lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040903181723.GA3757@hyper>
From: gadgeteer at elegantinnovations.org (gadgeteer@...gantinnovations.org)
Subject: Re: Security & Obscurity: physical-world analogies

On Fri, Sep 03, 2004 at 08:06:49AM -0500, Frank Knobbe (frank@...bbe.us) wrote:
> On Fri, 2004-09-03 at 03:04, gadgeteer@...gantinnovations.org wrote:
> > > Feel free to play through the same scenario with a wall where "dead"
> > > people-packets get purposefully deployed in front of the wall until the
> > > last people-packet can climb the packet mountain and pass over the wall.
> >  
> > Unfortunately, this tactic has been used in warfare.  It has been referred
> > to as the "human wave" attack. :-(
> 
> But it as a bunch of different people packets. In cyber space it is the
> copy of one. In the real world you might exhaust your people-packet
> resources, in cyber space you don't.  :)
> 
> No we're leading discussion down  a wrong path again due to a flawed
> analogy :)

When I put on my 'purist' hat I agree with your extreme position
regarding analogies.  Even without the hat I agree when the subject
matter becomes advanced and specific.

OTOH, if a person were to take this purist position and walk into a
CEO's office and tell him that he is not smart enough to understand and
should therefore give free rein.  That person is going to walk back out
the door looking for a new gig because they will not be working there.

It has been my experience to 1) never talk down to the audience and 2)
stay away from analogies with loads of baggage because it leads them to
falsely think that they have gained deep insight.

An example from physics would be Einstein's clock tower thought
experiment.  A familar setting (without heavy emotional baggage) but the
whole experiment takes place orthogonally to that setting (on a train).
Then there is the cat in a box and raisins in oatmeal and we are still
talking about the same realm.  We have an entire century as example
where phyicists worked with the invisible through analogy.

In the end, the claim analogies can not be used is to admit a poverty of
creativity.  "We can not explain this to you because we are not bright
enough to think of a good set of analogies."  Ouch.
-- 
Chief Gadgeteer
Elegant Innovations

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