Social domain examples: Beginner’s Guide to Social Domain Theory – Clare Conry-Murray, Ph.D.
Beginner’s Guide to Social Domain Theory – Clare Conry-Murray, Ph.D.
Morality has to do with how people should interact with each other. Moral development research aims to understand how people develop from infancy into adulthood in the way they think about and interact with others. Since morality involves issues of right and wrong, it is proscriptive or prohibitive–that is, morality is about the ways we should or should not act. But not all issues of right and wrong are moral. For example, a mistake in long division may be wrong but it is not usually seen as immoral. So we also add that moral development research examines issues of right and wrong in social settings, where actions affect other people.
What is morality to most people?
Social domain theory uses a definition of morality that comes from philosophy, but we also find that most people use the same definition. The basis of morality is in trying not to harm other people. Harm includes many facets–including issues of welfare, justice and rights. Social Domain Theory research finds that people consider things to be moral that have to do with avoiding harm to people (welfare), being fair (justice), and respecting each other’s rights (rights). The core of morality is avoiding harm, but that also means trying not to treat people unfairly and respecting their rights (Turiel, 1983).
A basic respect for other people means that, most of the time, we all try not to hurt each other. We can safely walk down the street without anyone purposefully trying to crash their car into us, even if it would get them where they’re going faster. This is because people also usually do not like to cause others pain. People are also generally willing to be helpful (especially when it is not difficult). For example, when a man at a subway station in London fell into the gap between the platform and the train, people didn’t expect the conductor to just let his leg get ripped off. Instead they all worked together to push the train a few inches away from the platform so he could get out.
Not causing serious harm to others as they go about their day may seem like a very small thing to ask of others. We start to understand morality by looking at the obvious cases where there is a lot of agreement, like “don’t run people over” because it is actually notable that people generally try not to harm others.
In addition, people usually only see actions as moral if they are intentional. Harming someone accidentally (and without negligence) is not usually seen as immoral.
Are there social rules about right and wrong that are not moral?
Yes. Not all social rules relate to the concepts of rights, justice and welfare. Some social rules like “don’t use swear words” or “only girls wear dresses” were not made to avoid hurting people or out of a concern with fairness or rights. These examples are not even rules in some places. For example, not only girls wear dresses– think of a Catholic priest who wears a long gown called vestments during mass or a man graduating from college who wears a cap and gown.
The rule about “dresses” doesn’t apply to those situations, but it does apply to other situations. Rules like these that vary depending on the setting are called conventions. Sometimes they have a purpose (e.g. to make boys and girls look distinct) and sometimes they’re just something we do out of habit or convenience (e.g. eat pasta with a fork but pizza with your hands). Sometimes the purpose of a conventional rule is important (e.g. we all drive on the right in the United States so there’s not chaos), but conventions can be changed. For example, some countries drive on the right and some on the left. Either way is fine as long as everybody follows the rule.
If you don’t follow conventional rules, there can still be consequences, but they depend on the situation. People might look at you funny if you dress unconventionally or you could even get in trouble and be punished for using swear words in some settings. My son who liked to watch Minecraft videos when he was young learned the phrase “what the f*ck,” without knowing that the f-word is a bad word.
When he said it on the playground at school, he got in trouble, even though behind his back, all the adults thought it was pretty funny. The adults weren’t worried about him hurting anyone by talking that way, but they still made sure he didn’t use that phrase again because it’s against the rules. So there are consequences to conventional rule violations, but they depend on the setting– they are not intrinsic to the action they way harm is. For example, I’m guessing my son (who is now 15) uses the f-word around his friends sometimes, and I’m pretty sure there are no negative consequences from his friends for that language. When there are consequences to conventional rule violations, they change with the context (conventions at school differ from conventions with friends).
Are moral rules and conventional rules different?
Yes. The consequences are different for moral and conventional rule violations. All of the consequences to conventional violations are constructed by people, and so the people can change the consequences.
The teacher who told my son not to swear enforced the rule about no swearing at school, but some families may let their kids swear. The rules about when men can wear a dress already do differ in different situations.
But if you run over someone with your car on purpose, most people would say it was wrong regardless of the law in that place. In fact most people would say even if the law allowed it, it would still be wrong to run someone over for no good reason. That’s because the consequence to that person is so harmful. And that harm occurs every time someone is run over. We call that kind of consequence intrinsic to the act. It happens every time. It is part of the definition of the action. Moral violations all have intrinsic consequences related to harm or unfairness or a violation of basic human rights.
You can think of examples of other basic moral violations– pushing someone off a swing, paying one person for their work but not paying another person for the same work.
