Bruce Schneier
Schneier on Security
A blog covering security and security technology.
« Crypto 2010 Proceedings | Main | Intel Buys McAfee »
August 18, 2010
"The Fear Tax"
Good essay by Seth Godin:
We pay the fear tax every time we spend time or money seeking reassurance. We pay it twice when the act of seeking that reassurance actually makes us more anxious, not less.We pay the tax when we cover our butt instead of doing the right thing, and we pay the tax when we take away someone's dignity because we're afraid.
We should quantify the tax. The government should publish how much of our money they're spending to create fear and then spending to (apparently) address fear. Corporations should add to their annual reports how much they spent just-in-case. Once we know how much it costs, we can figure out if it's worth it.
Posted on August 18, 2010 at 3:48 PM • 34 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Anyone else appreciate the irony that taking the time to log all the costs of fear is a step taken in fear of the cost of fear?
HJohn • August 18, 2010 4:01 PM
One thing common in my profession (i'm an internal auditor) is overreaction to petty or rare threats. I try to use my influence as a leader and educator in the local audit community to calm some of that, best I can.
jgreco • August 18, 2010 4:05 PM
@Bruce
Offtopic: http://www.technologyreview.com/blog/arxiv/25629/
"Today, Hang Dinh at the University of Connecticut and a couple of pals show that cryptographers have been staring at one all along. They say that a little-used code developed by the CalTech mathematician Robert McEliece in 1978 can resist all known attacks by quantum computers. "
based on the "hidden supgroup problem" apparently?
Clive Robinson • August 18, 2010 4:23 PM
@ jgreco
"... a little-used code developed by the CalTech mathematician Robert McEliece in 1978 ..."
I've always liked it for several reasons, however as it was not popular it has never recieved much attention and little analysis.
It might just get some attention now 8)
Dom De Vitto • August 18, 2010 5:39 PM
Nuclear weapons are the most extreme version of Fear Tax.
We have them "just in case" the boogie man attacks us.
kingsnake • August 18, 2010 5:58 PM
Actually, we have them to strong arm other people into doing what we tell them, *OR ELSE*. Which is why all those other guys are so busy trying to build their own nukes ...
Steve Parker • August 18, 2010 5:59 PM
I have always been afraid of an attack from the boogie man.
I don't blame it on the sunshine, the moonlight, not even on the good times. Just the boogie.
Roxanne • August 18, 2010 6:41 PM
I'm with Dom DeVitto. When we were in South Dakota, we visited a decommissioned missile silo. There was a great patriotic speech that went along with it, but to me it sounded like we pissed about $20B into various concrete bunkers across the midwest over the course of fifty years. On the plus side, at least those folks had jobs.
The problem for politicians is that if they let the fear go away, we'll decide they need less money for 'Defense' and then there will be a lot less way for them to deflect black project money into their campaign accounts. :-/ Congress *loves* black projects. Guess why?
Roy • August 18, 2010 6:43 PM
Just to ruin everyone's day, one dictionary definition of "security" is:
the state of feeling safe, stable, and free from fear or anxiety
the burbs • August 18, 2010 6:49 PM
Let's discuss this in a new blog post:
"Researchers tout new weapon in Internet censorship arms race
Georgia Tech School researchers will demo content hiding “ Collage” at next month’s Usenix security conference"
gtnoise[dot]net/projects/7-anti-censorship/7-collage-defeating-censorship-with-user-generated-content
&
www[dot]networkworld[dot]com/community/node/63481
Clive Robinson • August 19, 2010 4:02 AM
@ Kingsnake,
"Actually, we have them to strong arm other people into doing what we tell them, *OR ELSE*. Which is why all those other guys are so busy trying to build their own nukes"
Yup who remebers the build up to the second gulf war where the US said it would deploy tactical nukes if Sadam used (his non existant) WMD.
The thing that most "Nuke Wanabee" nations have noticed is the "them and us" or "part of the club" attitude of the US.
The Nuke does not have to be anything other than a low yield "lab only" experiment to get entry. It does not have to be a viable fieldable device and the nation does not have to have a viable delivery mechanism (although having one gets a top table invite to diplomatic negotiations).
At best such a "lab only" weapon could only be used for "scorched earth" defence, thus it could be said that the US has an irrational fear of nukes.
On reading about an incident that happened many years ago, I thought what would the people in the State Department do on receiving a small package containing a set of blue prints and a small sample of weapons grade material with a little note attached saying "forth of July"...
uk visa • August 19, 2010 4:35 AM
I'd not heard of Seth Godin before but his essay hits the nail on the head; would that we had people of equivalent intelligence running the TSA and its equivalents around the world working to reduce the tax we pay rather than increase it.
