Entries Tagged "fear"

Page 8 of 23

"The Fear Tax"

Good essay by Seth Godin:

We pay the fear tax every time we spend time or money seeking reassurance. We pay it twice when the act of seeking that reassurance actually makes us more anxious, not less.

We pay the tax when we cover our butt instead of doing the right thing, and we pay the tax when we take away someone’s dignity because we’re afraid.

We should quantify the tax. The government should publish how much of our money they’re spending to create fear and then spending to (apparently) address fear. Corporations should add to their annual reports how much they spent just-in-case. Once we know how much it costs, we can figure out if it’s worth it.

Posted on August 18, 2010 at 3:48 PMView Comments

Book Review: How Risky Is It, Really?

David Ropeik is a writer and consultant who specializes in risk perception and communication. His book, How Risky Is It, Really?: Why Our Fears Don’t Always Match the Facts, is a solid introduction to the biology, psychology, and sociology of risk. If you’re well-read on the topic already, you won’t find much you didn’t already know. But if this is a new topic for you, or if you want a well-organized guide to the current research on risk perception all in one place, this pretty close to the perfect book.

Ropeik builds his model of human risk perception from the inside out. Chapter 1 is about fear, our largely subconscious reaction to risk. Chapter 2 discusses bounded rationality, the cognitive shortcuts that allow us to efficiently make risk trade-offs. Chapter 3 discusses some of the common cognitive biases we have that cause us to either overestimate or underestimate risk: trust, control, choice, natural vs. man-made, fairness, etc.—thirteen in all. Finally, Chapter 4 discusses the sociological aspects of risk perception: how our estimation of risk depends on that of the people around us.

The book is primarily about how we humans get risk wrong: how our perception of risk differs from the reality of risk. But Ropeik is careful not to use the word “wrong,” and repeatedly warns us not to do it. Risk perception is not right or wrong, he says; it simply is. I don’t agree with this. There is both a feeling and reality of risk and security, and when they differ, we make bad security trade-offs. If you think your risk of dying in a terrorist attack, or of your children being kidnapped, is higher than it really is, you’re going to make bad security trade-offs. Yes, security theater has its place, but we should try to make that place as small as we can.

In Chapter 5, Ropeik tries his hand at solutions to this problem: “closing the perception gap” is how he puts it; reducing the difference between the feeling of security and the reality is how I like to explain it. This is his weakest chapter, but it’s also a very hard problem. My writings along this line are similarly weak. Still, his ideas are worth reading and thinking about.

I don’t have any other complaints with the book. Ropeik nicely balances readability with scientific rigor, his examples are interesting and illustrative, and he is comprehensive without being boring. Extensive footnotes allow the reader to explore the actual research behind the generalities. Even though I didn’t learn much from reading it, I enjoyed the ride.

How Risky Is It, Really? is available in hardcover and for the Kindle. Presumably a paperback will come out in a year or so. Ropeik has a blog, although he doesn’t update it much.

Posted on August 2, 2010 at 6:38 AMView Comments

Doomsday Shelters

Selling fear:

The Vivos network, which offers partial ownerships similar to a timeshare in underground shelter communities, is one of several ventures touting escape from a surface-level calamity.

Radius Engineering in Terrell, Texas, has built underground shelters for more than three decades, and business has never been better, says Walton McCarthy, company president.

The company sells fiberglass shelters that can accommodate 10 to 2,000 adults to live underground for one to five years with power, food, water and filtered air, McCarthy says.

The shelters range from $400,000 to a $41 million facility Radius built and installed underground that is suitable for 750 people, McCarthy says. He declined to disclose the client or location of the shelter.

“We’ve doubled sales every year for five years,” he says.Other shelter manufacturers include Hardened Structures of Colorado and Utah Shelter Systems, which also report increased sales.

[…]

The Vivos website features a clock counting down to Dec. 21, 2012, the date when the ancient Mayan “Long Count” calendar marks the end of a 5,126-year era, at which time some people expect an unknown apocalypse.

Vicino, whose terravivos.com website lists 11 global catastrophes ranging from nuclear war to solar flares to comets, bristles at the notion he’s profiting from people’s fears.

“You don’t think of the person who sells you a fire extinguisher as taking advantage of your fear,” he says. “The fact that you may never use that fire extinguisher doesn’t make it a waste or bad.

