Home > Articles > Security > General Security and Privacy

  • Print
  • + Share This
Like this article? We recommend

Why Are We So Easily Manipulated?

Humans rely on underlying training that plays into all of the events we tackle on a daily basis. This knowledge is deeply rooted in our past and the lessons we have learned throughout our lives. If you are taught by your parents that trust is a virtue, then you're likely to trust without verification. The same morals and cultural ethos are taught to American children through many different mediums. My favorite? Disney. Not just Walt, but the lovable characters—especially the furry ones—in every Disney creation. Since the early 1930s, Disney has woven moral constructs and "acceptable behavior" messages into many wonderful and engaging stories. These messages help shape the minds of the young through entertainment and language that anyone can understand. The movies have also had a huge impact on our society as a whole. They teach us about telling right from wrong, good from evil, and the rules and checks that come along with defining each.

For example, I wasn't always the most polite kid. Growing up in an Italian family teaches you a lot about respect and honor, but also how to speak your mind—loudly. My mother figured out a few ways to correct this behavior (washing out my mouth with soap, grounding me, and other methods of torture). The most effective technique was to point me to one of my favorite movies at the time—the 1942 Disney classic Bambi. As we watched the movie, she had made a point of having me listen closely as Thumper shared this bit of wisdom: "If you can't say somethin' nice, don't say nothin' at all." This little lesson stuck in my head ever after.

As time passed, that phrase started to gain new meaning and twists: "If you say something that people think is bad or mean, then you are the bad guy." I asked a number of people about this statement, and almost all agreed that deep down they feel the same way. This twisted idea has now made it all the way to my professional life in SE. Let's go back to Vicki for a moment. If she asks the SE to show his badge or work order, and puts him through the ringer about them, that conversation could be considered "not nice." Resorting to her Bambi days, Vicki takes Thumper's advice, and doesn't say anything at all.

The attacks I've mentioned so far rely on an underlying Disney morality. Think about the technique of dressing the part. Aladdin is a movie that comes to mind quite often while I'm teaching attack techniques and social engineering classes. My favorite SE moment in the film comes at the beginning, when a merchant tries to sell the audience a lamp. "Do not be fooled by its commonplace appearance," he says. "Like so many things, it is not what is outside, but what is inside that counts." His convincing tone and intriguing tale of the lamp are his SE techniques. Viewers learn that you should base your opinion of someone on your perception of who he or she is as a person, even when you don't trust his or her appearance. This Disney morality plant allows the SE to fail the test of looks but still use speech and mannerisms to get in.

Famous quotes from Disney classics live on as pillars of morality and guidance to children and adults alike. But these same principles, when not handled correctly and in context, teach messages that could cause a greater vulnerability to the basics of SE techniques. When the wise Jiminy Cricket says, "Always let your conscience be your guide," it's hard to take the extra steps of verification. When you "feel" that someone is being genuine and true, you're likely to reflect that attitude right back.

  • + Share This
  • 🔖 Save To Your Account