Our brains are terrible at assessing modern risks. Here’s how to think straight about dangers in your midst.

By: Maia Szalavitz

Is your gym locker room crawling with drug-resistant bacteria? Is the guy with the bulging backpack a suicide bomber? And what about that innocent-looking arugula: Will pesticide residue cause cancer, or do the leaves themselves harbor E. coli? But wait! Not eating enough vegetables is also potentially deadly.

These days, it seems like everything is risky, and worry itself is bad for your health. The more we learn, the less we seem to know—and if anything makes us anxious, it’s uncertainty. At the same time, we’re living longer, healthier lives. So why does it feel like even the lettuce is out to get us?

The human brain is exquisitely adapted to respond to risk—uncertainty about the outcome of actions. Faced with a precipice or a predator, the brain is biased to make certain decisions. Our biases reflect the choices that kept our ancestors alive. But we have yet to evolve similarly effective responses to statistics, media coverage, and fear-mongering politicians. For most of human existence, 24-hour news channels didn’t exist, so we don’t have cognitive shortcuts to deal with novel uncertainties.

Still, uncertainty unbalances us, pitching us into anxiety and producing an array of cognitive distortions. Even minor dilemmas like deciding whether to get a cell phone (brain cancer vs. dying on the road because you can’t call for help?) can be intolerable for some people. And though emotions are themselves critical to making rational decisions, they were designed for a world in which dangers took the form of predators, not pollutants. Our emotions push us to make snap judgments that once were sensible—but may not be anymore.
I. We Fear Snakes, Not Cars
Risk and emotion are inseparable.

Fear feels like anything but a cool and detached computation of the odds. But that’s precisely what it is, a lightning-fast risk assessment performed by your reptilian brain, which is ever on the lookout for danger. The amygdala flags perceptions, sends out an alarm message, and—before you have a chance to think—your system gets flooded with adrenaline. “This is the way our ancestors evaluated risk before we had statistics,” says Paul Slovic, president of Decision Research. Emotions are decision-making shortcuts.

As a result of these evolved emotional algorithms, ancient threats like spiders and snakes cause fear out of proportion to the real danger they pose, while experiences that should frighten us—like fast driving—don’t. Dangers like speedy motorized vehicles are newcomers on the landscape of life. The instinctive response to being approached rapidly is to freeze. In the ancestral environment, this reduced a predator’s ability to see you—but that doesn’t help when what’s speeding toward you is a car.
II. We Fear Spectacular, Unlikely Events
Fear skews risk analysis in predictable ways.

Fear hits primitive brain areas to produce reflexive reactions before the situation is even consciously perceived. Because fear strengthens memory, catastrophes such as earthquakes, plane crashes, and terrorist incidents completely capture our attention. As a result, we overestimate the odds of dreadful but infrequent events and underestimate how risky ordinary events are. The drama and excitement of improbable events make them appear to be more common. The effect is amplified by the fact that media tend to cover what’s dramatic and exciting, Slovic notes. The more we see something, the more common we think it is, even if we are watching the same footage over and over.

After 9/11, 1.4 million people changed their holiday travel plans to avoid flying. The vast majority chose to drive instead. But driving is far more dangerous than flying, and the decision to switch caused roughly 1,000 additional auto fatalities, according to two separate analyses comparing traffic patterns in late 2001 to those the year before. In other words, 1,000 people who chose to drive wouldn’t have died had they flown instead.
III. We Fear Cancer But Not Heart Disease
We underestimate threats that creep up on us.

Humans are ill-prepared to deal with risks that don’t produce immediate negative consequences, like eating a cupcake or smoking cigarettes. As a result, we are less frightened of heart disease than we should be. Heart disease is the end result of actions that one at a time (one cigarette or one french fry) aren’t especially dangerous. But repeated over the years, those actions have deadly consequences. “Things that build up slowly are very hard for us to see,” says Kimberly Thompson, a professor of risk analysis at the Harvard School of Public Health. Obesity and global warming are in that category. “We focus on the short-term even if we know the long-term risk.”

Our difficulty in understanding how small risks add up accounts for many unplanned pregnancies. At most points during the menstrual cycle, the odds of pregnancy are low, but after a year of unprotected sex, 85 percent of couples experience it.
IV. No Pesticide in My Backyard—Unless I Put it There
We prefer that which (we think) we can control.

