GUEST POST: 'Robin Sage' fooled no one but the media
Written by
I am talking about the coverage of that story, where the reporting has largely been horrible, gullible, naive crap.\xa0 Sorry folks, but yes, that includes coverage from people I like.\xa0 If you believe a lot of what you read, you would think that a lot of people were "duped" into following/friending/linking/whatevering Ms. Sage.\xa0 This shows a gross lack of understanding of both social networking and the security community- both on the part of the journalists, and to a lesser extent, the researcher.
The people who "over-shared" really are a problem, and it may be interesting to see what Thomas Ryan (the person behind Robin Sage) presents at DefCon.\xa0 It looks like s/he got a lot of sensitive information from people who should know better- three letter agencies, military, and more.\xa0 Interesting, but "people are stupid and gullible" is not really ground-breaking, nor is mining/abusing social networking to prove this point a new idea either.\xa0 It does sound like the scope and scale may be noteworthy.\xa0 But not new, and being a skeptic, I'm not sure it is newsworthy.
Where things fall apart is the nonsense over stories which pretty much proclaim that MILLIONS OF SECURITY PROS DUPED, and point to the number of friends/links/etc. the virtually perky Ms. Sage gathered.\xa0 I would like to point out four things:
- Different people use social networks in different ways.\xa0 Just because someone accepts your connection request does not mean they are fooled by you.\xa0 They may not even care if you are real or fake.
- Maybe they (sadly common) think that more connections means they are more important.
- Maybe they are public figures of some kind, and accept most requests as a matter of policy.\xa0 If people are careful with what information they share, there is nothing wrong with this. Nothing. It is voluntary, get over it.\xa0 It is how Social Media and Social Networking work for many people.\xa0 If you don't like this approach- don't use it.
- The decision to accept may be based on connections offered (via friend-of-a-friend linking) instead of being based on the person making the request.\xa0 Again, if you are cautious about what you share, there isn't a risk here- even if it is a pretty shallow move.\xa0 Robin certainly had some interesting friends/links to entice people.\xa0 Put another way: Some days, the wingman scores.
And this is just the worst of it this week.\xa0 Half baked ideas, giant (and flawed) leaps of logic, obvious vendor spin, and more were on parade this week.\xa0 Maybe it was the heat and no one could think clearly.\xa0 Maybe it was Vacation from Healthy Skepticism Week and no one told me.\xa0 I don't know, but I'm not happy about it.
Jack
[Note: since posting, the question of linking to specific examples has come up. I debated it while writing this post, but in the end I decided that the issue was so pervasive that calling out specific writers or articles would not have been productive.]
This post originally ran on Jack Daniel's blog.