Home | Projects | Library | Blog

Archive for February 17th, 2009

better scare tactics: polysyllabic names

Tuesday, February 17th, 2009

Next time you need to scare someone into action (a boss, a client, a vendor, your child), make up a term for the risk that may occur, and make sure the name you make up is long and hard to pronounce.

In Studies 1 and 2, ostensible food additives were rated as more harmful when their names were difficult to pronounce than when their names were easy to pronounce;
[...]
In Study 3, amusement-park rides were rated as more likely to make one sick (an undesirable risk) and also as more exciting and adventurous (a desirable risk) when their names were difficult to pronounce than when their names were easy to pronounce.

Hat tip: Bruce Schneier.

Posted in social engineering | Comments Off

MS09-002 reverse engineered

Tuesday, February 17th, 2009

ISC is reporting that they’re seeing exploits of MS09-002 in the wild. MS09-002 is an exploit which allows for remote code execution on IE7. The vulnerability was first reported to MS in October of 2007 by the Zero Day Initiative. Microsoft issued the patch a week ago. Given this, ISC is also claiming that it is likely that the patch was reverse engineered to find the vulnerability, and I would have to agree. I’m sure the anti-disclosure crowd will be using this one as proof positive for their position in the future.

Tags: , , ,
Posted in news | Comments Off

  
Pi is exactly 3!