Schneier on Security
A blog covering security and security technology.
« The Eavesdropping System in Your Computer |
| Pentagon Staffs Up U.S. Cyber Command »
February 1, 2013
Jared Diamond on Common Risks
Jared Diamond has an op-ed in the New York Times where he talks about how we overestimate rare risks and underestimate common ones. Nothing new here -- I and others have written about this sort of thing extensively -- but he says that this is a bias found more in developed countries than in primitive cultures.
I first became aware of the New Guineans' attitude toward risk on a trip into a forest when I proposed pitching our tents under a tall and beautiful tree. To my surprise, my New Guinea friends absolutely refused. They explained that the tree was dead and might fall on us.
Yes, I had to agree, it was indeed dead. But I objected that it was so solid that it would be standing for many years. The New Guineans were unswayed, opting instead to sleep in the open without a tent.
I thought that their fears were greatly exaggerated, verging on paranoia. In the following years, though, I came to realize that every night that I camped in a New Guinea forest, I heard a tree falling. And when I did a frequency/risk calculation, I understood their point of view.
Consider: If you're a New Guinean living in the forest, and if you adopt the bad habit of sleeping under dead trees whose odds of falling on you that particular night are only 1 in 1,000, you'll be dead within a few years. In fact, my wife was nearly killed by a falling tree last year, and I've survived numerous nearly fatal situations in New Guinea.
Diamond has a point. While it's universally true that humans exaggerate rare and spectacular risks and downplay mundane and common risks, we in developed countries do it more. The reason, I think, is how fears propagate. If someone in New Guinea gets eaten by a tiger -- do they even have tigers in New Guinea? -- then those who know the victim or hear about it learn to fear tiger attacks. If it happens in the U.S., it's the lead story on every news program, and the entire country fears tigers. Technology magnifies rare risks. Think of plane crashes versus car crashes. Think of school shooters versus home accidents. Think of 9/11 versus everything else.
On the other side of the coin, we in the developed world have largely made the pedestrian risks invisible. Diamond makes the point that, for an older man, falling is a huge risk, and showering is especially dangerous. How many people do you know who have fallen in the shower and seriously hurt themselves? I can't think of anyone. We tend to compartmentalize our old, our poor, our different -- and their accidents don't make the news. Unless it's someone we know personally, we don't hear about it.
EDITED TO ADD (2/21): George Burns fatally fell in the shower at age 98.
Posted on February 1, 2013 at 6:08 AM
• 36 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
New Guinea Tiger is actually a fish. :)
On the other hand, Nassim Taleb wrote whole books on how we actually underestimate rare risks. Would be fun to let them discuss it together.
No tigers in New guinea. But there may be Thylacines, AKA Tasmanian Tigers, which are carnivorous marsupials.
Engineering risk analysis has understood all of this for many years - risk needs to be measured on two axis, probability and severity. It is the product of these two factors that tells you how serious a risk is.
It is not technology per se that magnifies rare risks, but communication. Human beings seem to have a limited bandwidth for hearing about threats - about three per day seems to be the limit, what you can fit into a five minute news segment. Those news segments are prioritised by severity, not probability and severity and so the events we hear about are the rare, extreme ones, not the ones that are an actual threat.
I think there are different reasons.
(1) We can communicate fears about risks easily to millions of people, ramping up fear efficiently.
(2) There are risks in developed countries that put thousands or millions at risk of single disasters. We are less concerned with the damage a tree can do, compared to the damage that, say, a chemical factory under attack can do. It's probably more difficult to objectively estimate much larger potential dangers to smallscale risks.
- tobias d. robison
I see a lot of politics in magnifying risks. Politics and marketing.
You know the media always wants an angle on their stories. Political fiery stories, controversial stories are big. And readers want that is why the media wants that.
Terrorism is a perfect example, or the recent gun shootings. It feeds preconceived, popular biases. And conversely it is an irritant against truth.
'May you live in interesting times', may you live in controversial times. Same thing. Nobody wants to read articles which are not interesting. Boring. They want controversy. They want interesting. Nearly by definition.
I have fallen in the shower and hurt myself. I have also hurt myself in the shower without falling. Could be I am just useless :-).
That was a nice article. I like the examples he gave. People that live near my high crime city also learn constructive paranoia. Alternatively, they loose things that matter to them. We have large groups of both.