“We’re not creating the fear; the fear is already out there. We’re creating a solution.

Yip Harburg commented on the subject about half a century ago, and the Chad Mitchell Trio recited it. It’s at about 0:40 on the recording, though the rest is worth listening to as well.

    Hammacher Schlemmer is selling a shelter,
          worthy of Kubla Khan’s Xanadu dome;
    Plushy and swanky, with posh hanky panky
          that affluent Yankees can really call home.

    Hammacher Schlemmer is selling a shelter,
          a push-button palace, fluorescent repose;
    Electric devices for facing a crisis
          with frozen fruit ices and cinema shows.

    Hammacher Schlemmer is selling a shelter
          all chromium kitchens and rubber-tiled dorms;
    With waterproof portals to echo the chortles
          of weatherproof mortals in hydrogen storms.

    What a great come-to-glory emporium!
    To enjoy a deluxe moratorium,
    Where nuclear heat can beguile the elite
          in a creme-de-la-creme crematorium.

EDITED TO ADD (8/9: Slate on this as a bogus trend.

Posted on July 30, 2010 at 12:47 PMView Comments

The Threat of Cyberwar Has Been Grossly Exaggerated

There’s a power struggle going on in the U.S. government right now.

It’s about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top.

“The United States is fighting a cyberwar today, and we are losing,” said former NSA director—and current cyberwar contractor—Mike McConnell. “Cyber 9/11 has happened over the last ten years, but it happened slowly so we don’t see it,” said former National Cyber Security Division director Amit Yoran. Richard Clarke, whom Yoran replaced, wrote an entire book hyping the threat of cyberwar.

General Keith Alexander, the current commander of the U.S. Cyber Command, hypes it every chance he gets. This isn’t just rhetoric of a few over-eager government officials and headline writers; the entire national debate on cyberwar is plagued with exaggerations and hyperbole.

Googling those names and terms—as well as “cyber Pearl Harbor,” “cyber Katrina,” and even “cyber Armageddon“—gives some idea how pervasive these memes are. Prefix “cyber” to something scary, and you end up with something really scary.

Cyberspace has all sorts of threats, day in and day out. Cybercrime is by far the largest: fraud, through identity theft and other means, extortion, and so on. Cyber-espionage is another, both government- and corporate-sponsored. Traditional hacking, without a profit motive, is still a threat. So is cyber-activism: people, most often kids, playing politics by attacking government and corporate websites and networks.

These threats cover a wide variety of perpetrators, motivations, tactics, and goals. You can see this variety in what the media has mislabeled as “cyberwar.” The attacks against Estonian websites in 2007 were simple hacking attacks by ethnic Russians angry at anti-Russian policies; these were denial-of-service attacks, a normal risk in cyberspace and hardly unprecedented.

A real-world comparison might be if an army invaded a country, then all got in line in front of people at the DMV so they couldn’t renew their licenses. If that’s what war looks like in the 21st century, we have little to fear.

Similar attacks against Georgia, which accompanied an actual Russian invasion, were also probably the responsibility of citizen activists or organized crime. A series of power blackouts in Brazil was caused by criminal extortionists—or was it sooty insulators? China is engaging in espionage, not war, in cyberspace. And so on.

One problem is that there’s no clear definition of “cyberwar.” What does it look like? How does it start? When is it over? Even cybersecurity experts don’t know the answers to these questions, and it’s dangerous to broadly apply the term “war” unless we know a war is going on.

Yet recent news articles have claimed that China declared cyberwar on Google, that Germany attacked China, and that a group of young hackers declared cyberwar on Australia. (Yes, cyberwar is so easy that even kids can do it.) Clearly we’re not talking about real war here, but a rhetorical war: like the war on terror.

We have a variety of institutions that can defend us when attacked: the police, the military, the Department of Homeland Security, various commercial products and services, and our own personal or corporate lawyers. The legal framework for any particular attack depends on two things: the attacker and the motive. Those are precisely the two things you don’t know when you’re being attacked on the Internet. We saw this on July 4 last year, when U.S. and South Korean websites were attacked by unknown perpetrators from North Korea—or perhaps England. Or was it Florida?