If we feel we can control an outcome, or if we choose to take a risk voluntarily, it seems less dangerous, says David Ropeik, a risk consultant. “Many people report that when they move from the driver’s seat to the passenger’s seat, the car in front of them looks closer and their foot goes to the imaginary brake. You’re likely to be less scared with the steering wheel in your hand, because you can do something about your circumstances, and that’s reassuring.” Could explain why your mother always criticizes your driving.

The false calm a sense of control confers, and the tendency to worry about dangers we can’t control, explains why when we see other drivers talking on cell phones we get nervous but we feel perfectly fine chatting away ourselves. Similarly, because homeowners themselves benefit if they kill off bugs that are destroying their lawns, people fear insecticide less if they are using it in their own backyard than if a neighbor uses the same chemical in the same concentration, equally close to them. The benefits to us reduce the level of fear. “Equity is very important,” says Slovic, and research shows that if people who bear the risk also get the benefit, they tend to be less concerned about it.
V. We Speed Up When We Put Our Seat belts On
We substitute one risk for another.

Insurers in the United Kingdom used to offer discounts to drivers who purchased cars with safer brakes. “They don’t anymore,” says John Adams, a risk analyst and emeritus professor of geography at University College. “There weren’t fewer accidents, just different accidents.”

Why? For the same reason that the vehicles most likely to go out of control in snowy conditions are those with four-wheel drive. Buoyed by a false sense of safety that comes with the increased control, drivers of four-wheel-drive vehicles take more risks. “These vehicles are bigger and heavier, which should keep them on the road,” says Ropeik. “But police report that these drivers go faster, even when roads are slippery.”

Both are cases of risk compensation: People have a preferred level of risk, and they modulate their behavior to keep risk at that constant level. Features designed to increase safety—four-wheel drive, Seat belts, or air bags—wind up making people drive faster. The safety features may reduce risks associated with weather, but they don’t cut overall risk. “If I drink a diet soda with dinner,” quips Slovic, “I have ice cream for dessert.”

VI. Teens May Think Too Much About Risk—And Not Feel Enough
Why using your cortex isn’t always smart.

Parents worry endlessly that their teens will drive, get pregnant, or overdose on drugs; they think youth feel immortal and don’t consider negative consequences. Curiously, however, teens are actually less likely than adults to fall into the trap of thinking, “It won’t happen to me.” In fact, teens massively overestimate the odds of things like contracting HIV or syphilis if they have sex. One study found that teens thought a sexually active girl had a 60 percent chance of getting AIDS. So why do they do it anyway?

Teens may not be irrational about risk but too rational, argues Valerie Reyna, a psychologist at Cornell University. Adults asked to consider absurd propositions like “Is it a good idea to drink Drano?” immediately and intuitively say no. Adolescents, however, take more than twice as long to think about it. Brain-scan research shows that when teens contemplate things like playing Russian roulette or drinking and driving, they primarily use rational regions of the brain—certain regions of cortex—while adults use emotional regions like the insula.

When risky decisions are weighed in a rational calculus, benefits like fitting in and feeling good now can outweigh real risks. As a result, teaching reasoned decision-making to teens backfires, argues Reyna. Instead, she says, we should teach kids to rule out risks based on emotional responses—for example, by considering the worst-case scenario, as adults do. But research suggests there may be no way to speed up the development of mature decision-making. Repetition and practice are critical to emotional judgment—which means that it takes time to learn this skill.
VII. Why Young Men Will Never Get Good Rates on Car Insurance
The “risk thermostat” varies widely.

People tend to maintain a steady level of risk, sensing what range of odds is comfortable for them and staying within it. “We all have some propensity to take risk,” says Adams. “That’s the setting on the ‘risk thermostat.’” Some people have a very high tolerance for risk, while others are more cautious.

Forget the idea of a risk-taking personality. If there’s a daredevil gene that globally affects risk-taking, researchers haven’t found it. Genes do influence impulsivity, which certainly affects the risks people take. And testosterone inclines males to take more risks than females. But age and situation matter as much as gender. Men 15 to 25 are very risk-prone compared to same-age women and older people.