"Primitive cultures" appears to be your phrase, not his. What makes you think their culture is primitive?
Using his statistical analysis, there is a point where it is certain (P approaching 1) that you will dire from sleeping under a tree which falls. THe same applies to driving in LA. So, clearly there'a challenge with the analysis.
Mmmm... I dunno if I agree with the principle.
Example: I don't personally know anyone whose been run down by a car. But, that's not because crossing roads is not dangerous. It's because it's clearly dangerous, and there are signs and stories passed down and we yell at kids when young about the clear dangers of it.
I see this as no different from "green snakes are dangerous" or "dead trees fall down" in a forest. It's risk mitigation based on environment, not based on the degree to which your culture is advanced.
I am a very technical, citified person. Who also has climbed mountains and spent a fair bit of time outdoors. Yeah, I also wouldn't sleep under a dead tree in North America, or even a sufficiently-large dead branch. For the same reason: stories are passed down, and you see trees fallen (elsewhere) the morning after storms and avoid the issue.
Maybe I'm just new to this, but I've never seen any real research or data that proves the "universally true" statement about humans' response to rare, spactucalar risks. You've got Schneier's examples above, but you also have Taleb's examples of how certain "black swan" events are underestimated and his evidence points to events that have happened and how we were unprepared for it.
I can see how humans would be bad at estimating risk in general - I think it requires all the facts about the risk, something we don't always have on hand - but how do we know we under/over-estimate it?
I take issue with the suggestion that technology that magnifies rare risks.
I say it's the fear-mongering media that magnifies rare risks!
You know what they say.. "If it bleeds, it leads."
Its no longer the news, its "the bad news". Actually, it has been for a long time.
Peter Diamandis talked about this in a TED talk. He pointed out that in the aggregate, living conditions for most humans have been getting steadily better for the past 100 years.
For what it's worth, I have learned not to park my car under a tree in a windstorm.
Nobody ever told me not too...so I had to learn the hard way.
My mother has had a serious fall in the shower . . .
Talk about irrational beliefs. How about the current panic about needing guns for protection and the worry that the government is going to take the guns away from people. Protection against what? How would the government go about doing that? And how is it that many other countries get along with fewer guns very nicely?
A moose once bit my sister . . .
Be careful with the concept of "primitive culture." Thinking that people in New Guinea are more "primitive" than people that live in the United States is rather inaccurate.
And what may be the case is that not so much that "primitive cultures" have different attitudes toward risk, but rather that people who live in the forest face different risks that people that live in the city. There are things that people in say New York City do naturally (i.e. don't show large amounts of cash in public, don't give your address to random people) that might seem add to someone growing up in New Guinea.
I can think of some examples of these sorts of cultural issues. People handle checks and credit cards very differently in Hong Kong than they do in the US, because the laws regarding liability for forged checks and bad credit card payments is different. People in banking are training to avoid giving out certain types of information specifically to avoid social engineering hacks.
This also happens in rural/urban areas in the United States. For example, I do know some people that live in rural areas that have guns, and they do use them for protection against wild animals (i.e. a rattlesnake comes into the house) and home intruders, which makes sense if the closest police are two hours away, and settlement patterns in the rural United States are very different from those in other countries.
This all makes sense to people that worry about this, but it can seem like moral panic to someone who isn't in that community in the same way that falling trees may see odd to someone that doesn't live in New Guinea.
"Dog bites man" is a common risk... and famously, not news.
Steven Hoober: If someone you knew was actually run down by a car, they'd likely be dead. Have you gone over your late acquaintances?
I actually do know someone who was hit hard by a car -- OK, he wasn't "run down" so much as "thrown umpteen feet into a telephone pole", but it took him a lot of surgery and several years to recover, and he's still got pins in various bones.
More to the point, stuff like sidewalks and crossing signals don't eliminate the risk of being hit, they just make most of it controllable. But the remainder is mostly uncontrollable risk. That is, drunk, drugged, or otherwise incompetent drivers, tend to act less like "you took a risk and lost the bet", and more like "the universe reached out and smited you". (Except for the driver in question, of course.)
And the thing is, to the degree that a risk is uncontrollable or thought to be so, it tends to either be ignored, or to prompt magical thinking and superstition.
