• Choose a category
• All
• Classic-Fiction

By Root 8434 0

the situation even sweeter one of the people in the small group was from the company I was going to be meeting with. I quickly injected myself into the conversation and knew that if I didn’t say something quick I would lose face. My knowledge was limited but they didn’t need to know that. When a small pause arose I began to talk about the Guanxi theory. Guanxi is basically how two people who may not have the same social status can become connected, and then one is pressed upon to perform a favor for the other. I talked about how this connection can be used, and then concluded by tying it in with how important it is as an American to not simply take a business card and stick it in my back pocket but to review it, comment on it, then place it somewhere respectful.

This conversation was enough to set me up as someone who had some knowledge and deserved to stay in the circle of trust there. Now that I had established my knowledge base I sat back and listened to each person express his or her experience and personal knowledge on how to negotiate properly with large Chinese companies. I paid very close and particular attention when the gentlemen who worked for my target company spoke. As he talked I could tell the “tips” he was giving were closely linked to the business philosophies of his company. This knowledge was more valuable than anything I could have paid for and it led to a very successful trip.

There are a couple more scenarios I feel are often used in elicitations.

Using the Effects of Alcohol

Nothing loosens lips more than the juice. This is an unfortunate but true fact. Mix any one of the preceding five scenarios with alcohol and you can magnify its effects by 10.

Probably the best way to describe this scenario is with a true story.

In 1980 a senior scientist from Los Alamos National Laboratory traveled to a research institute in the People’s Republic of China (PRC) to talk about his specialty, nuclear fusion. He had extensive knowledge of U.S. nuclear weapons information but knew the situation he was entering was dangerous and he needed to be determined to stick to his topic.

Yet he was constantly barraged with increasingly detailed inquiries directly related to nuclear weapons. The attackers’ tactics would change and they would ask many benign questions about fusion and astrophysics, his specialty.

Once they even threw a cocktail party in his honor. They gathered around and applauded his knowledge and research—each time with a toast and a drink. They began to inquire about classified matters such as the ignition conditions of deuterium and tritium, the two components in the then-new neutron bomb. He did well at fending off the constant questions, but after many toasts and a party in his honor, he decided to give an analogy. He mused to the group that if you rolled those two components into a ball and then rolled them off the table they would most likely ignite because they had such low temperature threshold levels.

This seemingly useless story and information most likely caused the researchers in China to discern a clear path of research on nuclear weapons. They would take this information to yet another scientist and now armed with a little more knowledge, use that knowledge to get to the next stage with him or her. After many attempts, it is very likely the Chinese scientist would possess a clear picture of what path to take.

This is a serious example of how using elicitation can lead to gaining a clear picture of the whole answer. In social engineering it may be the same for you. All the answers might not come from one source. You may elicit some information from one person about their whereabouts on a particular date, and then use that information to elicit more information from the next stage, and so on and so forth. Putting those nuggets of information together is often the hard part of perfecting elicitation skills. That is discussed next.

Using Intelligent Questions

As a social engineer you must realize that the goal with elicitation is not to walk up and say, “What is the password to your servers?