These are intrinsically harmful or unfair.
In Social Domain Theory research, we used what we call Criterion Judgments to see if people distinguish moral from conventional issues in different realms.
What are Criterion Judgments?
Criterion judgments are based on criteria that are used to judge social rule violations. If people notice that moral but not conventional rules are based on intrinsic consequences, then they will think about moral rules differently. The criteria tell us where we expect to see differences between moral and conventional reasoning. If consequences are intrinsic to the act of harming others, then they would not depend on the situation or anything local about the situation. People judge moral violations differently than conventional rule violations in several ways, including:
- Justifications–People use different justifications when they explain their judgments about different types of rules: Moral justifications refer to welfare, justice or rights, while conventional justifications refer to tradition or authorities.
- Rule Contingency— People judge changes to rules differently depending on the domain: Moral rules always have consequences to welfare, justice or rights because the consequences are intrinsic and so changing the rules does not change the consequences. Therefore, moral rules tend to be judged wrong even when the rule is changed. Conventional rules depend on the context, and if the rule is changed, there may not be a consequence anymore, so conventional violations may not be wrong in the absence of a rule. We call this Rule Contingency.
- Example: Moral: If you ask kids whether they can hit others when the teacher says hitting is OK in their classroom, kids still say hitting is not OK. Evaluations of hitting do not depend on the rule.
Conventional: When you ask if they can wear PJs to school when the teacher says it is OK in their classroom, kids say wearing PJ is now OK. Evaluations of appropriate clothing do depend on the rule.
- Generalizability–People will judge rules differently depending on changes to the setting. Moral rules still have the same consequences no matter where the violation occurs. Therefore moral rules are considered generalizable. Conventional rules can have different consequences in different settings–they are not generalizable.
- Example: Moral: If you ask kids whether they can shove others in another country where everyone shoves people, kids still say shoving others is not OK. Evaluations of shaving do not depend on the context.
Conventional: When you ask if eating with your hands is OK in a country where that’s how they do it, kids say wearing eating with your hands is now OK. Evaluations of how to eat depend on the context.
What is similar about moral and conventional rules?
- Both moral and conventional rules affect social relationships and they tell people how to behave.
- People who break both moral and conventional rules can be punished.
- Both moral and conventional violations can both be more or less serious. Moral violations tend to be more serious but not always. For example, in some places, gender norms are strictly enforced and so would be seen as a serious violation.
What about things not covered by moral and conventional rules?
Issues that are not covered by either moral or conventional rules and are left to the person to decide for themselves are called Personal (Nucci, 2001). These are interesting because what is personal can differ in different cultures (Conry-Murray, Kim & Turiel, 2020), and even between teenagers and their parents. Parents tend to think issues like whether a 17 year old should get a tattoo is conventional, while the teenerager often thinks it should be a personal decision and they should be able to decide for themselves (Smetana & Rote, 2019).
Prudential issues have to do with harm to the self.
Why do people do immoral things if we all agree that harming others is unacceptable?
Social domain theory researchers have identified several ways that people come to different conclusions about social issues.
Multifaceted issues. Sometimes issues are complicated and include multiple different conflicting priorities–including different moral priorities that could be in conflict. For example, with gun control there are issues related to the rights of the gun owner, and perhaps the right to protect oneself, and the rights of those who could be hurt by the gun. People may see all of these as moral issues involving rights or welfare but some may prioritize the rights of the gun owner over the welfare of potential victims, while others could prioritize the reverse.
Other issues may include moral and conventional issues in conflict. For example, a parent may forbid a son from going to a sewing club (Perko, et al, 2020) because they are concerned about following gender norms (conventional), but the son may be thinking about his right to make his own choices (moral).
Moral issues are not automatically judged to be the priority.
In addition, some issues may be seen as conventional to some and personal to others– like the parent-teenager conflict over tattoos described above.
Informational assumptions. Informational assumptions are understandings about the way the world works that impacts the issue (Wainryb, 1991). Sometimes facts (or beliefs about what is true) help people weigh the importance of different issues. For example, using the issue of gun control from above, if you believe that gun deaths are very, very uncommon, it might affect whether you are concerned about potential victims compared to if you believe gun deaths are more frequent.
Informational assumptions also impact whether you believe harm is involved at all. For example, if a parent spanks a child to teach them not to run into the street, and it effectively teaches the child an important lesson, most people would say the spanking was acceptable.
But if spanking doesn’t work to teach the child a lesson, then it is just abuse, and it is usually judged to be not OK if that informational assumption is believed to be true.
