Menu Close

Tag: social engineering

This website was archived on July 20, 2019. It is frozen in time on that date.
Exolymph creator Sonya Mann's active website is Sonya, Supposedly.
March 29, 2016

A Hard Day’s Night of Fake Work

Playing video games. Original photo by R Pollard.

Original photo by R Pollard.

I’ve been playing a lot of Game Dev Tycoon, a business simulator in which you start and build a game development company. (Hat tip to Way Spurr-Chen!)

Sonya: “This game is so addictive.”
Alex: “That’s how you know it’s good!”

It is bizarre that I come home after work, usually drained from relating to people all day, and I want to pretend to go right back to work. A business simulator is most compelling when it mimics real professional stress. Game Dev Tycoon‘s appeal is the edge-of-your-seat anxiety that arises from owning a hypothetical small-to-medium business. You have to watch your revenue like a hawk, balance decisions about future investment against the necessity of meeting payroll, and respond to the vagaries of the market.

In his book Play Money, journalist and MMORPG expert Julian Dibbell talks about this trend — the convergence of work and play — in what you might call “post-developed” countries. He hypothesizes that it’s a condition of late capitalism. When your daily tasks consist of manipulating symbols on a computer screen, the content of work starts to closely resemble the content of recreation. Or vice versa?

Facebook, Tinder, and their ilk bring everyone’s social life into the fold as well. Your entire experience of the world can be directed through a carefully designed software interface, constructed to guide you toward certain actions and away from others.

For the most part, none of this is new. Board games and card games are also best when they involve resource management and strategic goal attainment. But the internet and ubiquitous computing greatly increase the scale of our reliance on interactive Platforms™ for employment, entertainment, and community.

February 24, 2016

Cybersecurity Tradeoffs & Risks

Kevin Roose hired a couple of high-end hackers to penetration-test his personal cybersecurity setup. It did not go well, unless you count “realizing that you’re incredibly vulnerable” as “well”. In his write-up of the exercise, Roose mused:

“The scariest thing about social engineering is that it can happen to literally anyone, no matter how cautious or secure they are. After all, I hadn’t messed up — my phone company had. But the interconnected nature of digital security means that all of us are vulnerable, if the companies that safeguard our data fall down on the job. It doesn’t matter how strong your passwords are if your cable provider or your utility company is willing to give your information out over the phone to a stranger.”

There is a genuine tradeoff between safety and convenience when it comes to customer service. Big companies typically err on the side of convenience. That’s why Amazon got in trouble back in January. Most support requests are legitimate, so companies practice lax security and let the malicious needles in the haystack slip through their fingers (to mix metaphors egregiously). If a business like Amazon enacts rigorous security protocols and makes employees stick to them, the average user with a real question is annoyed. Millions of average users’ mild discomfort outweighs a handful of catastrophes.

Artwork by Michael Mandiberg.

Artwork by Michael Mandiberg.

In semi-related commentary, Linux security developer Matthew Garrett said on Twitter (regarding the Apple-versus-FBI tussle):

“The assumption must always be that if it’s technically possible for a company to be compelled to betray you, it’ll happen. No matter how trustworthy the company [seems] at present. No matter how good their PR. If the law ever changes, they’ll leak your secrets. It’s important that we fight for laws that respect privacy, and it’s important that we design hardware on the assumption we won’t always win”

Although Garrett is commenting on a different issue within a different context, I think these two events are linked. The basic idea is that when you trust third parties to protect your privacy (including medical data and financial access), you should resign yourself to being pwned eventually. Perhaps with the sanction of your government.

Disclosure

Exolymph is a member of the Amazon Associates program. If you click on an Amazon link from this site and subsequently buy something, Exolymph will receive a small commission (at no cost to you).

Recents Posts

Search

© 2019 Exolymph. All rights reserved.

Theme by Anders Norén.