A few nights ago, Elon Musk cleaned house at Twitter bybanishing several journalistsfor vague, hand-wavy reasons relating to thecurrent location of his jet.像听起来很荒谬,但随着those bans came a new restriction: Twitter will no longer let users post links to an increasing number of Mastodon servers and flags them as "potentially harmful."
It's Elon's party, and he can artificially suppress criticism and competition if he wants to, but using the systems and language intended to protect people fromscamsand malware is a betrayal of trust and will make it harder to warn people about real threats.
Training the Populace
An oft-cited (and quite cynical) quip in the security world is that the biggest vulnerability in any computer system is between the keyboard and the chair. When functioning correctly, a computer will behave predictably, but even at our best, people are susceptible to fear, panic, and our wonderfully irrational range of emotions. That's why security experts have spent years training people to be more aware of digital threats.
This happens at work, in tedious but useful annual training. It happens in youth outreach programs, instilling security literacy in new generations that are more online than ever. And it happens by reading stories written by journalists like me. I have spent much of my career explaining concepts and encouraging readers to use important tools to protect themselves, likepassword managersandmulti-factor authentication.
To be honest, I've felt like that collective work is paying off. Speaking anecdotally, it seems people today understand far better howonline scamswork, and even if they don't use a password manager, they understand why they should.
A key part of training a populace to be more security-conscious is encouraging people to read warning messages and take them seriously. If yourantivirus softwaresays there's a problem or your browser says a site might be harmful, you should listen to them.
Elon Cries Wolf
Leading up to this week, I had heard rumors that Twitter was blocking Mastodon links, but it was doing so inconsistently. I assumed that it was an issue with @-screennames being in the URL. Surely, a major company wouldn'tpretenda link was malicious. That would be ethically dubious and certainly confusing for people.
And this is the problem with what Elon and Twitter are doing. By saying that numerous, completely benignMastodon serversare harmful, they make it more difficult to tell when there's an actual threat. It's a betrayal of the very simple idea that you should only tell people something is dangerous when it'sactuallydangerous.
I propose a very simple solution: Be honest. Make it clear that there's only one person to whom these Mastodon servers are harmful, and that's Elon Musk.
Like What You're Reading?
Sign up forSecurityWatchnewsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to ourTerms of UseandPrivacy Policy.You may unsubscribe from the newsletters at any time.
那nks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters