Persuasion and Manipulation

As I was reading about techniques of scamming and of social engineering, I realized that urgency is a tool that is both nefariously and legitimately used — having a sense of urgency motivates us to stop procrastinating and to act. Salesmen get people to buy products by instilling a sense of urgency. Religious and political leaders get people to act using urgency. Urgency is a persuasive tool.

Persuasion is the act of inducing action or belief in others.

I asked myself the question, “what’s the difference between honest and dishonest persuasion?”. Someone who honestly persuades builds trust, and is trustworthy. They love others, have integrity, and seek to empower others — to build them up, to strengthen them. It is selfless, although it doesn’t preclude deriving joy from helping others.

Someone who dishonestly persuades (manipulates) destroys trust through deception and intimidation. They may withhold information, utilize evasion, character attacks, and impersonation. They attempt to impede critical thinking. Manipulation is selfish. The object of manipulation is power or possessions.

[Laws of persuasion](http://www.bible-teaching-about.com/persuasion.html) include

* Reciprocation
* Commitment & Consistency
* Social Proof (aka conformity)
* Likability (trust, friends, I’m like you, image)
* Authority
* Scarcity (urgency)

I’d add:

* Diffusion of responsibility

That last one can help an individual stand up to pressure from peers. At one point during my [LDS mission](http://newsroom.lds.org/ldsnewsroom/v/index.jsp?vgnextoid=37bc12fccd78f010VgnVCM100000176f620aRCRD&vgnextchannel=3e0511154963d010VgnVCM1000004e94610aRCRD), I had a companion that was a challenge to work with. My mission president told me that if I felt pressured to do something I knew was wrong, to call him and ask permission. His answer would be “no”, and I could put the responsibility of the decision on his shoulders. Normally, I like to take the responsibility of decisions, but in one case, I felt more pressure from my companion than I wanted to stand up to myself. Making that phone call diffused the responsibility somewhat. I appreciated being able to lean on a trusted authority.

Minimizing tracing/instrumentation overhead, injectso

Reading these articles from lwn.net: [Minimizing instrumentation impacts](http://lwn.net/Articles/365833/) and [Debugging the Kernel using Ftrace](http://lwn.net/Articles/365835/), reminded me of [Microsoft detours](http://research.microsoft.com/en-us/projects/detours/) and [Linux injectso](http://c-skills.blogspot.com/) (updated to work with current glibc, kernels).

Global Warming opinions

There are many smart, rational people (and scientists) who believe in a dire future as a result of human-caused global warming, and that billions should be spent to reverse that trend. And there are many smart, rational people (and scientists) who see through the furor of faulty assumptions, faulty claims, and faulty conclusions. Here are several opinion pieces on Global Warming climate change.

[Time for a Smarter Approach to Global Warming: Investing in energy R&D might work. Mandated emissions cuts won’t](http://online.wsj.com/article/SB10001424052748704517504574589952331068322.html) by Bjorn Lomborg (who believes in global warming)

Mr. Lomborg says that spending money on reducing Malaria, HIV, etc. will help people, but spending money on lowering CO2 won’t help people.

[Inconvenient truth for Al Gore as his North Pole sums don’t add up](http://www.timesonline.co.uk/tol/news/environment/copenhagen/article6956783.ece), Dec 15, 2009

[The Climate Science Isn’t Settled](http://online.wsj.com/article/SB10001424052748703939404574567423917025400.html) by Richard S. Lindzen, Nov 30, 2009

Mr. Lindzen is a meteoroligist at MIT, and is one of the chief critics of the climate “catastrophe” claims being made by Al Gore and others.

[Fact-based climate debate](http://www2.ljworld.com/news/2009/dec/16/fact-based-climate-debate/) by Lee C. Gerhard, Dec 16, 2009

—-

Mankind does affect the environment. We are stewards over the earth, and we have been since the [time of Adam](http://scriptures.lds.org/en/gen/1/28e). We ought to be good stewards, and there are many ways to do that. Reducing man-caused carbon dioxide emissions on a global level won’t improve our lives. Improving air quality has improved our lives, and it makes sense to pursue cleaner air in the future. Pursuing safe, clean energy is also worthwhile.

Users, Security and Scams

I read Bruce Schneier’s [Crypto-Gram](http://www.schneier.com/crypto-gram.html) monthly. It’s from there that I found most of these links, with the exception of the ones on social engineering. I found the first paper on scam victims to be especially thought provoking (although it’s long). The video clip demonstrating social proof was amusing.

*[Understanding scam victims: seven principles for systems security](http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-754.pdf)*

Summary: Scammers manipulate people with distraction, deception, herd mentality, greed, time pressure and by impersonating authority. If something sounds too good to be true, it probably is.

—-

*[Social Engineering](http://www.infosectoday.com/Norwich/GI532/Social_Engineering.htm)* [\[2\]](http://www.chips.navy.mil/archives/09_Jan/web_pages/social_engineering.html) [\[3\]](http://packetstormsecurity.nl/docs/social-engineering/aaatalk.html)

*Summary*: Social engineers exploit people’s tendency to trust and to be helpful. They do this with ingratiation, impersonation, diffusion of responsibility, urgency, appeal to conformity (aka “social proof” or herd mentality), intimidation, deception, and authoritative orders.

There’s an entertaining Candid Camera (http://www.social-engineer.org/framework/Influence_Tactics:_Consensus_or_Social_Proof).

—-

*[The Rational Rejection of Security Advice by Users](http://research.microsoft.com/en-us/um/people/cormac/papers/2009/SoLongAndNoThanks.pdf)*

*Summary*: Security practitioners often dole out advice that is perceived by users as too time consuming. So users ignore or reject the security advice. However, “Advice that has compelling cost-benefit tradeoff has real chance of user adoption…. the costs and benefits have to be those the user cares about”. _Time_ is one thing users care about.