## Monday, May 19, 2014

### THHGTTG and Stream of Consciousness

I was listening to a podcast, Science Talk (Scientific American) and there was an interview with author David J. Hand on his book The Improbability Principle: Why Coincidences, Miracles and Rare Events Happen Every Day  and he started off on probabilities of a coin flip.

It reminded me of math classes from high school where we had to calculate that exact thing.

Which is the most likely outcome of a coin flip 5 times in a row?
a. HHHHH
b. TTTTT
c. HTHTH
d.HHHHT

and on and on. The correct answer is all of them.

1/2 * 1/2 * 1/2 * 1/2 *1/2 for each answer you will have a 1/32 chance of that result.

The outcomes made me think of the abbreviation to the Hitchhiker's Guide to the Galaxy: THHGTTG. So close! What are the chances of a coin flip landing in that order 8 times? The G's will represent the coin landing on its side.

According to Daniel B. Murray and Scott W. Teare of Harvard, the odds of that happening are 1 in 6000. Source

or

## Thursday, May 15, 2014

### Just a Myth

I listen to a lot of comedy and science podcasts and sometimes I get a crossover of the two: Nerdist,

You Made it Weird, I love it. The comedian host talks to people for as long as they want to talk. He has some questions he asks everyone, their view of God, what happens when you die and when was the last time you laughed really hard and why. This time he talked to one of my top physicists, the order changes but:

Michio Kaku: always #1, his book Beyond Einstein made me love physics
Phil Plait: the Bad Astronomer, I read his blog in the mid 90s
Neil deGrasse Tyson: one sexy mofo, could sell you science and make you grateful to pay
Brian Greene: The Elegant Universe, loved it so much
Paul Davies: About Time - how fast does time flow? one second per second.
David Deutch: The Quest for the Quantum Computer. Amazing.
Mike Brown: killed Pluto
Jane Luu: discovered the Kuiper Belt!
Jill Tarter: SETI all the way
... there's a lot -I keep adding to this list.

Ok so Pete Holmes is talking to Brian Greene and he says something that makes me incredibly sad. In 1998 it was discovered that the expansion of the universe is accelerating and one day there won't be any stars. They will be just a myth and beyond that no one will ever know they existed. I know on the evolutionary timescale that's still far away but these things that we gain so much understanding of the universe from will be completely unknown, they will be gone.

Crab Nebula a supernova remnant that was recorded by Chinese astronomers in 1054ace.

## Wednesday, May 14, 2014

### The hard working alligator

The Swamp House: more pics of the process and final project by John Henry

I am in love with automatons. I want to know how they work so I can make my own weird creations. I have books and kits and papercraft kits so it's going to happen. Soon....

Watching this one is kind of hypnotic so I started to wonder how much this alligator was making based on the apparent speed of the gif. It makes ~\$.125/second or ~\$450 an hour. Normally you are supposed to take an average of multiple measurements but I don't think the gif will speed up at all.

@10 seconds I counted 5 quarters or \$1.25/10seconds = ~\$.125/second

\$.125/1 sec * 60 sec/ 1 min * 60 min/1 hour =~\$450/hour.

﻿

## Wednesday, January 22, 2014

### Technical Communication

One of the main issues when speaking to users/customers/students/staff/etc. is a mismatch in communication styles, goals and levels of technical knowledge. They would like their problems solved in a way that does not affect their dignity when asking for help on things they might not understand. We, however, would like to resolve their issue and submit a ticket. This is where we experience a conflict.

Speakers: Campus Help Desk
Communication Style: Goals and Outcomes Oriented/Direct
Level of Technical Knowledge/Awareness: Highly Skilled
Goal: Answer Questions, Troubleshoot Problems, Submit Tickets

Audience: Callers into the Help Desk
Communication Style: Varied
Goal: Solve Problems, Submit Tickets, Ask Questions
Level of Technical Knowledge/Awareness: Varied

Ideally we would like to offer some amount of technical instruction as we troubleshoot so that they might be able to understand the problem if it happens again. They might see our methods of this instruction as a negative reflection of their intelligence. So how do we bridge this gap?
Communication accommodation theory (CAT) is a theory of communication developed by Howard Giles. It argues that “when people interact they adjust their speech, their vocal patterns and their gestures, to accommodate to others.
When two speakers have a common goal -they like each other, both parties will adjust their communication styles towards each other. Each will use the others' vernacular (IT Support Person vs. LAN Manager). When their goals are opposite it diverges (correcting each other, interrupting).

