness. But it can be overridden by higher parts of the brain." The neocortex, which in a mammalian brain is associated with consciousness, is slower but "adaptive and flexible,"'"
This discussion has been archived. No new comments can be posted.

Schneier Mulls Psychology of Security More

Schneier Mulls Psychology of Security

Comments Filter:

  • repeat? (Score:3, Insightful)

    by tomstdenis ( 446163 ) <tomstdenis@gma[ ]com ['il.' in gap]> on Wednesday February 07, 2007 @02:38PM (#17923848) Homepage
    Didn't we have an article about this already? Oh wait, that was about the fact that he was going to speak at the con, now we have an article about the talk he just gave?

    Good lord, I want that guys press agent!

    Tom

  • Re:Just look to government.... (Score:5, Insightful)

    by FooAtWFU ( 699187 ) on Wednesday February 07, 2007 @02:39PM (#17923860) Homepage
    Okay. I'll look to government. I'll even be bipartisan... or antibipartisan :)

    We have two parties that have issues with threats to the world, after all. The Republicans have Terrorism, and the Democrats have Global Warming. Both are real and significant threats, but neither of them really gets addressed in the healthiest way possible. There's a lot of focus on OMG-deadly high-profile terrorist attacks, and on OMG-deadly consequences of global warming. Both parties have their people propose some ridiculously broad, sweeping changes to deal with the problem which would negatively impact everyday lives; fortunately, the more ridiculous ones are more likely to fail. And, of course, both parties are willing to throw money at people who claim to have some sort of solution to their problem, whether or not it's actually anything real, meaningful, or worthwhile (like the latest stupid XYZ antiterrorist technology rollout, or the latest bio-fuel legislation/subsidy).

    No, they're not the same thing, but one can draw worthwhile parallels, and both parties would benefit by comparing themselves to the other, shaping their actions to avoid these excesses.

  • It must be said... (Score:3, Insightful)

    by Doctor Memory ( 6336 ) on Wednesday February 07, 2007 @02:40PM (#17923886)

    primitive portion of the brain, called the amygdala, feels fear and incites a fear-or-flight response
    This should actually be fight-or-flight response. Fear is the stimulus, the amygdala merely chooses (or rather, "strongly suggests", as the article points out) the reaction to it.

  • Irritating. (Score:5, Insightful)

    by Elentari ( 1037226 ) on Wednesday February 07, 2007 @02:41PM (#17923896) Journal
    It never fails to annoy me when people take snippets of theoretical psychology and redistribute them as truth. Scientists' views of which parts of the brain are responsible for which characteristics of human life change on almost a daily basis, yet phrases such as "language centre" or "mammalian brain" are constantly being used in a way that presents them as definite fact.

    It seems unnecessary to incorporate impressive-sounding terms into a speech that, quite honestly, seems to be stating the obvious. Increasing or decreasing security is a response to fear; fear is an emotion and, therefore, decisions that use it as a base will not be purely rational, but will have emotional bias, like every other human decision. You don't need vague descriptions of brain "impulses", and such, to prove that.

  • Re:Most people cannot define "security". (Score:3, Insightful)

    by Short Circuit ( 52384 ) * <mikemol@gmail.com> on Wednesday February 07, 2007 @02:41PM (#17923902) Homepage Journal

    As he says, we really should have two different words for the "feeling of security" and "security".
    I thought we called that "comfort". As in, "I'm comfortable running Linux." or "I'm uncomfortable running Windows without antivirus software."

  • A point easily proven (Score:3, Insightful)

    by TinBromide ( 921574 ) on Wednesday February 07, 2007 @02:44PM (#17923938)
    People care more about problems that they can't control than ones they can prevent.

    For example: Airplanes. How many people feel more secure behind the wheel of a car than on a long flight with turbulence?

    Put your hands down, now the sheer probability of getting into a car accident in one's lifetime (if one drives) is a miniscule number below one. Death statistics are somewhere around 1 in 237 of a car type accident. The odds of an airplane death are like 1 in 5051 source [nsc.org]

    However, people are freakishly nervous about planes... So, by induction (the bane of an engineer's existance) we can extrapolate (another fancy bane) that security people will ignore the dangerous mundane and fixate on the extraordinary rarity.

