Security is entirely based on trust
If you feel like you can trust the bank with your money, that’s where you keep it. If you feel like you can trust a mega corporation (like Enron) then you’ll keep all of your trust (stocks) there. If you feel like you can trust your relatives, you may give them the key to your place. The point is, all of our decisions are based on trust.
If a Naked Man comes along and offers you his shirt, beware!
In other words, if someone promises something they can’t deliver, you can’t trust them. We see such promises every day. Many kids have their trust in parents and adults spoiled when promises aren’t kept.
Trust-Based Security
If I can’t trust you, I give you no access to anything important of mine
If I can trust you slightly, I give you access only in areas and only in ways I think I can trust you
If I can trust you greatly, you’ll have greater access
If I trust you completely, then you’ll have the most access
Levels of Trust are Not Carved in Stone
Trust is dynamic, as it should be. The mistake people make is failing to realize the dynamic nature of trust and the constant need to re-verify it from time to time. If someone was once trustworthy but something makes them change, then they may no longer be trusted regardless of other factors which come into play such as friendliness.
The master social engineer is the friendliest bloke in the world…all the while scheming whilst disguised as a bottle of Guinness
Those out to bamboozle others gain trust by their kindness, consideration and apparent dedication. Then once they have the access they need, they violate their trust for their gain and before they’re caught, they’ve escaped with what they were after.
Social Engineers are opportunists…
A social engineer is, in my words, “a master manipulator of trust-based social relationship techniques in order to quickly and effectively gain the maximum amount of trust in the minimum amount of time with the least bit of effort”.
If they can tailcoat or piggyback their way in, they will. They’re like rats…first looking for the easiest route…but don’t underestimate their persistence…if there isn’t an easy way in and the need is bad enough and/or the reward is great enough…they’ll chew through concrete to get what they’re after!
When Trust Becomes Untrustworthy
The person who had trust established but later becomes untrustworthy may have been after something all along or they may have eventually become convinced to go after it for whatever reasons, at some point (when guards are let down, or if something becomes appealing or if a sudden need arises or a discovery is made). Some are out to exploit such vulnerabilities and always look for such opportunities while others discover them or become discovered and used as pawns to get inside.
Precautions to take
Realize the dynamics of trust and re-verify trust from time to time
Don’t be surprised by facades that would otherwise fool you
Don’t let your guard down
Never give up the keys to the kingdom
Be ready for things and take action to stay secure! Remember… Trust but verify and…
Wisdom and Common Sense is only a click away!