Social Engineering And Menus | Hackaday

Spread the love

If you follow cybersecurity hacker methods — or just watch Mr. Robot — you probably know that the best way to get someone’s password is to ask for it. Sure, you probably can’t just say “Hi, I’m a bad guy. Can I have your password?” But there are all sorts of tricks you can use like pretending to be in the person’s IT department, someone in management, or by making up a crisis to overcome their better judgement with a sense . But of course, as wise computer people, we are immune to such things, right? We also don’t need those kinds of tricks in our arsenal.

Is that true? It is amazing how many subtle things influence what we think are rational decisions, no matter who we are. Consider going to eat in a restaurant. Simple, right? You look at the menu, pick what you want, and order. No one is influencing you. But they are. According to a BBC article, there’s a whole industry of menu “engineering” that figures out how to get you to order pricey food.

You might not think social engineering for menus is a great skill for us. But maybe your new open source project needs collaborators. Maybe your startup company needs investors. Maybe you’d like someone to look at your resume. Maybe the same tricks that work with diners will work in those cases, too.

Not Just Menus

It isn’t just menus. Grocery stores have a whole science about where to put things like milk to make sure you get a chance to buy other things. They also know what locations sell things. Casinos are wise, too. Slots that are highly visible often pay out more than ones tucked in a corner. Unless they are visible from the high-profit table games where they might annoy high rollers.

The TV show Brain Games did an experiment about “the decoy effect.” They offered moviegoers a choice of a small popcorn for $3 or a large popcorn for $7. They sold virtually no large popcorns and — when asked — customers complained about the cost of a large. Later, they offered similar customers three choices. The small and large were still the same, but they included a $6.50 medium size. Everyone wanted the medium size but then would realize that they could get the large size for only 50¢ more and did that. The way the menu options were presented moved the results from small to large and consumers were none the wiser.

Back to Your Regularly Scheduled Menu

As the popcorn experiment shows, our sensibility around pricing on menus is inexplicable. Dishes that use longer words on a menu tend to cost more and diners don’t mind.  Restaurants will also place the most expensive items up top so when you get to the lower-priced items, they seem more reasonable.

So what entices diners? Simple things like typefaces and color apparently can make big changes. Italics convey quality and — paradoxically — ornate script may be hard to read but may make things seem to taste better. Apparently, wine labelled with a hard-to-read script font got higher marks than the same wine in a more legible bottle.

Studies show that people associate round typefaces with sweet foods and angular ones with salty food. Doesn’t make sense, but it is apparently true.


Obviously, fries don’t sell as well as “thick crispy fries.” Penn and Teller’s show, Bullshit! did an episode on this where diners were served horrible food in an upscale restaurant and loved it because the waiter sold everything. Store-brand whipped topping was a hand-whipped mousse, for example. Most people ate the cheap corner market fare as though it were a five-star meal.

Menu experts claim that descriptive language can increase sales by 27%. Stanford found that “sweet sizzling green beans” were ordered 23% more often than “green beans.” That stands to reason, but it is strange that even though you know it is hyperbole, it still affects you.

Consider this text from the description of a McDonald’s Quarter Pounder:

…hot, deliciously juicy and cooked when you order. It’s seasoned with just a pinch of salt and pepper, sizzled on a flat iron grill, then topped with slivered onions, tangy pickles and two slices of melty American cheese on a sesame seed bun.

A flat iron grill? Do other places have non-tangy pickles or cheese that doesn’t melt on a hot burger? Is the McDonald’s chef back there pinching a little seasoning into your burger? But it still works. You are probably ordering one on your phone right now.

Pictures and videos are a mixed bag. Sometimes diners associate food pictures with low quality. Also, there’s the fear that the food you see in the picture — which is often not really food as you’ll see in the video below, since food is hard to photograph well — will look better than the food that arrives at your table. If you’ve eaten at a fast-food joint, you know that isn’t at all unlikely.


So What?

You may think this kind of social engineering is only for the shopkeeper or the restaurateur. But how many times do you pick a tool like, say, Chrome over a comparable tool like Firefox? If you want people to use your work, maybe some social engineering is in order.

We’ve all seen great projects and companies falter while lesser ones flourish. Without naming names, operating systems, Linux distributions, editors, programming languages, and video formats have all seen this effect. So when you write your next great IoT library, maybe it shouldn’t be “functions that let you control devices using network requests.” Maybe it should be “a robust and secure library that makes it easy to take control of devices from anywhere in the world simplifying and enhancing your high tech lifestyle.” Sure, it sounds ridiculous, but it’s proven to work.

Source link

One thought on “Social Engineering And Menus | Hackaday

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: