I was lucky enough to be invited to the first Interdisciplinary Workshop on Security and Human Behavior at MIT this week. Organized by Alessandro Acquisti, Ross Anderson, George Lowenstein, and Bruce Schneier, the workshop brought together an aggressively diverse group of 42 researchers from perspectives across computing, psychology, economics, sociology, philosophy and even photography and skepticism. As someone long interested in security on the human scale [pdf], it was exciting to meet so many like minded people from outside my own field. And judging from the comments on Ross' and Bruce's blogs, there's a lot more interest in this subject than from just the attendees.
There wasn't a single climactic insight or big result from the workshop; the participants mainly gave overviews of their fields or talked about their previously published work. The point was to get people with similar interests but widely different backgrounds talking (and hopefully collaborating) with one another, and it succeeded amazingly well at that. I overheard someone (accurately) comment that many of the kinds of conversations that usually take place in the hallway or the bar at most conferences were taking place in the sessions here.
This was a small and informal event, with no published proceedings or other tangible record, but I made quick-and-dirty sound recordings of most of the sessions, which I'll put up here as I process them.
I apologize for the uneven sound quality (the Frank Gehry sculpture in which the workshop was held was clearly not designed with acoustics in mind, and the speakers weren't always standing near my recorder's microphone on the podium). Audience comments in particular may be inaudible. Keep in mind that these are all big 90 minute MP3 files, about 40MB each, so they are definitely not for the bandwidth-deprived. For concise summaries of the sessions, see Ross Anderson's excellent live-blogged notes here.
Update 7/1/08 8pm: I'm heading back home from the conference now, with all the sound from yesterday already online below. I should have today's files (except the last session) up by late tonight or early tomorrow.
Update 7/1/08 11pm: I've uploaded the rest of the conference audio (except for the final session), all of which is linked from the agenda below. Unfortunately, I had to leave just before the last session (Session 8), so there's no audio for that one; sorry.
Detecting deception; social and psychological aspects; deception in
sociotechnical systems; propaganda
Bruce Schneier (introduction), Paul Ekman (audio omitted), Jean Camp, Uri Simonsohn, Mike Roe, James Randi
Engineering, economics and psychology of online crime; crime prevention
Matt Blaze, Ron Clarke, Eric Johnson, Charles Perrow, Alma Whitten (audio omitted)
Why security products are hard to use; how psychology can inform design;
empowerment or learned helplessness
Jon Callas, Luke Church, Markus Jakobsson, Bashar Nuseibeh, Angela Sasse
What we need to learn about research technique from engineering, economics
Bill Burns, Ralph Chatham, Lorrie Faith Cranor, Mark Frank, Stuart Schechter
Social cognition; the Machiavellian brain; mortality salience; biases and
Dave Clark, David Livingstone Smith, Tyler Moore, Carey Morewedge, George Loewenstein (audio omitted)
Risk and the perception of risk; its role in politics and culture; the culture of fear;
how societies may be resilient or be damaged
Bruce Schneier, Frank Furedi, Richard John, John Mueller, Paul Shambroom
The privacy paradox; explanations from behavioural economics; coevolution of attitudes,
technology and regulation
Alessandro Acquisti, Andrew Adams, Peter Neumann, Andrew Odlyzko, Frank Stajano
Or, at the very least, what are the interesting research questions on
which we can hope to make progress?
Ross Anderson, Ed Felten, Nick Humphrey, Hal Varian, Richard Zeckhauser