We surely need to improve our cybersecurity. But words have meaning, and metaphors matter. There’s a power struggle going on for control of our nation’s cybersecurity strategy, and the NSA and DoD are winning. If we frame the debate in terms of war, if we accept the military’s expansive cyberspace definition of “war,” we feed our fears.

We reinforce the notion that we’re helpless—what person or organization can defend itself in a war?—and others need to protect us. We invite the military to take over security, and to ignore the limits on power that often get jettisoned during wartime.

If, on the other hand, we use the more measured language of cybercrime, we change the debate. Crime fighting requires both resolve and resources, but it’s done within the context of normal life. We willingly give our police extraordinary powers of investigation and arrest, but we temper these powers with a judicial system and legal protections for citizens.

We need to be prepared for war, and a Cyber Command is just as vital as an Army or a Strategic Air Command. And because kid hackers and cyber-warriors use the same tactics, the defenses we build against crime and espionage will also protect us from more concerted attacks. But we’re not fighting a cyberwar now, and the risks of a cyberwar are no greater than the risks of a ground invasion. We need peacetime cyber-security, administered within the myriad structure of public and private security institutions we already have.

This essay previously appeared on CNN.com.

EDITED TO ADD (7/7): Earlier this month, I participated in a debate: “The Cyberwar Threat has been Grossly Exaggerated.” (Transcript here, video here.) Marc Rotenberg of EPIC and I were for the motion; Mike McConnell and Jonathan Zittrain were against. We lost.

We lost fair and square, for a bunch of reasons—we didn’t present our case very well, Jonathan Zittrain is a way better debater than we were—but basically the vote came down to the definition of “cyberwar.” If you believed in an expansive definition of cyberwar, one that encompassed a lot more types of attacks than traditional war, then you voted against the motion. If you believed in a limited definition of cyberwar, one that is a subset of traditional war, then you voted for it.

This continues to be an important debate.

EDITED TO ADD (7/7): Last month the Senate Homeland Security Committee held hearings on “Protecting Cyberspace as a National Asset: Comprehensive Legislation for the 21st Century.” Unfortunately, the DHS is getting hammered at these hearings, and the NSA is consolidating its power.

EDITED TO ADD (7/7): North Korea was probably not responsible for last year’s cyberattacks. Good thing we didn’t retaliate.

Posted on July 7, 2010 at 12:58 PMView Comments

Space Terrorism

Space terrorism? Yes, space terrorism. This article, by someone at the European Space Policy Institute, hypes a terrorist threat I’ve never seen hyped before. The author waves a bunch of scare stories around, and then concludes that “the threat of ‘Space Terrorism’ is both real and latent,” then talks about countermeasures. Certainly securing our satellites is a good idea, but this is just silly.

Posted on June 29, 2010 at 11:42 AMView Comments

Baby Terrorists

This, from Congressman Louie Gohmert of Texas, is about as dumb as it gets:

I talked to a retired FBI agent who said that one of the things they were looking at were terrorist cells overseas who had figured out how to game our system. And it appeared they would have young women, who became pregnant, would get them into the United States to have a baby. They wouldn’t even have to pay anything for the baby. And then they would turn back where they could be raised and coddled as future terrorists. And then one day, twenty…thirty years down the road, they can be sent in to help destroy our way of life. ‘Cause they figured out how stupid we are being in this country to allow our enemies to game our system, hurt our economy, get setup in a position to destroy our way of life.

This is simply too stupid to even bother refuting. But this sort of fear mongering is nothing new for Gohmert.

Posted on June 29, 2010 at 6:28 AMView Comments

Hacker Scare Story

10 Everyday Items Hackers Are Targeting Right Now

5. Your Blender. Yes, Your Blender

That’s right: your blender is under attack! Most mixers are self-contained and not hackable, but Siciliano says many home automation systems tap into appliances such as blenders and coffee machines. These home networks are then open to attack in surprising ways: A hacker might turn on the blender from outside your home to distract you as he sneaks in a back window, he warns.

Yeah, and Richard Clarke thinks hackers can set your printer on fire.

Posted on June 25, 2010 at 1:47 PMView Comments

Fifth Annual Movie-Plot Threat Contest Winner

On April 1, I announced the Fifth Annual Movie Plot Threat Contest:

Your task, ye Weavers of Tales, is to create a fable of fairytale suitable for instilling the appropriate level of fear in children so they grow up appreciating all the lords do to protect them.

