The Danger of Safety Assistance Tools

During a speaker dinner the other week, a lot of topics were swirling around and a few caught my ear. One of these topics dovetailed nicely with a mistake I recently made. More on that later.

The discussion was on the effect on safety that all the new safety-based tech is having on driving. Some features are a net positive, like airbags and seat belts. Of course, they, too, have a slight negative. Before seat belts, most drivers were much more cautious and less likely to drive super fast (there are always counter-examples!)

While it is true that safety technologies like the Tesla Auto Pilot and Self Driving features (not to mention simpler versions like the simple lane-keeping system that is part of the broader Co-Pilot system from Ford that I have on my vehicle) saves us when we get distracted. However, such features may also facilitate such distractions as habits where you often take your eyes off the main job when there is a steering wheel in front of you. Overall, though, looking at the data from the insurance companies (the ones that failures in traffic safety costs the most money before they pass it on to you and me, of course), it seems that this isn't the case.

No, this is not a driving advice blog

Note I said" overall." Overall can mean something is very helpful in 90% of the cases and 10% unhelpful. This is where my mistake comes into the story. It has nothing to do with driving safety, but rather email safety. 90% or more of the phishing attempts that come in are caught by the email filters (and well over 98% of the stuff caught by those filters are evil attempts to get me to click on it and start a chain reaction that brings down my organization or life.)

But the ones that slip through are the worrisome ones, especially when the spammer does an adequate job of being evil. A few days ago, I got such a message. I opened it, I scanned it, I checked the links, and wasn't sure. In my checks, did I click on the link?

Of course not. In fact, I rarely, if ever, use email links to go to a site I work with, much less ones I need clarification on unless I just requested a link. I can't believe you even thought such things. But the lack of it being caught by the safety system made me think it was possibly, perhaps even probably real.

So I forwarded it to someone and asked. And that right there was my mistake—forwarding possibly evil content to another person to see what they do. Now I forwarded it to someone who would also know better, but what should I have done? Either ask the person I needed to without forwarding the (I wasn't sure if we used a particular service) or send my question to the group that handles this sort of thing and let them deal with it. (Again, not forwarding the email itself!)

The moral of the story

The moral of the story? Don’t let safety checks lull you into a false sense of security. Security software, like driving assistance tools, are assistants, not absolutely right all the time. In fact, all non-strict security, like email scanning, is just like the automobile tech that helps nudge you back on course, with a little assistance.

All it takes is to open, click, and download without using all your brains, and then real trouble may occur. This is true whether you are using your company email system, computer, or phone, where you probably also have access to company resources.

What is the saddest part of this blog is that it must really work well, because phishing has been going on almost as long as Phish has.

Louis Davidson (@drsql)

Join the debate, and respond to the editorial on the forums

Business applications are rarely self-contained, often depending on multiple interconnected databases, each playing a vital role in the functioning of the system. How can we create, refresh, and maintain test data for these complex database systems, and still support dedicated databases and test-driven development processes? This article explains how database instance provisioning helps meet this challenge, and how teams can use the database provisioning, or cloning, component of Redgate Test Data Manager, to create and manage test data for larger and more complex database systems.

PASS Data Community Summit 2024 is taking place in Seattle from November 4-8. With over 150 sessions and over 140 different speakers, this year's event promises something for everyone, with a broad variety of topics covered by a range of data industry experts. If you're looking to connect, share and learn with the data community this year, make sure you register for PASS Summit before the next price bump and save $200 on a 3-day ticket. Beat the price bump by registering for your ticket before July 15, 23:59 PM PT.

If AI tools do eventually help automate workers’ tasks and shave time off the stretch from assignment to deliverable, managers have a choice: They can assign more work or...

I’ve talked about it before; you shouldn’t have a backup strategy, you should have a recovery strategy. I can’t possibly care if my backups succeed if I’m not bothering to test that they can be restored. And if they can’t be restored then, both technically and practically, I don’t have backups.

On my last article - What happens when we drop a c...

We'll go through the steps to set up an Extended Events session, run a sample stored procedure, and then query the captured data. First appeared on Capturing Stored Procedure...

What: SQL Saturday Baton RougeWhere: Baton Rouge, LouisianaWhen: Friday, July 26th for the pre-con and Saturday, July 27th for the main eventAdmission to SQL Saturday itself is free. Register on Eventbrite.The...

The Measure-Object cmdlet counts objects. But it c...

Colour is a powerful visual tool that can enhance ...

Have you ever agonized over how much detail you should include in a chart, a slide, or a presentation? This was a constant struggle for me in my own...

Throughout this series, I’ve discussed various ways to work with the documents in a MongoDB collection. If you’ve been following along, you should now have a good sense of...

Erin Stellato reaches out: Hey SQL Tools fans!  We’re halfway through 2024 and due to a confluence of events we have a release of SQL…

In this article, I would like to go deep into the dark corners of Microsoft Fabric, since there are some gray areas, some amazing features, and some traps. In my daily role as a Microsoft Fabric administrator for the past 6 months (not counting the years of PowerBI development and administration experience before that) I find myself sitting right on the ridge where three lands meet: the very popular Microsoft PR fluff about how great and mighty Fabric is, the outcries and the struggles of the business users trying to deliver and consume data insights, and the comments of a guild of tech-savvy data engineers who for the most part refuse to bite into this Fabric apple.

Recently, I wrote a blog about the new branch-out ...

Microsoft Copilot is an app that uses AI to help you find information, create content, and get things done faster (see What Is Copilot? Microsoft’s AI Assistant Explained).  Copilot is... The...

Microsoft Build was full of new features announcements and the fact it was so close to the Fabric May Updates only helped to overwhelm us with new features to...

At Microsoft Build in 2023 the world first heard about a new offering from Microsoft called Microsoft Fabric. Reactions to the announcement ranged from “meh” to “what is this?”...

Parameter Sniffing, Predicate Selectivity, And Index Key Column Order In SQL Server Thanks for watching! Going Further If this is the kind of SQL Server stuff you love learning...

What’s The Point of 1 = (SELECT 1) In SQL Server Queries? Thanks for watching! Going Further If this is the kind of SQL Server stuff you love learning...

Understanding the relationship between data points...

In the data-driven world of today, maintaining the...

Learn about various options to migrate an entire S...

Andrea Gnemmi covers a pair of data types to manag...

Following on from my earlier post on the Query Mem...

Create a slick way to adjust your Power BI visual ...

In my previous post, I covered how large language models, such as ChatGPT, can be used to convert natural queries to SQL. Let’s now see how Text2DAX fairs. But...

Reading Time: 2 minutes For this months T-SQL Tue...

For T-SQL Tuesday this month, Louis Davidson sugge...

I almost missed this month, so this is also a good...

This month’s T-SQL Tuesday is hosted by a dear f...

The T-SQL Tuesday invite for July 2024 comes from ...

July 2024’s T-SQL Tuesday is hosted by Dr. SQL h...

In this article, we look at how to create document...

This last week, we worked on a service request whe...

Steve Stedman gets rid of leading zeroes: When wor...

The minimalist text editor has remained largely un...

“This is Old Code” is a programmer’s idiom meaning “There Be Dragons”.  The term “Legacy Code” is a nice way to say “Don’t make me go there” Those are...

This is easily the most underrated GPT-4o feature.

Hey SQL Tools fans!  We’re halfway through 2024...

I’m reading Announcing SSMS 20.2 … and getting...

Welcome to part 2 of our Docker Logging Guide series. In this article, we will cover Docker logging in detail. We will explore advanced concepts and Docker logging best practices to help you optimize your logging strategy.