Feeds

The Fear biz is the computer security biz

Lies, damn lies...

Build a business case: developing custom apps

Comment Scott Granneman looks at the use of fear in computer security, from misleading media reports and gross exaggeration by industry leaders to the use of fear in order to sell new computers and software.

What are you afraid of? What causes you real fear, the kind that causes your heart to beat faster involuntarily, your stomach to sag like you've eaten lead, and your mind to lose its reason and revert to the primitive reactions of fight and flight? Spiders? Snakes? Serial killers? Speaking in public? Or the worst, the thing that freaks out almost everyone - scary clowns?

Those are what I what I would call primal fears, those that exist deep down in our subconscious. Other fears, however, are manufactured by politicians and the media (heck, some so-called "news" channels base their whole business on this practice) in order to manipulate us. John Twelve Hawks, in his perceptive essay How We Live Now, discusses this exact state of affairs:

"In his insightful book The Culture of Fear, Barry Glassner shows how many of our specific fears are created and sustained by media manipulation. There can be an enormous discrepancy between what we fear and the reality of what could happen to us. Glassner analyses several "threats" such as airplane disasters, youth homicide, and road rage, and proves that the chance of any of these dangers harming an individual is virtually nonexistent.

Although Glassner accurately describes the falseness of a variety of threats, he refrains from embracing any wide-reaching explanation. It can be argued that the constant message of impending destruction is simply a way for the media to keep us watching television - "Are cyber predators targeting your children?" is a tagline that is going to get the audience's attention.

What interests me is not the reality of these threats, but the effect they have on our view of the world. Fear encourages intolerance, racism and xenophobia. Fear creates the need for a constant series of symbolic actions manufactured by the authorities to show that yes, they are protecting us from all possible dangers."

Fear is no less powerful in the computer and security world, both as a motivator and as a de-motivator; in other words, fear can both cause people to engage in behaviours and prevent them from engaging in other behaviours. And just as in politics and TV, those who traffic in fear-mongering often do so in order to control end users, even though the end result of that fear is a cavalcade of negative emotions and beliefs.

This really hit home for me last Friday, when I spent the day upgrading my father-in-law Larry's computer from a really old, out of date installation of Xandros Linux to Mepis Linux. Yes, he uses Linux, and that's because of my own fears when I thought of him using Windows 98, the operating system on his first computer. After a year of worrying about viruses and worms, and actually having to clean up after a minor virus problem, I decided that enough was enough, and installed Linux on his box. He actually took well to it, and has been using Linux for at least five years now without incident.

On Friday, I wanted to make sure that his soft links and icons and programs were all in the places he was used to looking. I went through the icons on his desktop, and then I pointed to the icon on the KDE Panel that minimizes all open windows, revealing the Desktop. "Larry," I said, "do you ever click on that button?" His reply: "No. I don't know what it does, so I'm scared to click on it."

Wow. This is a smart guy, a man who majored in chemistry in college 60 years ago, worked at defense contractor McDonnell-Douglas throughout his career, and served as a city councilman for over 25 years. He's no dummy. He has a swimming pool in his backyard, and he absolutely lives to measure the pH balance of that pool's water during the summer so he can make the minute chemical adjustments needed to keep it pure. Yet he's scared of his computer.

A few days later, I saw what Bill Gates had to say in a recent Newsweek interview about the Mac as compared to Vista.

"I mean, it's fascinating, maybe we shouldn't have showed so publicly the stuff we were doing, because we knew how long the new security base was going to take us to get done. Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine."

My reaction, like most knowledgeable people who read this, was open-mouthed astonishment. Now, either Bill is heavily drugged and delusional, which I don't believe, or he's just completely ignorant, which I also discount, or he knows exactly what he's saying and has an ulterior motive. That's my best guess.

Bill Gates knows that he's at best exaggerating and at worst completely lying through his teeth. So why's he doing it? Because he also knows that Apple's new ads are helping Macs to sell like hot cakes, and that security is a big reason why a lot of people are throwing up their hands in disgust at Windows and switching to Apple's computers.

Who reads Newsweek? Not computer pros, but Joe and Jane Computer-user, and Joe and Jane tend to believe what they read in the mainstream media when it comes to computers, especially when that nice, smart philanthropist Bill Gates is the one saying it. He's Mr Computer, after all, so he must be right!

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?