Second order effects. Sometimes culture-specific rituals have meaning that can affect others. It can be a sign of disrespect to wear jeans and a t-shirt to a wedding, and that disrespect can cause people psychological harm. The harm is not intrinsic in the same way that being punched in the gut is, but it is still causing harm. The harm comes about because of the meaning of the convention.
Do researchers studying morality judge others’ virtue?
Social domain theory (and most morality researchers) do not suggest that one view of a controversial issue is better or worse than another. Instead we try to describe how people think about issues and behave in moral or social situations. We try to find patterns in people’s thinking and behavior that will help us describe common types of moral thinking and behavior, and perhaps even predict future thinking and behavior.
But we do not tell people what the most moral thing to do is.
Like this:
Like Loading…
Social Determinants of Health – Healthy People 2030
What are social determinants of health?
Social determinants of health (SDOH) are the conditions in the environments where people are born, live, learn, work, play, worship, and age that affect a wide range of health, functioning, and quality-of-life outcomes and risks.
SDOH can be grouped into 5 domains:
Image
Download SDOH graphic
(141.23 KB)
Healthy People 2030, U.S. Department of Health and Human Services, Office of Disease Prevention and Health Promotion. Retrieved [date graphic was accessed], from https://health.gov/healthypeople/objectives-and-data/social-determinants-health
Social determinants of health (SDOH) have a major impact on people’s health, well-being, and quality of life. Examples of SDOH include:
- Safe housing, transportation, and neighborhoods
- Racism, discrimination, and violence
- Education, job opportunities, and income
- Access to nutritious foods and physical activity opportunities
- Polluted air and water
- Language and literacy skills
SDOH also contribute to wide health disparities and inequities.
For example, people who don’t have access to grocery stores with healthy foods are less likely to have good nutrition. That raises their risk of health conditions like heart disease, diabetes, and obesity — and even lowers life expectancy relative to people who do have access to healthy foods.
Just promoting healthy choices won’t eliminate these and other health disparities. Instead, public health organizations and their partners in sectors like education, transportation, and housing need to take action to improve the conditions in people’s environments.
That’s why Healthy People 2030 has an increased and overarching focus on SDOH.
How Does Healthy People 2030 Address SDOH?
One of Healthy People 2030’s 5 overarching goals is specifically related to SDOH: “Create social, physical, and economic environments that promote attaining the full potential for health and well-being for all.
”
In line with this goal, Healthy People 2030 features many objectives related to SDOH. These objectives highlight the importance of “upstream” factors — usually unrelated to health care delivery — in improving health and reducing health disparities.
More than a dozen workgroups made up of subject matter experts with different backgrounds and areas of expertise developed these objectives. One of these groups, the Social Determinants of Health Workgroup, focuses solely on SDOH.
Explore Research Related to SDOH
Social determinants of health affect nearly everyone in one way or another. Our literature summaries provide a snapshot of the latest research related to specific SDOH.
Read SDOH literature summaries
View SDOH Infographics
Each SDOH infographic represents a single example from each of the 5 domains of the social determinants of health. You can download them, print them, and share them with your networks.
Check out SDOH infographics
What is a domain and what is it for? — CoderSafe on vc.
ru
{“id”:14037,”url”:”\/distributions\/14037\/click?bit=1&hash=e73919d2526710bb48f05ca0a6e26102d9a005ee0b705e61bd11217c8752f9e 3″,”title”:”\u041a\u0430\u043a \u043d \u0430\u0439\u0442\u0438 \u0432 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u 043e\u0431\u043a\u0435 \u043e \u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432″,”buttonText”:” \u041a\u0430\ u043a?”,”imageUuid”:”698300f5-cc98-5c96-b202-001ac48075bf”}
2493
views
A domain is a unique symbolic address of a site under which it is registered and hosted on the Internet.
The domain is required to store and display the site in the public domain for third-party users. To do this, you need to place the site through a hosting provider that connects server resources and further ensures the smooth operation of the pages and data protection within the site.
Domain name displays the name in a visual format.
The fact is that each site already has its own name – in the form of an IP address (for example, 196.167.24.187). They are replaced for ease of use.
Domains are located in millions of databases united in a distributed system of domain names – DNS.
Domain levels
Levels are based on dot separation between titles. For example, let’s take the site rating from Rambler – https://top100.rambler.ru/. The hierarchy is respected as follows:
- .ru – 1st level domain
- rambler.ru – 2nd level domain
- top100.rambler.ru – 3rd level domain
First of all, the territorial location or regionality is indicated. The values ”.com”, “biz.” can also be used. or “org” for commercial organizations that have a head office in one of the countries, but provide services in other countries, as well as for thematic sites (“shop” or “company”).
