Jeremy Pepper wrote a great post about “Truth and Blog Truth“, dealing with the rush to judgment that leads to publishing before proper examination. There is a great human desire to be first with information. Those who position themselves as brokers of information are more valued – and that’s human nature. It explains why the prophet, the Grand Vizier (or the Rasputin) has such a secure job… as long as their information is good.
So I ran a little test.
It involved a non-existent Firefox plugin, that ironically is designed to provide a level of security for people who don’t want to see Rick Astley pop up on their screen. Rick-rolling is silly, but I just as easily could have used antivirus scares or an anti-phishing tool. It wouldn’t have mattered much.
I disguised the Google Video link with a PHP link tracker. For the non-tech inclined, it is a link that re-directs to another destination, and triggers a counter.
Within minutes of posting my bogus plugin, social networking users had posted my link to both Digg and Reddit. I can’t speak for the motive… maybe they got snared and wanted to share the misery. Or maybe they wanted to earn the credibility of being “first” with this new exciting information.
It has made me pause, and think about the very plugins I have used on this site, and have installed for other people. I can’t code in PHP, but I’m fairly certain I can slog my way through the code and make sure I’m not passing malicious information on to a greedy plugin designer. Fortunately, the WordPress community is large enough and talented enough to sniff those sorts of things out in a hurry, but really… how many people using the software bother with the geek news?
Remember… 90% of phishing and internet scammery is not technical. It is human engineering. And in an internet culture where we have a rush to be first, we’re all ripe for the taking.