  • Difficulty Factor (Score:3, Insightful)

    by Bryansix ( 761547 ) on Wednesday February 07, 2007 @02:47PM (#17923990) Homepage
    I think that the true dichotomy of the situation that plays out in people's minds is 1) Spend the time and effort to secure this system the right way and stress out all the time 2) Be lazy and just do what will get us by and at least buy us some security even if it's security through obscurity.

  • Re:Security - 100% (Score:1, Insightful)

    by John Frink ( 919768 ) on Wednesday February 07, 2007 @02:48PM (#17923998)
    Like the rest of us learned in sex-ed, abstinence is the only way to have 100% security.

  • Re:Just look to government.... (Score:3, Insightful)

    by mattkime ( 8466 ) on Wednesday February 07, 2007 @03:51PM (#17924878)
    >>Both parties have their people propose some ridiculously broad, sweeping changes to deal with the problem which would negatively impact everyday lives; fortunately, the more ridiculous ones are more likely to fail.

    You can't get anywhere in politics if you allow the more radical elements to represent their party. Ignore them.

    In the interest of bipartisanship you've equated the wholesale removal of civil rights with the suggestion that we shouldn't use so much oil.

    Thats what I call Fair and Balanced.

  • Deaths per Mile (Score:3, Insightful)

    by bill_mcgonigle ( 4333 ) * on Wednesday February 07, 2007 @04:25PM (#17925268) Homepage Journal
    That doesn't say anything to me. The fact is that if you get into a car crash, there are chances that you may survive. In an airplane, thats it! End of Story! No second chances! Maybe that is the cause of the fear, don't you think? And a legitimate one at that. Given a choice would you rather be in a car crash or a plane crash, the consequnces of both aren't disclosed to you yet?

    The important measure isn't odds of death in a crash, it's odds of death per mile traveled.

    If you drive from Boston to San Diego you're more likely to die than if you fly from Boston to San Diego. But coming back around to your point this measure even masks non-fatal injuries. Since most car wrecks don't result in death, it therefore figures that driving from Boston to San Diego you're much more likely to be injured or maimed than if you fly, by a factor of (car crashes / fatal car crashes).

  • Re:It makes sense (Score:3, Insightful)

    by David Gould ( 4938 ) <david@dgould.org> on Wednesday February 07, 2007 @05:52PM (#17926400) Homepage

    Some days his blog is nothing other than Bush bashing under the guise of writing about security.
    It's true that some of Schneier's posts are very critical of the Bush Administration's security efforts. But, of all the statements that get attacked as "Bush-bashing", I'd say those posts are among the best cases for which to invoke the defense that:

    "No, it's just that reality has an anti-Bush 'bias'."

  • Re:Just look to government.... (Score:3, Insightful)

    by FooAtWFU ( 699187 ) on Wednesday February 07, 2007 @06:38PM (#17927120) Homepage

    Terrorism could cause a tiny handful of people to die. Warming could cause a mass extinction. Do you understand what I mean by mass extinction?
    I appreciate that. But consider, from the text of the article itself:

    ... people "exaggerate risks that are spectacular, rare, beyond their control, talked about, international, man-made, immediate, directed against children or morally offensive," Schneier noted.
    Okay. Mass extinction. Rare? Ehh, depends-how-you-define-it. Children? Eh, not so much ("our children will have to deal with it", but...) Man-made? Check. (Especially for The Environmentalists). International? Check. Morally offensive? Sometimes-check (greed/profit/industry/decadence topics). Talked about? Definitely-check. Spectacular? Oooh boy, helluva check.

    Even the Libertarians are accepting global warming as pretty-much-fact these days. That's one thing. But to immediately bring up mass extinction as a topic of doom (presumably, imminent doom) is, I think, perhaps, maybe just a little bit of a display of the sort of irrationality the article discusses. Just a smidge.

  • Overridden by higher parts of the brain (Score:3, Insightful)

    by brownaroo ( 682715 ) on Wednesday February 07, 2007 @07:18PM (#17927714)
    As a programmer I find (in regards to security) that fear is often overridden by laziness

Slashdot Top Deals

2.4 statute miles of surgical tubing at Yale U. = 1 I.V.League

Close