For Russian sites, the ability to create a Cyrillic domain “.
rf” is available. It can be converted into a standard name using the Punycode converter. The site will look like, for example, xn-456y6y75t5my7, it complies with the DNS standard and can be decrypted, but the user will be able to enter the domain in Russian.
The second level indicates the name itself, with which the site will be associated. This is mainly the brand of the company, but there are cases when the type of activity is indicated in the domain.
The third level indicates additional sections or subsites. In most cases, these are subdomains. They may indicate:
- territorial affiliation on a smaller scale (for example, “msk.”, “spb.” or “kazan.”)
- additional section of services within one site, for example, “okna.dveri.ru”.
- thematic pages related to third-party sections or events, for example, “2022.festival.ru”.
You can check information for each domain (for any site) using the Whois service.
This tool will allow you to find out the history of creation and technical information about a domain name.
Domain name regulators
The main regulatory body is the international non-profit organization for the assignment of domain names – ICANN (Internet Corporation for Assigned Names and Numbers).
In Russia, all domains are regulated by ICANN’s Domain Coordination Center. From it comes the expansion of powers to third-party organizations. In particular, Domain Name Registrar Reg.Ru LLC has the right to register names in different domain zones.
Domain Requirements
When buying a domain, the site owner usually offers his site name, which must be verified by the hosting provider. Sites allow you to find out if a particular domain is owned by other people. The name must meet the following conditions:
- Length – from 2 to 63 characters.
- The beginning and end of the address – only through a letter or number.
- Only Latin letters (or Cyrillic for the “.rf” zone), numbers and dashes (between other characters only) must be used.
For the “.rf” domain, the requirements are identical, but with an addition – the 63-character limit applies not to the name in Cyrillic, but to the translation in Punycode. This encoding converts character sequences in different languages, including those specific to individual countries.
Registration procedure
Registering a domain for a website is easy. It is enough to understand the requirements and pricing policy of the hosting provider. This will allow you to choose the right solution. Domain registration is not so much a purchase as it is a lease of space with a subsequent renewal. Before registering, study the offers for new users when ordering for the first time or when transferring a site from an old provider.
For example, consider the most popular aggregator in Russia – REG.
RU. The procedure is divided into 2 stages – the selection and registration of a name.
- Register or log in to the system
- In the search bar, write the desired domain and click the “Select” button
- In the results of the check, you will receive an answer whether the domain is available or not. If the name is already taken by other users, the system will prompt you to select other options from the recommendations.
- After choosing, go to the order, if possible, enter the promo code, pay for the domain.
- To register a domain name for yourself, you will need to confirm your passport details. Further, additional information is entered – information on registration through an individual or legal entity, TIN and KPP, name of the organization. To contact the owner, you must add a phone number, postal and email address.
- After the procedure, you can select a tariff plan and additional services provided by the provider.
In order for the site to be seen by other users, it is necessary to purchase access to a remote server – hosting to store a large amount of information. You can choose virtual hosting to host several small sites or a virtual dedicated server for a large web resource.
Lookalike domains and protection against them
Our colleagues have already talked in sufficient detail about how cybercriminals attack companies through compromised email addresses of employees, as well as how to protect against such attacks using SPF, DKIM and DMARC technologies. But despite the obvious advantages of the described solutions, there is a method that can bypass them, and we want to talk about it.
But let’s start from afar: how relevant is email today? After all, this year we saw a sharp rise in the popularity of video conferencing software, and in the few years before that, the same growth in the popularity of instant messengers, in particular WhatsApp and Telegram.
However, email is still the main means of communication on the Internet, at least in a business environment. Indirect confirmation of this is the increase in the number and quality of attacks aimed at compromising corporate mail (Business E-mail Compromise, BEC). According to the American Cybercrime Complaint Center (IC3), the financial damage from these incidents has increased sevenfold over the past five years.
Financial damage from BEC attacks, 2015–2019 (download)
The data for 2020 has not yet been processed, but given the COVID-19 pandemic and the mass transfer of employees to remote work, it can be safely assumed that the number of BEC attacks has only grown. The same is true of early studies of the threat landscape.
The use of similar domains in BEC
One of the features of BEC attacks is the emphasis not on the technical component (in the case of mail, the capabilities of cybercriminals are rather limited), but on social engineering.
As a rule, technical and social methods are combined for greater efficiency.
