Nov 10 2008

Twenty years … and yet the battle continues

No Gravatar

My original readers from 1988 (e.g. Tom Simondi) know Vmyths just marked its twentieth anniversary. Twenty years … and yet the battle continues. Computer security hysteria has repeatedly evolved — or should I say “devolved”? — over the last two decades. It seems like every few years I need to reevaluate the state of hysteria to understand how it has changed.

It’s been a long haul from a text document in 1988, to a personal site in 1995, to a business site in 2000, back to a personal site in 2006. Twenty years … and yet the battle continues.

Along the way I’ve exposed numerous “experts” who fell for a computer security hoax. My desire to understand why experts get duped … led me to pick up psychologist Dr. Madeleine L. Van Hecke’s new book, “Blind Spots: Why Smart People Do Dumb Things.” The back cover explains “our minds work for us 80 to 90 percent of the time. But what about the rest of the time when we jump to conclusions, don’t allow ourselves the time to think things through, or can’t see the forest for the trees?”

Van Hecke’s book is a great page-turner. And wouldn’t you know it? She openly admits she once fell for a virus hoax. She dissects her own “blind spot” on page 41:

When I received a dire e-mail from a friend warning that she might have inadvertently infected my computer with a virus, I panicked. I felt great pressure to remove the virus from my computer, to follow the instructions that my friend had included, and to inform the hundred-plus people in my address book that their computers, too, might have become infected. Soon after I had e-mailed warnings to these hundred people, I began getting return messages from some of them telling me that this virus was a hoax and that the method I had used to remove the so-called virus from my computer had actually deleted a program that my computer needed. Not only had I wasted hours of time, but also some of the people in my address book had, like me, taken immediate action and so spread the hoax. The number of hours wasted by people trying to fix something that wasn’t broken becomes incalculable in a virus hoax situation. I felt stupid.

Why hadn’t it occurred to me to make sure that the virus I was being warned about was a real danger and not a hoax? Part of the problem was my lack of experience; this incident was the first time I had ever received such a message. Another part was my lack of knowledge. I didn’t know that there were Web sites that would tell me whether a particular virus was a legitimate threat or a prank. But even with my inexperience, I might have acted differently — had I stopped to think.

I learned from the virus hoax incident that I could use “feeling panicky” as a cue to remind myself to stop and think. I could use feeling time pressured as a trigger to ask myself, “How much time do you really have here?”

I’ll take bets that Van Hecke’s friends pointed her to Vmyths. And — unlike the many experts whose fragile egos let them perpetuate a hoax — I’ll bet she ultimately ‘fessed up to her friends. "Glad I could help you out, ma’am!"

Twenty years … and yet the battle continues. I might not live long enough to see us win the war against computer security hysteria, but I didn’t come this far just to lose.

Thankfully, winning is a realistic goal. After all, we did win the wars against rampant nuclear hysteria and rampant smallpox hysteria and rampant cyber-terror hysoops, my bad. We’re still fighting that battle. Anyway…

Van Hecke has now joined the fight. Read her book, put on your war paint, then join us on the battlefield if you haven’t done so already in the last two decades.

(Waitaminit. “I might not live long enough”? Hmph. I said the same thing in the fall of 1989 while riding a train to Kaiserslautern, Germany. I agreed with an old German man that the Berlin Wall would someday fall, although probably not in our lifetimes. One month later I slapped my forehead and thought “what a waste of a prediction.” I know we’ll win the war against computer security hysteria, folks.)

Somebody remind me to write again in 2018 when Vmyths turns 30…