There's a broad class of risks which are controlled by the behavior of people other than the (potential) victim. In all such cases, the people who control the risk have a natural interest in making it look like an uncontrollable risk, lest their own behavior be constrained. Perhaps the most common and blatant case of that is rape, but this also includes things like pollution (including toxic waste), and industrial accidents (where workers have limited control over their work conditions or company policies).
No large land-based predators whatsoever in PNG, so no tigers - but if you say crocodile, you're spot on. They're an ever-present threat.
They're also an economic opportunity; so "risk" there is loaded differently depending on circumstances.
Engineering risk analysis has understood all of this for many years - risk needs to be measured on two axis, probability and severity. It is the produc of these two factors that tells you how serious a risk is.
The problem with the "engineering approach" is one of simplification and linearisation. That is the aim is to make reasonably justified simplifications to make analysis of complex systems possible.
Some times the simplification is not justified and that is where you have to look at risk as a surface in a multidimensional plot.
The base example you give of the two axis plot has the major simplification of "time invariant" which we know is not true so it should have the time axis included orthagonaly to the two of probability and severity.
However there is another problem we are only just coming to realise but is actually a major issue. We are creatures of the physical or tangible world and we generaly view the world with the various assumptions of our physical or Newtonian world.
Thus we generaly assume any event is localised and it's effects drop off between the inverse square and inverse cube of distance (ie disipated by the surface or volume of an expanding sphere).
We rarely personaly see events where this does not happen, the example we now see on the news is "bush / forest fires" that spread and magnify with distance because there is sufficient fuel and the burning has got sufficient energy to get over the entropy hump of the surounding fuel to start it oxidising at an ever increasing distance. And at some point a tipping point is reached where the up draft is sufficient to bring in oxygen more and more rapidly and the burning turns into a fire storm.
Whilst we were aware of it the early part of the last century through the work of the National Geo-Graphic Magazine and the 1909 earthquake it was never dreamed that humans could create them on demand. Well that all changed during WWII with RAF "1000 Bomber" night raids that quite litterly turned entire cities into funeral pyers.
Likewise the first use of atom bombs also showed these nonlinear effects.
In both cases of the 1000Bomber raids and atom bomb drops a considerable force multiplier was needed thus it was assumed that such non linear risks were tightly under the control of major power of Governments and the Gods of natural disasters.
But the Internet has brought home that this assumption is false due to what is sometimes called "the army of one" effect. Where an individual using minimal energy writes a piece of malware that then uses minimal energy to duplicate it's self and spread at a significant speed around the globe from vulnerable machine to vulnerable machine. In effect like a wild fire the only limiting factor appearing to be the speed of light and the bandwidth of the communications channels available.
But worse the general of this savant army can chose their own battle ground with almost impunity and worse yet can decouple the action of the malware from the transportation.
Thus in the picturesque imagery of the film industry this General can have their savant army all start to fight simultaniously as though it's "An Army of secret Ninja Warriors concealed in every place all leaping into action in a single blink of the eye to do their masters biding overwhelming with suppriise and ferocity rendering no defence posible".
Whilst we know this imagery is not true, it is sufficiently so in the minds of the public and thus politicians. And as such has become almost the ultimate tool to exttract tax money from the public purse via feared and cowered appropriations commities.
The real solution is the same as with forest fires, and is just as unglamourus, ie prevent the build up of dead wood (ie unpatched machines) and put in fire breaks (firewalls etc) and as with city building codes reduce the available energy (security by architecture design) or increase it's entropy hump (security by formal methods) and put in wide spread fire detection and alarms (IDS etc.
Sadly appropriations commities need to be seen to take action so the money tends to be voted not where it's needed but to Big Brassy and Usless bureaucratic hierarchies with flashy names the allure of secret knowledge and squared jaw military types pretending to be modest heros, whilst actually spending most of their time and resources fighting turf wars with their rivals...
Not what's needed but, atleast the wheels on the wagons carrying the barrels of pork don't squeak because they've been well greased.
What we don't currently have but realy need is reliable methods to make reasonable simplifications, so that people can evaluate the risks in as rational way as possible. That is we need to bring the "Engineering aproach" up to scratch in this area so we can engineer out the FUD once and for all.
Any experienced hiker knows only the ignorant pitch tent under trees. The tree itself doesn't have to fall -- one large branch can take out a tent. And it only takes one significant gust of wind to bring a large, dead or dying branch down. When you add to this that in mountainous regions, weather can change very quickly -- only the inexperienced and foolish pitch their tent under a tree.