More importantly, one person’s risk thermostat may have different settings for different types of risk. “Somebody who has their whole portfolio in junk bonds is not necessarily also a mountain climber,” explains Baruch Fischhoff, a professor of psychology at Carnegie Mellon University.
VIII. We Worry About Teen Marijuana Use, But Not About Teen Sports
Risk arguments cannot be divorced from values.

If the risks of smoking marijuana are coldly compared to those of playing high-school football, parents should be less concerned about pot smoking. Death by marijuana overdose has never been reported, while 13 teen players died of football-related injuries in 2006 alone. And marijuana impairs driving far less than the number one drug used by teens: alcohol. Alcohol and tobacco are also more likely to beget addiction, give rise to cancer, and lead to harder drug use.

If the comparison feels absurd, it’s because judgments of risk are inseparable from value judgments. We value physical fitness and the lessons teens learn from sports, but disapprove of unearned pleasure from recreational drugs. So we’re willing to accept the higher level of risk of socially preferred activities—and we mentally magnify risks associated with activities society rejects, which leads us to do things like arresting marijuana smokers.

“Risk decisions are not about risks alone,” says Slovic. “People usually take risks to get a benefit.” The value placed on that benefit is inherently subjective, so decisions about them cannot be made purely “on the science.”
IX. We Love Sunlight But Fear Nuclear Power
Why “natural” risks are easier to accept.

The word radiation stirs thoughts of nuclear power, X-rays, and danger, so we shudder at the thought of erecting nuclear power plants in our neighborhoods. But every day we’re bathed in radiation that has killed many more people than nuclear reactors: sunlight. It’s hard for us to grasp the danger because sunlight feels so familiar and natural.

Our built-in bias for the natural led a California town to choose a toxic poison made from chrysanthemums over a milder artificial chemical to fight mosquitoes: People felt more comfortable with a plant-based product. We see what’s “natural” as safe—and regard the new and “unnatural” as frightening.

Any sort of novelty—including new and unpronounceable chemicals—evokes a low-level stress response, says Bruce Perry, a child psychiatrist at ChildTrauma Academy. When a case report suggested that lavender and tea-tree oil products caused abnormal breast development in boys, the media shrugged and activists were silent. If these had been artificial chemicals, there likely would have been calls for a ban, but because they are natural plant products, no outrage resulted. “Nature has a good reputation,” says Slovic. “We think of natural as benign and safe. But malaria’s natural and so are deadly mushrooms.”
X. We Should Fear Fear Itself
Why worrying about risk is itself risky.

Though the odds of dying in a terror attack like 9/11 or contracting Ebola are infinitesimal, the effects of chronic stress caused by constant fear are significant. Studies have found that the more people were exposed to media portrayals of the 2001 attacks, the more anxious and depressed they were. Chronically elevated stress harms our physiology, says Ropeik. “It interferes with the formation of bone, lowers immune response, increases the likelihood of clinical depression and diabetes, impairs our memory and our fertility, and contributes to long-term cardiovascular damage and high blood pressure.”

The physiological consequences of overestimating the dangers in the world—and revving our anxiety into overdrive—are another reason risk perception matters. It’s impossible to live a risk-free life: Everything we do increases some risks while lowering others. But if we understand our innate biases in the way we manage risks, we can adjust for them and genuinely stay safer—without freaking out over every leaf of lettuce.

Maia Szalavitz is the co-author of The Boy Who Was Raised as a Dog: And Other Stories From a Child Psychiatrist’s Notebook.

The search engine can be accessed for free from:
www.data64.cc

The search engine searches through a database of websites that is compiled and updated by subject experts. This ensures that users get the most relevant information in the fields of:

1. cyber crime
2. cyber crime investigation
3. cyber forensics
4. computer security

The suspects created and distributed Harada (a Trojan horse infecting users of the Winny P2P file-sharing network). The Trojan displayed images of popular animation characters while wiping MP3 and movie files.

Under Japanese Law, it is not illegal to write computer viruses and hence the suspects are being charged for copyright violation on the grounds that cartoon graphics were used without permission in the Trojan.

This is believed to be the first arrest in Japan of a virus writer.

Harada is believed to be related to the Pirlames Trojan horse (http://www.sophos.com/pressoffice/news/articles/2007/02/pirlames.html)

PS: Virus writers and distributors are punishable in India with fines and imprisonment terms under the Information Technology Act.