On May 15, I announced the five semi-finalists. Voting continued through the end of the month, and the winner (improved by the author, with help from blog comments) is:

The Gashlycrumb Terrors, by Laura

A is for anthrax, so deadly and white.
B is for burglars who break in at night.
C is for cars that, with minds of their own,
accelerate suddenly in a school zone.
D is for dynamite lit with a fuse.
E is for everything we have to lose.
F is for foreigners, different and strange.
G is for gangs and the crimes they arrange.
H is for hand lotion, more than three ounces;
pray some brave agent sees it and pounces.
I is for ingenious criminal plans.
J is for jury-rigged pipe-bombs in vans.
K is for kids who would recklessly play
in playgrounds and parks with their friends every day.
L is for lead in our toys and our food.
M is for Mom’s cavalier attitude.
N is for neighbors—you never can tell:
is that a book club or terrorist cell?
O is for ostrich, with head in the sand.
P is for plots to blow up Disneyland.
Q is for those who would question authorities.
R is for radical sects and minorities.
S is for Satanists, who have been seen
giving kids razor blades on Halloween.
T is for terrorists, by definition.
U is for uncensored acts of sedition.
V is for vigilance, our leaders’ tool,
keeping us safe, both at home and at school.
W is for warnings with colors and levels.
X is for x-raying bags at all revels.
Y is for *you*, my dear daughter or son
Z is for Zero! No tolerance! None!

Laura, contact me with your address so I can send you your prize. Anyone interesting in illustrating this, preferably in Edward Gorey’s style, should e-mail me first.

History: The First Movie-Plot Threat Contest rules and winner. The Second Movie-Plot Threat Contest rules, semifinalists, and winner. The Third Movie-Plot Threat Contest rules, semifinalists, and winner. The Fourth Movie-Plot Threat Contest rules and winner.

Posted on June 15, 2010 at 6:02 AMView Comments

Mainstream Cost-Benefit Security Analysis

This essay in The New York Times is refreshingly cogent:

You’ve seen it over and over. At a certain intersection in a certain town, there’ll be an unfortunate accident. A child is hit by a car.

So the public cries out, the town politicians band together, and the next thing you know, they’ve spent $60,000 to install speed bumps, guardrails and a stoplight at that intersection—even if it was clearly a accident, say, a drunk driver, that had nothing to do with the design of the intersection.

I understand the concept; people want to DO something to channel their grief. But rationally, turning that single intersection into a teeming jungle of safety features, while doing nothing for all the other intersections in town, in the state, across the country, doesn’t make a lot of sense.

Another essay from the BBC website:

That poses a difficult ethical dilemma: should government decisions about risk reflect the often irrational foibles of the populace or the rational calculations of sober risk assessment? Should our politicians opt for informed paternalism or respect for irrational preferences?

The volcanic ash cloud is a classic case study. Were the government to allow flights to go ahead when the risks were equal to those of road travel, it is almost certain that, over the course of the year, hundreds of people would die in resulting air accidents, since around 2,500 die on the roads each year.

This is politically unimaginable, not for good, rational reasons, but because people are much more risk averse when it comes to plane travel than they are to driving their own cars.

So, in practice, governments do not make fully rational risk assessments. Their calculations are based partly on cost-benefit analyses, and partly on what the public will tolerate.

Posted on June 11, 2010 at 12:08 PMView Comments

Terrorists Placing Fake Bombs in Public Places

Supposedly, the latest terrorist tactic is to place fake bombs—suspicious looking bags, backpacks, boxes, and coolers—in public places in an effort to paralyze the city and probe our defenses. The article doesn’t say whether or not this has actually ever happened, only that the FBI is warning of the tactic.

Citing an FBI informational document, ABC News reports a so called “battle of suspicious bags” is being encouraged on a jihadist website.

I have no doubt that this may happen, but I’m sure these are not actual terrorists doing the planting. We’re so easy to terrorize that anyone can play; this is the equivalent of hacking in the real world. One solution is to continue to overreact, and spend even more money on these fake threats. The other is to refuse to be terrorized.

Posted on June 9, 2010 at 6:24 AMView Comments

1 6 7 8 9 10 23

Sidebar photo of Bruce Schneier by Joe MacInnis.