This is not a matter of overestimation of rare and underestimation of common risks. The propensity of the modern culture to misjudge risk is entirely the fault of mass media which has all incentives to dramatize and no incentives to analyze.
Consider two nearly equally rare risks - being killed by a hammer (more likely) and being killed by a bullet from assault rifle (less likely). The actual risk is very small in both cases, the loss is identical, but the hysteria is evident in one case, but nobody seems to be worried about hammers.
Same goes for underestimating rare risks in macroeconomics... the media is generally painting the much rosier picture than the reality is, and so people are not worried. Until the eminently predictable (and preventable) crash hits.
Hence the seemingly incompatible observations of Taleb and Diamond.
@averros Almost everybody has a hammer at home, but only few people have assault rifle? Hammers are manipulated more often then assault rifles so if they kill the same number of people as assault rifles, they are still safer.
Also, hammers have plenty of use (building ikea furniture, putting pictures on wall, fixing broken furniture) other then falling on people. Assault rifles are good only for shooting.
Assault rifles are good only for shooting.
You did not go on to amplify the implication of "shooting" in the case of assault rifles, which is usable range.
If you are lucky, well practiced and fairly strong, you might be able to kill someone at thirty feet with a hammer. As for an assult rifle, under most ordinary conditions where you find humans the range is often further than you can see (ie the bullet will quite happily go through walls and partitions and still kill people on the other side should they be in the bullets path).
I don't know where @Averrous got his/her figures from or what jurisdiction they covered but the last time I looked up injuries from hammers and other hand tools it was overridingly down to "accident" from what would be considered normal usage.
As Bruce has noted in the past with "falling furniture" the statistics are not realy of use for comparison. Also in most cases they are not taking age related micromorts into consideration just annual or other reporting period.
Thus you would need to find a closer "apples with apples" comparison to start making the figures meaningful. And when it comes to guns and other projectile weapons (long bows, crossbows and other medieval or earlier weaponry) their very specialised nature does not give anything as close as "apples with ears of corn"...
If a tree falls in New Guinea, and nobody is there to hear it, is it still a risk?
It's not (just) about risk, it's about frequency. If you face a risk every day, its value has to be infinitesimal to give you a decent chance of getting through your life without a loss. If you face a risk a handful of times (once a decade, or every week for a month) then things are very different, and you may be willing to tolerate much higher per-event probabilities of loss.
Failure to understand how many repeated events to use in risk calculations may, among other things, have helped create the financial meltdown: if you're betting your investors' shirts multiple times a day, a 95% or even 99.7% confidence level pretty much guarantees you'll be toast in a year.
(It's been interesting to watch this kind of issue evolve in the computer and communications sectors; when I started out, error rates of one in a billion were a pretty good deal, but on today anything worse than 1 in a quintillion is asking for trouble.)
Primitive cultures eh?
Probably need to check into that further, theyre just not our culture. .... typical Westerners often use this colonial terminology to describe "them".
New Guinea has no wild megafauna predators large enough to credibly threaten an adult human. I think there may be some poisonous critters, though, and there are dangers worse than animals in any case. (Communicable diseases spring immediately to mind, for instance.)
I don't know anyone who has fallen and gotten seriously hurt in the shower specifically, but I think that's because old people (who are by far most at risk of getting seriously hurt when they fall) avoid and/or are very careful around showers. Young people easily dismiss the risk of falling down in the bathroom, but old people tend to be concerned about it.
I have known a good number of people to visit the hospital because they fell down while walking on carpet. Carpet doesn't seem as dangerous, so it's not treated with the same degree of caution.
"Talk about irrational beliefs. How about the current panic about needing guns for protection and the worry that the government is going to take the guns away from people."
Talk about irrational beliefs. How about the current panic about modern sporting rifles and the worry that we're going to be the victim of some deranged madman in a mass shooting.
All Australians know that the real danger in pitching tents under trees is...
Primitive culture is a term that appears in early anthropology texts. It went out of widespread use in cultural and social anthropology a long time ago and for good reasons.
Jared Diamond uses terms like "traditional societies" and "traditional peoples". Search online and discover that professional anthropologists aren't too thrilled with his use of these concepts either or Diamond's writings in general.
Yes, one chance in a thousand every day for a year and your odds about 70% against, or 30% for. Over 2 years the odds drop to 48% safe.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.