Social Engineering Blogs

An Aggregator for Blogs About Social Engineering and Related Fields

Identifying Emotion in Emails

mail-566337_640“OMG I just LOVE pizza.” Is this statement sarcastic? Is it heartfelt? As our everyday communication is increasingly text-driven, inferring emotion from messages is an important skill. If the receiver of the message is a friend, they should be able to understand the sender’s emotion better than a complete stranger. But a recent study by researchers at Chatham University found that friends are no better at interpreting correct emotional intent in e-mails than complete strangers.

Monica A. Riordan and Lauren A. Trichtinger (Chatham University) published their findings in the journal Human Communication Research. The researchers conducted three studies to find out the effect of contextual information on the confidence and accuracy of affective communication via e-mail.

In the first two studies, writers wrote two e-mails, indicating the presence or absence of eight different emotions in each e-mail. One e-mail was based on a predetermined scenario, and the other freely written. These e-mails were then read by strangers, who rated each e-mail for those same eight emotions.

The third study tweaked the procedure to test the effect of relationship. Writers wrote two e-mails (one based on a scenario, the other freely written) and indicated whether eight different emotions were present in each e-mail they wrote. Writers then sent these two e-mails to both friends and strangers, each of whom rated the e-mail for the same eight emotions, then wrote response e-mails.

The researchers found that writers are more confident their friends can correctly interpret their e-mails than strangers- and readers are more confident in interpreting e-mails from friends than strangers, as well. In fact, everyone was highly confident in their e-mail writing and reading abilities. However, this confidence had no relationship with actual accuracy, suggesting people are poor judges of their affect-detection skills. They also found that verbal and nonverbal cues, like emoticons, all caps, or repeated exclamation points did not have a positive effect on accuracy.

Past research has sought to determine how we communicate our emotions in environments from which facial expressions, vocal intonation, body language, and other cues are missing. But many of the studies have flaws in that they are based on artificial stimuli that third parties are asked to rate. It is difficult to determine whether nonverbal or verbal cues are substitutes for emotion without examining the communication as a whole.

“As e-mail, text messaging, and other forms of computer-mediated communication become more dominant forms of interaction, the communication of affect becomes more difficult, primarily because facial expressions, gestures, vocal intonation, and other forms of expressing emotion are lost,” said Riordan. “It is clear from this study that readers can determine that we are angry, but cannot determine HOW angry. The loss of this subtlety could lead to consequences in many forms– especially in our relationships, where the difference between annoyance and rage can be vast, and a simple misinterpretation of an intended emotion can lead to a drastic alteration in that emotion.”

NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors

The NSA does not always disclose the zero day vulnerabilities it finds to unprotected vendors. Some security flaws are kept secret “when they can be used to serve a clear national security or law enforcement need” (Wired).

The US National Security Agency (NSA) was hacked by a suspected Russian hacker group and many of their exploits and hacking tools were archived. Leaked information was made public that showed the NSA collects exploits and does not always disclose them to vulnerable vendors. When vulnerabilities are not disclosed, problems do not get fixed. The NSA appears to operate “on the premise that secrets will never get out. That no one will ever discover the same bug. That no one will ever use the same bug. That there will never be a leak” (Business Insider).

Unfortunately, as we are currently witnessing with this recent leak, other types of hackers are able to find the same bugs and those hackers could have more malicious intent than the NSA. When hackers obtain a trove of U.S. secrets, that could put the government and corporations worldwide in a susceptible position. For example, the leaked data includes information on breaching popular commercial firewalls. Emergency service providers, governments, financial systems and many businesses all rely on these firewall technologies.

Global networking company, Cisco Systems, confirmed last week that the NSA exploited an undetected severe vulnerability that allows remote attackers “who have already gained a foothold in a targeted network to gain full control over a firewall” (Ars Technica). The NSA knew about this vulnerability since 2013 and did nothing to stop it. Now that the data is leaked, Cisco fears that the information “could be used to breach its Adaptive Security Appliance (ASA) software used in its firewalls. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system”. It can be argued that these exploits would have been patched had the NSA disclosed the vulnerabilities instead of collecting them for their own use.

(Watch – Snowden discusses NSA hack, Cisco to cut 5,500 jobs, NASA preps an asteroid rocket):

The post NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors appeared first on Social Hax.

In Texting, Punctuation Conveys Different Emotions. Period.

By Christina Passariello for the WSJ

texting-girlsTechnology is changing language, period

The use of a period in text messages conveys insincerity, annoyance and abruptness, according to a new study from the State University of New York Binghamton. Omitting better communicates the conversational tone of a text message, the study says.

As with any study by university researchers, though, it’s not that simple. The study found that some punctuation expresses sincerity. An exclamation point is viewed as the most sincere. (I overuse exclamation points!)

“It’s not simply that including punctuation implies a lack of sincerity,” said the study’s lead author, Celia Klin, an associate professor of psychology at Binghamton. “There’s something specific about the use of the period.”

The study asked 126 undergrads to evaluate conversations that appeared as text messages and handwritten notes (who uses those anymore?). The exchange started with an invitation, such as, “Dave gave me his extra tickets. Wanna come?” The students were asked to react to one-word responses – “Okay, Sure, Yeah, Yup” – with or without a period.

Grammar is evolving as we use new communication tools. Ms. Klin said she suspects periods in email to be more acceptable than in text messages, for example, because email is less conversational. Text messages are often short one-word replies, she said.

“The rapid exchange of text messaging gives it a speech-like quality,” said Ms. Klin. “It makes sense that texters rely on what they have available to them — emoticons, deliberate misspellings that mimic speech sounds and, according to our data, punctuation.”

Ms. Klin’s study, “Texting insincerely: the role of the period in text messaging,” appeared in the journal Computers in Human Behavior last month.