Why smart people do dumb things online
Here's how to use free apps and common sense so you don't do something stupid -- like the brilliant David Petraeus did.
Computerworld - David Petraeus is probably the last person you might have expected to wreck his career with an email scandal.
Petraeus is smart: He graduated in the top 5% of his class at West Point and went on to earn a Ph.D.
Petraeus has self-control: His self-discipline was "legendary," according to Time Magazine.
And Petraeus knows what he's doing: During his time as a four-star general and as director of the CIA, he acquired an intimate knowledge of how easily email can be hacked.
And that's why it's so incredible that even Petraeus did the dumbest thing imaginable when it came to his email: He trusted it with his secrets.
Two limitations of the human mind
The Petraeus fiasco involves a sordid and tawdry "love pentagon" with five very high-level professionals flirting, harassing, investigating, gossiping, sexting and more.
It also involves issues of national security, inter-agency rivalry, legal boundaries around surveillance and more.
But I'm not concerned about any of that. What I care about is Gmail.
This whole mess came to light -- and careers and, probably, marriages were ruined, and the government was shamed -- because of evidence harvested from Google's Gmail.
Everybody should know -- and CIA directors should definitely know -- that cloud-based email services are not safe places to put things you don't want anyone to see.
In fact, Petraeus used an old trick he probably learned from Al Qaeda militants.
The trick was this: Instead of sending email to his biographer/girlfriend, Petraeus simply kept messages in a draft folder without sending them. Both parties had the email address, and simply logged in and read the drafts.
Well, probably. But the reason Petraeus did such a dumb thing is the same reason why half the celebrities in Hollywood end up with naked cellphone pictures on the Internet, the same reason kids entering the workforce increasingly don't get hired because of some online photo or comment, the same reason countless families argue over things posted or emailed, and the same reason people get fired every day over things they say online.
That reason is a fundamental flaw in human nature, which is that we think our potential audience is the same as our intended audience.
When teenagers post ill-advised pictures or comments on Facebook, they're thinking about a small number of friends reading it. While they're thinking of those people, their brains prevent them from thinking about grandma, or the teacher they friended, or the friend who copies the content and broadcasts it publicly, or the future HR manager vetting job candidates.
The writer H.P. Lovecraft talked about "the inability of the human mind to correlate all its contents." He described the experience of this limitation poetically: "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far."
It's not that humans are dumb, but that we're single-minded. We're often unable to use the knowledge we have for our own good because when we think about one thing, we forget about other things.
The second flaw in human nature is something economists call "present bias." When the reward is now, but the risk later, we can't help but to embrace the reward and ignore the risk.
"Present bias" is why people get into crippling debt, take dangerous drugs, overeat and voluntarily do other things that cause regret. We do it because the benefit is now and the regret is later.
Email feels now, but email is forever. And so are social media and other online activities.
But they don't have to be
The benefits of self-destruction
A good rule of thumb is to only post or send something online if you would be happy to show it to your mother, children, partner and boss.
But there's a loophole. A category of free services lets you communicate everything else with very low risk.
The handiest solution is "email" that self-destructs, like the taped messages on Mission: Impossible.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!