Hosted by Asian School of Cyber Laws, CyberAttack 2008 is aimed at knowledge sharing amongst cyber crime investigators and computer emergency response professionals.

The conference will focus on:

1. latest trends in cyber crimes
2. best practices for cyber crime investigation
3. best practices for cyber forensics.

Original papers are invited from professionals. Authors of short listed Papers will have the option to present the paper in person or in absentia. All short listed Papers will be published in the conference proceedings.

Further information can be obtained from:

www.cyberattack.in

Asian School of Cyber Laws is the pioneer in education and research in cyber law and cyber crime investigation in India. We have assisted the Government of India in framing rules and regulations under the Information Technology Act. We work closely with Governments and law enforcement agencies around the world in the fields of cyber crime investigation and cyber forensics.

Books are available in the following categories:
1. Forensics
2. Linux Security
3. Unix Security
4. Windows Security
5. Wireless Security
6. Firewalls

Additionally you can also subscribe to relevant magazines and buy security related software and electronics.

Husband spying on wife among secrets revealed by ‘unshredder’ chewing through East German secret-police files

January 20, 2008

Brett Popplewell
 
Nineteen years ago, as the Berlin Wall crumbled and democracy swept through communist East Germany, STASI agents – members of the secret police – worked feverishly to destroy millions of top-secret documents in an effort to keep them from Western eyes.

Attempting to shred some 45 million items as quickly as possible, the agents fed page after page into shredding machines. The equipment quickly jammed, leaving the agents to tear up the materials by hand and throw them into garbage bags meant to be incinerated.

But with East Germany quickly falling into the hands of the west, the agents were stopped before they could burn the shreds. Some 600 million pieces in 16,000 bags became the property of the current German government. They have remained, for the most part, in that state.

Then, in May 2007, the German government revealed the world’s most sophisticated pattern-recognition machine, the $8.5 million dollar (U.S.) E-Puzzler, which can digitally put back together even the most finely shredded papers.

Developed in Berlin by the Fraunhofer Institute of Production Facilities and Construction Technology, the E-puzzler is a computerized conveyor belt that runs shards of shredded and torn paper through a digital scanner.

Scanning up to 10,000 shreds at once, the machine links them together by their colour, typeface, outline, shape and texture – not unlike how the average human might try to piece together a puzzle. The machine then displays a digital image of the original document on a computer screen.

“The task to automatically reconstruct 16,250 bags full of torn documents using a technical system . . . presents an enormous technological challenge,” says Bertram Nickolay, the lead inventor of the machine.

During the Cold War, East Germany’s Ministry for State Security – STASI – was regarded as one of the most formidable secret police forces of its day. Using a vast network of civilian informants, the STASI kept files on up to 6 million of East Germany’s 16 million citizens through an estimated 400,000 informants from all walks of life.

For decades, neighbours spied on neighbours, priests spied on their flocks, husbands spied on their wives and even children spied on their parents. They reported their discoveries to the 90,000 STASI agents keeping tabs on the population.

Prior to the creation of the E-puzzler, a team of 15 Germans had laboriously been putting the pieces together by hand. But they managed to rebuild only 10,000 documents from 300 bags during 12 years. The German government estimated it would take a further 600 to 800 years to finish the job.

But having uncovered heartbreaking stories of espionage – like that of Vera Lengsfeld, a 54-year old German politician who was shocked to learn she had been spied on by her husband for 11 years – the German public demanded the files be put together more quickly. An estimated 3.4 million Germans have officially requested to see the information the STASI gathered on them.

With the E-puzzler, Nickolay says the government will be able to un-shred the remaining documents by 2013.

Nickolay acknowledges his machine’s importance in helping millions of Germans to piece together their former lives. But says his machine is even more significant to the rest of the world.

In addition to piecing together shreds of paper, the machine has been used by Chinese archaeologists to reconstruct smashed Terracotta warriors found in the tomb of Emperor Qin. And the equipment has deciphered barely-legible lists of Nazi concentration camp victims.

There is only one E-puzzler in operation, but Nickolay’s team has received interest from other former Eastern Bloc countries looking for a way to get at their own state secrets of the past.

“It’s no longer safe to shred a document,” Nickolay says. “The only safe way to destroy something is by burning it.”

I recently came across some nice and easy to implement Ajax codes.