The lion’s share of combinations of SPF, DKIM and DMARC technologies cope more or less effectively. But there is an exception – an attack using similar domains (lookalike domain). The essence of the method is simple: a cybercriminal registers a domain that looks very similar to the domain of the attacked company or its counterparty. Letters sent from it pass domain authentication without any problems (they deceive SPF), are provided with a cryptographic signature (they skip DKIM), and in general do not arouse suspicion from security systems. One problem: these are phishing emails. And if they are written plausibly enough, according to the corporate template, with an emphasis on the urgency of the issue, etc., then the victim will most likely not notice the catch.
Here are some examples of fake domain names:
| Original domain | Fake domain |
netflix. com |
netffix.com |
| kaspersky.com | kapersky.com |
| uralairlines.ru | uralairilnes.ru |
As you can see, the fake differs from the original in just one letter, which is added (or removed) in such a way that the substitution could not be detected at a cursory glance.
To get a general idea of the use of lookalike domains, we collected statistics on campaigns using lookalike fakes for the third quarter of 2020. After analyzing the data, we came to the conclusion that the pandemic has significantly changed the vector of thinking of attackers. If the financial sector was the main target before it, now the service sector has come to the fore, which includes various e-commerce services: grocery delivery, online shopping, buying air tickets, etc. In the third quarter, domains in this sector accounted for 34, 7% of the total number of campaigns.
Distribution of detected lookalike domains by category, Q3 2020 (download)
then in the third quarter – already 22.
2%. This is quite expected, since the massive transition to online should have affected the overall situation.
A little bit about the lookalike approach
Unlike spam mailings, mass and long-term, attacks using lookalike domains, like any BEC attack, are designed for a specific victim (or range of victims). Consequently, emails are few and well thought out, and domains have a very short lifespan. We see that half of the fake domains are used once, and in 73% of cases the address is active within one day.
This leads to the fact that classic anti-spam solutions based on the signature approach (they saw an attack – made a rule) do not cope, and there is a need for proactive protection methods. There are two common and at the same time simple methods that are often chosen by companies concerned with protection against lookalike attacks and the like.
The first one is self-registration of domains with typos and subsequent setting of a redirect to the official domain.
This reduces the chances of cybercriminals to register a plausible forgery, but, firstly, it does not completely eliminate the threat, and secondly, it does not prevent the domains of partners, contractors and other organizations with which the company is in correspondence from being forged.
The second is the compilation of lists of plausible fake names for both the company domain and partner and counterparty domains. They are loaded into an anti-spam solution in order to preventively block all correspondence coming from fakes. The main disadvantage of this method is still the same: the inability to provide for all options for fake domains, especially if the company works with many organizations. Plus, the human factor: one typo in the list for tens and hundreds of domain names will lead to a security breach, and in the worst case, to blocking letters from a legitimate domain instead of a fake one and an additional headache for business units.
In general, when our customers were no longer satisfied with standard solutions, they came to us for complex, but more effective solutions.
In this regard, we have developed a method that does not require user intervention. In short, it automatically compiles a global list of legitimate addresses that, in theory, can be faked, and on its basis analyzes and blocks emails from lookalike domains. In fact, it works ahead of the curve.
Principle of operation
The method of protection against lookalike attacks consists of three main elements: calculations on the client, domain reputation checks in KSN (Kaspersky Secutiy Network) and calculations on the infrastructure. These stages, in turn, are divided into subtasks – the general principle is shown in the diagram:
In practice, everything looks like this. When a letter is received, the sender’s domain gets into KSN, where it is compared with the list of lookalike domains already known to us. If the address is found, the letter is instantly blocked (steps 1 to 3). If nothing is known about the sender’s domain, then the message is quarantined for a short period (step 4).
During this time, the technology checks the address according to a given algorithm, and if it is found to be fake, it adds it to the list of lookalike domains in KSN. After the message is released from quarantine, it is re-scanned (step 9) and is blocked because by this time the list of lookalike domains has already been updated.
Let’s consider how the sender check works and how the list of lookalike domains is replenished. Information about sending mail to quarantine enters the KSN database along with additional metadata, including the sender’s domain (step 5). At the first stage of analysis, domains are checked for a wide range of characteristics, such as WHOIS data, DNS records, certificates, etc. This stage is necessary in order to immediately weed out clearly legitimate hosts that are still unknown to our system. In the future, messages from such domains will not be re-quarantined, since information about them will already be contained in KSN.
At the second stage, the system checks the similarity of suspicious hosts and addresses from our global list of legitimate domains (step 7), which includes the domains of our clients and their counterparties.