A Polish teenager derailed a tram after building his own remote control to hack the control system. Best quote:

“Transport command and control systems are commonly designed by engineers with little exposure or knowledge about security using commodity electronics and a little native wit.”

This article on the affect heuristic was posted to the Security Metrics mailing list (highly recommended). I think it is important for people who are reporting on the potential risks of a system to understand this psychological phenomenon. It shouldn’t be dismissed as simply people are irrational and don’t understand statistics.

People believe that benefit and risk are intertwined. They think a highly beneficial thing is also a less risky thing even though you can have low risk and high risk things, both with great benefits. People also don’t know how to calculate risk in …