Rookie • August 19, 2010 7:34 AM
@Roxanne,
Like Marian, I never visited a nuclear silo, but I did visit a decommissioned Soviet-era SS-19 ICBM assembly plant just outside of St. Petersburg, Russia.
You can argue that the US and the USSR overreacted to each other during the cold war, but to suggest that the US/NATO nuclear buildup was wasted money thrown at a non-existant threat or simply a means of getting political pork ignores the facts. Its easy to look back with 20/20 hindsight and dismiss the fears of that time.
The USSR did not have 40,000+ atomic warheads by 1985 because they thought they might go to war with Jamaica.
BF Skinner • August 19, 2010 7:58 AM
@Hjohn "calm some of that, best I can"
I'd drop Terrorist from my threat assessments if I could but it's often in the SOW and the C class asks about it if I leave it off. Best I have been able to do is rate it low and point to it and say "See this? Terrorist action is not a high risk for you."
HJohn • August 19, 2010 8:14 AM
@BF Skinner: "I'd drop Terrorist from my threat assessments if I could but it's often in the SOW and the C class asks about it if I leave it off. Best I have been able to do is rate it low and point to it and say "See this? Terrorist action is not a high risk for you.""
__________
I think that is one of those cases where, even if something is a negligible risk for a given entity, if people are thinking about it or worried about it, then it has to be addressed even if the purpose is to reduce the fear to more closely match the actual risk.
Dave Funk • August 19, 2010 9:51 AM
Roxanne,
For four years I was in charge of 10 active silos in Montana. And yes there were silos in Russia aimed at us. There was much wrong with the MAD arrangement between us and Russia, but there is a reason that 9-11 only happened after it was over.
I have lived in and visited socialist and communist countries and have a few friends from them. There is a difference, and you wouldn't like the other side. How many Cubans are in Miami; how many Americans are in Havana? One former citizen of East Germany asked me, "you had Czecholovakia, why did you give it to the Russians?" He lived on the other side and did not like it one bit. Not that he is enamored of the materialism of the west, but it beats the hypocrisy of socialism. So no, we did not just piss away $20 billion, a lot of people still alive around the world today wish we had done better than a stand-off.
qwertyuiop • August 19, 2010 10:37 AM
@Dave Funk
"how many Americans in Havana?"
...not that many, but how much of that is because your government won't let you travel there. Land of the free?
Maybe not as different as you would like to think.
David Thornley • August 19, 2010 11:21 AM
I think we need to distinguish between defense and fear. Defense costs are those we pay to counter a threat we perceive, and which are rationally expected to reduce the threat. The nuclear missile silos were intended to deter a large nuclear attack on the US (which was a possibility), and there's reason to think they contributed to our safety from attack. Similarly, somebody who wants to advance to a high management position might want to get an MBA from a prestigious school.
Godin's examples were about useless countermeasures to fears that were not well founded. I'm afraid of terrorists in the same sense I'm afraid of man-eating tigers: if I ever run into one, I'm in danger, but it's far more dangerous for me to drive home. Most TSA measures will not stop even an incompetent terrorist, so those are useless measures against a minimal threat that merely inconvenience people, costing a lot of potentially productive time.
peri • August 19, 2010 11:39 AM
I am certainly amicable to the general idea of being able to count how much money is wasted on fear. I just see one "small" problem to overcome:
Define fear.
Ensure your answer is enumerable.
Anyone?
Rich Wilson • August 19, 2010 1:23 PM
The fear tax is especially prevalent in the 'child safety' industry. Some parents will do literally anything for a little perceived safety for their children.
Yes, I have a child too. But he didn't wear a helmet while he was learning to walk.
George • August 19, 2010 3:12 PM
How ironic it is that the Bush/Cheney administration that was so committed to cutting taxes was even more committed to greatly increasing this particular tax!
HJohn • August 19, 2010 3:21 PM
George at August 19, 2010 3:12 PM
____________
575 days and counting.
Clive Robinson • August 19, 2010 3:54 PM
@ George,
"... so committed to cutting taxes was even more committed to greatly increasing this particular tax"
To a non US citizen it appears that there is a simple set of rules to US politics,
0, Get a "front" person as candidate.
1, Get money for your candidates campaign.
2, Promise what will get them elected
3, Make policy to pay off campaign funders.
4, Use taxes to pay off campaign funders.
5, Use what is left to pay lip service to pre election promises, and fill up war chest.
6, A year before next ellection use taxes and war chest to bribe voters.
7, If your "front person" flufs it either time "consult" to campaign funders...