## Tuesday, January 14, 2014

### Phishing: Why Are Some People More Affected?

This is from a really good ad campaign on security awareness from Southern Methodist University.

Phishing
Scamming method used to elicit information from uninformed computer users through impersonation of trusted sources;  respelling of fishing used to evade scans and filters by mainstream servers policing the internet.
Email messages will contain:
1.Threats
2.Company Logo or Name
4.+/- misspelled words and typos

Why do some people seem to fall for phishing?

Are users:
On autopilot? Not engaged or passive in their online activities? Cowed by perceived authority? Lacking critical thinking abilities? Other?

This is an example we get sent to the Campus Help Desk about once a month:

And according to Educause we are the #2 most phished industry:

Early in 2013 the Syrian Electronic Army successfully phished several news media Twitter accounts. One of them was the Onion (which took some time to discover because their tweets are already strange).

The Onion was the only hacked account that later released information on exactly how it happened. Their staff were sent this email multiple times over the course of a week. Eventually a staff member clicked the link and entered the requested information (if a user clicks the link they are most likely going to continue on entering what is asked if given no warning from their browser or mail client).

Emotional Triggers Exploited by Phishing

There are certain personality types that are the most susceptible to phishing.
• Greed
• Fear
• Heroism
• Desire to be Liked
• Authority

Greed:
Date: Mon, 5 Jan 2004 09:30:13
From: chika_williams@tiscali.co.uk
To: gullible@yahoo.com
Subject: URGENT

RE: URGENT REQUEST FOR YOUR UNALLOYED CO-OPERATION TO TRANSFER (US\$20.4 MILLION U.S. DOLLARS ONLY) INTO YOUR PRIVATE OR COMPANY’S ACCOUNT

Fear/Authority:

Heroism/Desire to be Liked

Victim Personality Traits:
There are certain victim personality traits when combined with a cognitive bias that can result in a user who will fall for phishing attacks. Remember that each of these traits are completely normal in small amounts.
• Neuroticism: causes people to be more upset when being lied to and prefer to believe people are more truthful.
• Impulsivity: read,  decide and  click as fast as possible.
• Introversion: prefer online communication.

Cognitive Bias:
We are bad at detecting deception in others but good at detecting honesty.
We tend to overestimate our abilities and underestimate risk.
We believe what we want to believe (cognitive dissonance).

Research Study #1: Unnamed University

An 8 week study was done on 446 undergrads in an Intro to Information Systems course. They were given a Super Secret Code (SSC) and told to never give it out to anyone. The SSC was printed on official university letterhead with the title disclaimer “Do Not Disclose This Code.” It was used to access grades, quizzes, professor/ta email info communicating that the SSC is important and private. Giving it out would affect grades and violate the student conduct code. A nondisclosure agreement was signed.
For the 8 Weeks of the class they were instructed on internet security,phishing, hacking, etc.,  all lectures began with reminder displayed on PowerPoint:

‘DO NOT GIVE OUT YOUR SSC’.

Week 6: The unexpected, but not really. A real, unplanned phishing attack occurred with IT warning students. It was written up in the student paper.

Week 8 they were emailed the following message. Notice that there is no link or logo present.
This e‑mail is to inform you of a problem we are having with the information technology database. Due to a data collision we have lost some information and are unable to recover it. In order to get the database back up and working we need you to forward us your “super-secure code.” Please respond to this e‑mail with your code. Sorry for the inconvenience.