Swazz Javascript Calender
http://calendar.swazz.org/

Nice looking popup window to display a webpage / website
http://orangoo.com/labs/GreyBox/

Star rating bar allowing users to rate a webpage etc
http://www.masugadesign.com/the-lab/scripts/unobtrusive-ajax-star-rating-bar/

FrogJS Javascript Image Gallery
http://www.puidokas.com/portfolio/frogjs/

Enables draging of content on a webpage using an AJAX script
http://www.dhtmlgoodies.com/index.html?showDownload=true&whichScript=dragable-content

AJAX code for sorting tables automatically or manually by moving rows
http://friedcellcollective.net/js/SortedTable/index.html

Table row striping, column sorting, column resizing and cell editing
http://www.millstream.com.au/upload/code/tablekit/

Simple Ajax Chat Room
http://www.linuxuser.at/index.php?title=Most_Simple_Ajax_Chat_Ever

Ajax navigation system
http://javascript.internet.com/ajax/ajax-navigation.html

Username availability checker
http://javascriptsource.com/ajax/check-username-signup.html

As a humble beginning, here is the first page that summarizes the “moral of the story” of the game called life:

The English version

You are a prisoner of your yesterday, you cannot escape it
You are a slave to your tomorrow, you will always fear it
But today, my friend, is yours, enjoy it

- Rohas Nagpal aka Poorman

The *nix version:
(No flames for errors, this code is not supposed to run..its just for fun

finger you
yesterday
tomorrow
today

nslookup yesterday
prisoner .bash_history
logout
ERROR: Cannot escape

nslookup tomorrow
slave
ls tomorrow
fear
fear1
fear2

nslookup today
en.jo.y

- Rohas Nagpal aka Poorman

Windows (in its myriad variations) is a great set of operating systems (except maybe Windows Millennium Edition). Its ease of use and massive popularity also makes it the most (successfully) attacked.

Linux (with its wide range of flavors) is a great open source choice - saves you money and gives you a great and secure product. But after years of working with different operating systems, I have come to one conclusion – BSD rocks!!

BSD (Berkeley Software Distribution) is the name of distributions of source code from the University of California, Berkeley, which were originally extensions to AT&T’s Research UNIX operating system.

BSD comes in many flavors, notably -

FreeBSD – currently the most popular version, it is easy to use and very high on performance. (btw Yahoo runs on FreeBSD)

NetBSD is considered a particularly good choice for running on old non-Intel hardware. Its main aim is maximum portability. It runs on almost everything – from palmtops to large servers.

OpenBSD is the popular choice for aims for banks, stock exchanges and Government departments. Its core guiding principle is code purity – derived from a brilliant combination of open source and rigorous code reviews.

As of 27th September 2007 – yes!

A malicious hacker can misuse Cross-site request forgery (CSRF) to redirect a copy of all your incoming emails to his account! CSRF is also referred to as “one click attack” or “session riding”.

[Before you read any further please understand gmail filters by logging into your gmail account and going to Settings – Filters.]

CSRF is a malicious attack that transmits unauthorized commands to a website from a trusted user. Lets take a simple example to understand this:

1. Pooja is checking her email on a very safe computer (totally patched, fire-walled, with the latest updated antivirus etc etc) using a very safe browser.
2. Because she is logged in to gmail, the gmail authentication cookie is present on her machine.
3. She receives an email from Priyanka containing a really funny joke. The email contains a link to a site which promises her lots more funny stuff. She clicks on the link and is very happy with the site that opens up.
4. What she does not realize is that this joke site has forged a POST request to the gmail “Create Filter” wizard. This creates a filter that forwards a copy of all emails coming into Pooja’s account to Priyanka!
5. Gmail accepts the request to create the filter because the genuine gmail account holder (Pooja) is authenticated and logged in at the moment and her session cookie is passed along with the forged request.
6. This new gmail filter will keep stealing Pooja’s emails till she manually checks her filters and realizes that there is an unauthorized one.

I carried out a small experiment wherein I requested for a filter to forward all emails to a particular account. On analyzing the data trasnfer between my browser and gmail (using Tamper Data extension for Firefox) I found that the relevant GET parameter is cf2_email.

See the following for more information on this -

Many thanks to Giorgio Maone for his post on this issue. As Georgio says - this exploit is “Very clever and very dangerous.”