Did I miss anything? ;-)
Imperfect Citizen • August 19, 2010 10:03 PM
Interesting article. I wonder about the MBA bit, maybe the entrepreneurs aren't pursuing the degrees to be more successful at starting their own business, but the MBA being something to fall back on if the business fails? Isn't there a high failure rate for small businesses? The reasoning being at least they are more marketable as potential employees for a large established firm with an MBA right?
Clive Robinson • August 20, 2010 4:36 AM
@ Imperfect Citizen,
With regards MBA's...
As you note there is,
" a high failure rate for small businesses"
But due in the main to lack of customers for the product for a whole heap of reasons an MBA alone will not equip you for.
The MBA is starting to suffer an image problem to many people thought like you,
"The reasoning being at least they are more marketable as potential employees for a large established firm with an MBA right?"
Way to many assumed that an MBA was the key to walnut corridor and whilst the markets where expanding this appeared to be so and was a view point encoraged by the actions of way to many Human Remains Depts.
In the current downturn employers are now looking for "real experiace" so an MBA is seen as a nice addition not sufficient in it's own right.
Thus there is a significant glut of inexperianced MBA's in the market currently.
I'm not saying an MBA or other business diploma etc is bad, not at all, I would still encorage IT folk to get one. BUT only when you have sufficient experiance and want to move up in your career. It helps you bridge the divide between "tec head" and "senior managment" by teaching you basic business skills.
As a result of the market down turn you can see that some organisations are now looking for MEM's not MBA's which is a clear indicator they want solid experiance and a proven track record. They don't have the spare resources any longer to take a "punt" on a training up a neophyte "chancer" who's sole visable worth is an MBA from Noname Collage Nowheresvile and hoping they "will come good".
Steve • August 22, 2010 3:34 PM
It's too bad BP didn't spend some "just in case" money on a working blowout preventer.
There's an aphorism from the advertising business that half all money spent on advertising is wasted. We just don't know which half. The same can be said of security.
Clive Robinson • August 22, 2010 5:00 PM
@ Steve,
"There's an aphorism from the advertising busines that half all money spent on advertising is wasted We just don't know which half. The same can be said of security."
Oh if that where true how easy life would be.
Wiith marketing you get feed back a good spend on marketing makes sales go up a bad make them go down...
With security you spend to much you see no change, spend to little or badly you get burned...
Curt Sampson • August 24, 2010 1:46 AM
I quite understand the idea of a "fear tax," but I'm not sure that an MBA fits in that category. I think that getting an MBA was, until recently, merely a reasonable economic decision: if you're looking to be employed by someone else, you want to make them comfortable with you as cheaply and easily as possible for them, and an MBA could do that. Further, an MBA isn't entirely rubbish; it does prove that you've been exposed to certain things and have had others test certain skills to some degree.
As far as the cold war goes, even as someone who would be considered by many an anti-war socialist I found George Keenan's long telegram to be insightful and convincing, at least with my limited knowledge of Russian and European history. It's well worth reading.
cmarnold • August 24, 2010 7:59 PM
A "fear tax" is no different from any other cost built into the pricing of a product or service. It's all about risk management fundamentals and product/service reserve or economic capital pricing. There is always a cost associated with risk treatment - remediation, avoidance, transference or acceptance. It shouldn't be a surprise to anyone.
Dave Funk • August 25, 2010 2:49 PM
Yo quwertyuiop
How many Americans in Havana? How hard do you think it is for an American who wants to go to Havana to get there. Regularly scheduled flights from Mexico City. 120 mi trip from Key West. Coast Guard has a heck of a time stopping the northbound trip, doesn't even try on the southbound side.
Michael • August 26, 2010 9:00 PM
The tax is necessary if it improves the system. I believe that in the end it does not help us because everyone is guilty by default until proven otherwise. My parents fled from the Czech Republic during communism and they did that because of the fear that was created through the system. Germany (where I grew up) embraced this mentality a long time ago and it created a huge blown up system controlled by fear. And that is where this "tax" eventually leads to: fear.
Radio Head • August 26, 2010 9:27 PM
Quantified data is always a welcome plan of action. We are expected to pay on so many things, but do we know how they are spent and on which portions of the state they are allocated for? Then again, how can we be sure the data is valid and not just tampered with? Sigh, one day at a time I guess...
Subscribe to comments on this entry
Post a comment
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|
| Subscribe |
Subscribe via Kindle |
| Blog Menu |
SearchPowered by DuckDuckGoBlog Home Page
Archives by Date2013 J F M A M
Tags  |
| Latest Book |
more books by Bruce Schneier |
Comments