A lot has been said about the info sec trolls over the past couple of years and somehow it seems that there is a lack of any serious means, aiming to tackle this issue. It’s not that this matter is exclusively related to the Information security industry, but let just be honest here – have you ever seen more aggressive and offensive creatures in the Web?! I seriously doubt it! For instance, you will never see, doctors speak about other doctors with such intense anger and hostility. Even if they disagree over something, the debate will always remain strictly professional and locked within that single community. However the fights in the information security sectors exceed the expertise frames and get pretty personal and ugly. Trolls often spend huge amount of time attacking someone’s personality, use offensive words or even unite with some others alike, trying to defame the target research or researchers. Their allegations are usually irrelevant to the topic and are just a good way for gaining a cheap popularity.
The problem with the trolls is not that they are being literally hateful all the time, but the significant lack of professionalism and personal integrity. Their sole goal is to be in a constant opposition with the rest of the community and to demonstrate instant disapproval in each given opportunity. Don’t get me wrong, there is nothing wrong about being skeptical in your analysis, but only if you can back up your words with enough reasons, logical thoughts and professional background. Constructive criticism has always been welcomed in any professional field and benefits the common good. However, when it is all coming from a person with questionable identity and experience, the harm that could be done, affects not just the targeted researchers, but the reputation of the security industry in general.
There are several reputation threats I would like to mention as a result of the trolls activities:
- Potential clients will lose interest in the Information Security sectors. As you know information in Internet is cached in minutes and sometimes valuable security research can be missed or be underestimated, because of the negative media echo and poor understanding of most of the stakeholder groups
- Mailing lists, like Full Disclosure, have become a perfect place for troll attacks, as they can easily provide unmoderated access to many amateurs and script kiddies. All of this leads to the loss of FD’s credibility and has made it ineffective source for many PROs.
- Serious security researchers can be easily made to estrange each other. They can be maliciously provoked by engaging in disrespectful and inessential conversations.
I’ve been constantly advising people how to deal with unfair criticism in the Web. When it comes to reaction the problem is kinda tricky, cause if you ignore the negative comments about yourself and your job, this would be bad move in your further reputation growth. However if you loose your temper and become personally involved in online communication with them, this could encourage the dialog to extra disruptive route. My personal recommendation is to choose your respond according to the specific circumstances and to avoid any public colliding with your enemies.
Hi, Trolling is an exercise in un”troll”able, unrestrained rage. Rage is the most difficult emotion to control on the Internet. Both for the carrier and the target.
I believe trolling to be one of the most dangerous threats to maintaining the integrity of Internet, since its inception.
Trolls are some of the smartest people online, but they are infected by toxic rage. Rage gives them a competitive edge in combat. Understanding how to manage angry people, is the best way of identifying their presence and of dealing with their many subversive ways.
Brand Killer Robots