Why I never tell people how I voted
Canada just had a federal election, and I got asked in passing who I voted for. As always, I gave my standard answer for this question, namely that I don't ever talk about how I voted. This is the answer I give to everyone who asks, even my kith and kin; I'll never admit to voting for anyone, no matter what.
It doesn't matter that my likely votes are probably often easy to guess (especially for my kith and kin), and it's not quite as simple as me feeling that on principle you should not interrogate people directly about this question (although asked bluntly it does make me twitch). Instead it is in large part about keeping and concealing secrets by denying people information.
Imagine that I normally told people who or what I voted for in votes, and that someday I had a vote that I wanted to conceal or not admit to for some reason. I'd have a problem; if I said 'I'm not going to tell you' that time, it'd be immediately obvious that I was hiding something (and that I probably hadn't voted for the predictable choice). I'd have to try to lie (and lie convincingly), perhaps to people who knew me.
By issuing a blanket 'no comment' about my votes (with no coy hints or anything) even when I don't deeply care, I buy myself cover for a day when I really do want to conceal my vote. That day I can give exactly the same answer I have all the times before, in exactly the same way, and there (hopefully) won't be any signs that anything is going on.
None of this is new or novel. It's always been the case that if you think you might someday have something to conceal that you should shut up about all aspects of it now; if you answer questions or give people information today and then stop, it is much more damaging than never giving information. As we all know, a sudden switch to 'no comment' might as well be an admission to the wise.
This is of course applicable to sysadmins, because we are partly keepers of secrets and sometimes, what we deal with is only sometimes secret. Or maybe it's not secret now and we don't realize that someday in the future it might be, so we share it openly now and then oops. We may not have leaked the secret when we clam up, but we've certainly admitted that there's a secret.
I don't think that this means sysadmins should never share or expose information. Instead, we should consider whether the information we're sharing and exposing and casually admitting to people now when they ask might, sometime in the future, become sensitive (and how possible or likely that is). If we can easily imagine scenarios where it becomes sensitive, well, maybe we should clam up up front and get used to saying 'I'm sorry, I can't tell you that, it's potentially sensitive information' even if it's perfectly harmless right now.
(I'm honestly not sure how likely this is to come up, though. I have the feeling that a lot of what we deal with is obviously potentially sensitive, as opposed to currently harmless but later dangerous. On the other hand, I may just be mistaking the latter sort of stuff for things that are entirely harmless.)
Comments on this page:Written on 20 October 2015.