Out of 299  [final] participants*:
•57% ignored (170)
•32% replied with SSC (97)
•1% responded with a question/comment (4)
•<1% responded with incorrect info (2)

*147 students were excluded because they dropped class, didn’t receive the email/couldn’t find it, didn’t take the post instruction test, didn’t complete all items on final survey.

What were the responses?

• here is my SSC xxxxxx. I hope that the database will get fixed very soon. Best of luck to you on fixing the database.
•  My Network ID is xxxxx, My Student Number is xxxxx, my super secure Code is xxxxx, my home number is xxxxx.
• I think this is my code: xxxx, but I’m not sure. you can call my mom at xxx- xxxx if this isn’t it as she will have it for you.
•  I was told to never give out my super secrete (sic) code. . . . So how do I know this isn’t a scam?
•  I’m sorry to hear about your problems, but I will not be able to assist you.

What happened?!

Research Study #2: West Point 2004

A random sampling of 512 cadets were phished. West Point is unique in that the students have an average SAT score in the top 25%. The school was the first to be certified by the Center of Academic Excellence in Information Assurance Education (NSA), have a Security Emergency Response Team and security awareness training at the beginning of each semester.
(note: the article mainly focused on the intelligence of the cadets and the issues that would arise from betraying their trust with this study)
There was no discussion on ongoing IT security training. The following email was sent to the cadets with a link, replying email address and physical location of the sender. When the link was clicked on it returned a 404 error so there is no data on how many entered in their personal information.

The name is not found in the global address book, Washington Hall does not have a 7th floor and the building is used by all cadets on a regular basis. This is all information that is easily independently verified.

Out of 512 cadets, 80% clicked the link   (~400). And their reasons:
• ‘The email looked suspicious but it was from an Army colonel so I figured it must be legitimate.’
• ‘Any e-mail that contains the word ‘grade’ in it gets my immediate attention and action!’

What happened?!

Data Analysis
Experience Factors:
•Lack of Computer self confidence
•Lack of  Web experience
•Lack of  Security policy knowledge

Personality Factors
•Victim personality traits (neurotic, impulsive, introverted)

Phishing and Social Engineering works better on naive and vulnerable users.

• Reinforced  and Ongoing Training
• Security Awareness
• Communication from IT on Actual Phishing Attacks
Back to the original questions.Are users:
• On autopilot? no
• Not engaged or passive in their online activities? no
• Cowed by perceived authority? A bit
• Lacking critical thinking abilities? No
• Other? yes :Of the personality type that phishing exploits? yes!

They are engaging in these emails critically but do not have the experience, security knowledge and confidence to correctly asses the threat.

IT Managers
Be aware of potential victim users:
•Oversharing on Facebook (content and quality)
•New to the web
•Victim Personality Traits

Talk about it (think of a personal story that relates):  my mom once told me she replies to spam asking them to take her off their mailing list. Yes I told her to stop doing that and why.

Sources
Journal of management information systems [0742-1222] Wright, Ryan yr:2010 vol:27  iss:1 pg:273 -303

2007 IEEE Intelligence and Security Informatics Tiantian Qi, Tiantian yr:2007 pg:152 -159

EDUCAUSE quarterly [1528-5324] Ferguson, Aaron yr:2005 vol:28 iss:1 pg:54 -57

Communications of the ACM [0001-0782] Hong, Jason yr:2012 vol:55 iss:1 pg:74 -81

Halevi, Tzipora yr:2013

Telling Lies: Clues to Deceit in the Marketplace, Politics, and Marriage
Paul Ekman; c1985 New York : Norton

## Monday, January 6, 2014

### The Most Human Human

More and more often I've been contacting users to inform them that they have an infected machine and to clean it or they will be disabled from our network. It is almost impossible to send this information in an email that does not sound like a scam so I have to get creative. Lately I've had some success and offer it to you.

You will need to pass the Turing Test.

