 |
| Image from Pixabay |
Snap.
The sound of a withered twig giving way under the footsteps of a forest walker.
Only this time it wasn’t in the forest. And it certainly wasn’t a twig.
We’ve
lived in this house for exactly ten years now, and the bed has been in the same
spot for just as long. But when I walked into the bedroom recently, the bed
must have taken a step forward. Snap. The leg of the bed showed no damage. That
could only mean one thing: the sound came from my little toe. Most accidents
happen in a small corner, we say here. Or in a small toe, I now know. Oh well,
that bone will grow back together. (But it’s annoying.)
A day
later, Maarten van Rossem, the always cheerfully grumbling Dutch tv personality,
had an unfortunate fall. The historian had tripped over a curb in Utrecht,
right in front of the building that served as the headquarters of the fascist National
Socialist Movement during the war and which now houses a childcare centre. He
was lost in historical and ironic reflections on the fate of the building.
Consequences: a black and blue face and a hurt knee. So I was in good company
that week, in terms of being a victim of one’s own carelessness.
Shouldn't
we have been more careful? Absolutely! But one does a lot of things on
autopilot. As I said, nothing has changed in the layout of our bedroom for ten
years. And that curb has probably been there for a long time too. You can
blindly walk a route like these a thousand times without any accidents. And on
that one day you put your foot down just a little differently. There’s no
footage, I can't analyze it. But there was a deviation, that's for sure.
I
once heard someone say: walking is like fall in a controlled way. You lean
slightly forward and prevent a fall by putting one leg forward. Seen in this
light, walking is a rather clumsy activity for bipeds. Does it surprise you
that we sometimes take a misstep? No doubt, thick books have been written about
this that may or may not be worth reading, but this is not a blog about
kinematics, so I will leave this subject alone for now.
In
presentations I have sometimes made my audience think about the way they cross
a road. If you see a car approaching, you make an assessment of whether you can
still cross. You base this on the distance to the car and on its and your
speed. If you give yourself a green light, you start walking. But now we are
going to do this risk analysis again – because that is what it is – but in more
detail. You not only consider distance and speed, but you also take into
account the possibility that you stumble. Does the driver have enough time to
brake? Can he see you at all, or is he hindered by darkness or the low sun? Or
is he perhaps fiddling with his phone while driving?
If
you include those factors in your analysis, you will probably increase the
minimum distance that the car must have at a certain speed, in order to be able
to cross the road in confidence. But who does something like that? I can tell
you: people who have just had an accident. Because they have personally
experienced how things can go wrong and what the consequences are. And after a
while, that increased vigilance wanes again, and with that the chance of
accidents increases again.
In
information security, it is no different. If nothing ever happens, attention
lapses. And then it becomes easier for malicious actors – our standard term for
anyone who deliberately wants to do something with our systems and data that we
do not agree with – to do their thing. Practicing helps against lapses in
attention. Developing scenarios also helps. You have a certain interest that
you want to protect and you try to think of how a malicious actor would carry
out an attack on it. This can lead to surprising insights and solutions.
My
bed was not malicious. Bad (!) luck, most people would say. For the time being,
I walk past it with increased respect. I also put my feet down much more
consciously in other places. That takes quite a bit of energy. Actually, I am
already looking forward to my attention slackening a bit. Although I sincerely
hope the bed will stay where it is.
And in the big bad world…
- AI surprisingly often misses the mark.
- the US government no longer considers Russia a cyber threat.
- Your Pokémon Go location data may be flowing to Saudi Arabia.
- Twitter/X poses a threat to countries outside the US according to this Australian article.
- The new Dutch government workstations only store metadata in the cloud. [DUTCH]
- Apple is protesting the British backdoor.
- Signal’s CEO warns of AI agents.
- Apple seems to have implemented a good idea in a messy way.
- Many Chromecasts have an expired certificate, which means the device will no longer work.
- Instagram's teenage accounts offer only a false sense of security. [DUTCH]
.jpg)
No comments:
Post a Comment