There is one method that seems to get a response:
• The subject of the message needs to be specific to the University
• Introduction and purpose of message.
• Identifying information: mac address, unid, ticket number.
• What they need to do now: virus scan, refer to a repair service.
• What will happen if the computer isn't cleaned
• Contact information (the most important part)
• Tell them to contact the Campus Help Desk for more information.
• Ask the user to find a contact number from the main Utah website.
In the interest of fighting phishing attacks you really want to avoid all of the features listed in previous modules: logos, links, threats.

## Thursday, October 31, 2013

### Are We Alone?

Philosophy 1050 (?) 1994

This was written in my first semester of college and after re-reading it's actually not the worst freshman writing I've read. It's not great though and I wouldn't pick this topic today with a gun to my head and yet I'm proud of my incredibly skeptical conclusions. Also, the X Files, wow I remember obsessing over that show and man can you tell! The assignment was an end of term paper on something typically contentious of a topic, abortion, capital punishment, etc. Because I was a gigantic dork I picked alien abductions because why the hell not? I still pick weird topics in my writing these days...

Are We Alone?

"I send greetings on behalf of the people of our planet. We step out of our solar system, into the universe seeking only peaceful contact." In 1977, Kurt Waldheim, past president of the United Nations sent this message out into space. It was sent in 55 languages on the Voyager 1 and 2 probes, and also on Pioneer 10 and 1 -each one on its way out of our solar system. Along with this message was sent over a hundred pictures that would not only show a sort of map to Earth,

but also give a tour along the way. Whether or not this message was ever received is still a mystery. There are a lot of people that believe the mystery has been solved. They range from fanatics to tabloid newspapers, to legitimate scientists. They have been dedicated to proving that extra-terrestrials have been visiting the Earth for a while now. Some of these people aren't just crackpots in the south searching for Elvis in the K-Mart parking lot. There are lawyers, doctors and numerous other professionals. They willingly risk their reputation on these occurrences. But the questions remain. Are there extra-terrestrials here, hidden by a massive government conspiracy. Or is this just another example of mass hysteria fueled by modern day myth?

In 1961, Betty and Barney Hill were driving home through New Hampshire. They saw a rapidly moving light and stopped to investigate. When they pulled out their binoculars, it disappeared. A few miles later, the strange light returned and seemed to follow them. It came closer and they saw that it was a circular object with figures moving behind blue tinted windows. Barney got out to get a better look. Suddenly, wings snapped out abruptly on both sides of the craft. Barney ran back to the car, panicked. Driving away, they looked back and it was gone. When they got home, they discovered that they had been gone an extra two hours instead of about ten minutes.

Betty began to have strange dreams, filled with haunting images of abductions scenes. She finally went to a hypnotist to find out what had really happened in the missing two hours. The therapist decided to use hypnotic regression to get the truth. When Barney stopped the car the second time, it had in fact stalled. The craft landed and aliens got out. They were separated and subjected to many biological tests, and what they called "sampling." Before they were returned to their car, they showed Betty a three dimensional map. It was a star map and she was told to study it carefully. Under her hypnotic state Betty was able to reproduce the map. When the aliens released them, Betty was already in the car and Barney found himself running back to the car panicked.

This could be considered and interesting "story," yet when the two separated accounts were compared, they were internally consistent on detail. The star map, their only tangible proof of the experience, was given to an amateur astronomer for further study. Five years later she concluded that the Hills had encountered aliens from the Zeta Reticuli system. Either they were going to the Zeta Reticuli system, or man would eventually go there. A few years later, this account was published. It was very popular and in 1975, made into a film called The UFO Incident. Millions of people relived the story of an ordinary couple, a postal worker and a social worker. This was only the beginning.

If aliens had visited the Earth, then why isn't it common knowledge? The most publicized accounts today come from tabloids and fanatics. There is not a lot of scientist or even government officials substantiating these claims. One of the reasons the governments around the world would want to hide these facts would be for our safety. Most of the books and movies in our culture portray them negatively. Popular opinion is that if aliens came to Earth, mass hysteria would ensue. The population would run for the hills. Any alien presence that can travel solar systems would surely have the capabilities to destroy the Earth. Or as the latest movies would suggest, kill or enslave the people and rape the planet. Remember "War of the Worlds"? That was only a fictional radio show and there was still a panic. For years the entertainment industry has been playing on our fears of destruction by some outside force. It's not the Soviet Union any more, It's E.T. He's back because we can't take care of the Earth ourselves and have forfeited our stewardship. Those fictional stories may just be for entertainment, but there are some interesting facts.

In the middle of the Nevada desert, possibly an extension of Nellis AFB, is something referred to as Area51. This is a real place. It was also very top secret. There are signs all around it restricting access, even that the security has the right to use deadly force. In 1951 an alien space craft supposedly crash-landed in Roswell, New Mexico. It was then transported to Area 51. The government of course denies this, but they do admit to some things. For example, Area51 was where the U-2 was developed and tested. Also the SR-71 spy plane that flew over Cuba on the 60's was made. Or the Stealth Bomber, the government still denies this project even months after pictures were taken and released to the public. It's not unusual to find strange lights moving in the sky at night. Area 51 has a reputation as testing grounds for experimental air craft. If the government had found a crash landed alien ship, this would be the place to assess it capabilities.

There is a lot of information, accounts, stories, etc. out in the world about the possibility of aliens here on Earth. This certainly warrants further investigation. The scientific community shouldn't be so quick to dismiss these claims. Just by the sheer number of them, they can't all be wrong, can they?

Of course they can! The Hill story was just one of many highly publicized cases. Millions of people watched then just as they do now. How many people saw "Fire in the Sky"? Most people today know what is supposed to happen if aliens from Mars come to "abduct" you, even to the point of knowing what they are supposed to look like. People say that in our time we don't have any myths or legends. I say that we do. They're called Area51, Roswell, and numerous other governmental conspiracies. People have taken their own fears and made them into these elaborate stories.

So then, is the government hiding alien life? Most people would agree that the government does hide things from the public. That's why they call it national security. Some of the things that our government does, we really wouldn't want to know. But more people agree that the government is really too incompetent to balance the budget much less fool millions of people. That would require forces beyond their current means. It's the Nixon era relived. Last year it was discovered that life did exist on Mars. This isn't a civilization either. Scientists found fossilized remains of bacteria millions of years old. It was found in a meteorite in the Antarctic. This is as close as we will ever come to life outside the Earth in our solar system with our current technology. Even this data is under scrutiny.

There is still a possibility of intelligent life nearby. The only problem is a big one for UFO fanatics. Why would they come to the Earth? Or how would they even know that we are out here? Scientists are using the most primitive means to try and contact outside life. We have only radio waves which would be the bottom rung of the ladder. So our scientist are using the radio waves and sending them into space. Even going the speed of light it would still take two hundred years to reach the nearest planetary system, which cannot support life. We may not even be around by the time alien civilizations receive it. It would still take them two hundred years to come here. That is of course going the speed of light. They would need one big generational ship. Faster than light speed is not possible with our current technology. But supposing they could safely go faster than light, they would of course have ways of overcoming one of the most fundamental laws of physics.

But I understand how inconvenient the laws of physics can be. There is another interesting theory. Any civilization that has been around long enough to become a member of the United Federation of Planets would need to have outlived many things. Wars, genocide, nuclear weapons, even its own UFO conspiracy theories. They would have to find a way to live in peace with themselves and others. They would have to realize that the Earth couldn't possibly be redundant elsewhere in the galaxy. If aliens have been coming here since the 1950's (when was "The War of theWorlds" first broadcast?), they have been experimenting on the wrong people. They should be abducting political, scientific, and religious leaders, not Betty and Barney Hill. People would believe Carl Sagan, but question Barney Hill. So then it's really a question of credibility. Alien life exists out beyond our solar system, but have they already come here?

We could just be a cosmic accident. We could also be a civilization searching for answers in the midst of many. Despite all of the evidence to the contrary, people are not entirely dissuaded. Maybe that's because all of the evidence to the contrary is not entirely dissuasive.