lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <343561e9040905044639ae0c60@mail.gmail.com>
From: abaker at gmail.com (ASB)
Subject: Re: Security & Obscurity: physical-world analogies

It depends on the goal of the analogies.

If you're using an analogy of a complex situation simply to allow the
listener/reader to understand what you're talking about -- strictly
for conversational purposes -- then there is no problem with
analogies.

This is akin to what I deal with at the dinner table when describing
the day's activities to the wife and kids.


OTOH, if the recipient of the analogy is expected to take some action,
or executate broad policy based on this analogy, then a great deal
more is at stake, and the inadequacies of analogies must be addressed
by more thorough information/understanding.


-ASB

On Fri, 3 Sep 2004 12:17:23 -0600, gadgeteer@...gantinnovations.org
<gadgeteer@...gantinnovations.org> wrote:
> On Fri, Sep 03, 2004 at 08:06:49AM -0500, Frank Knobbe (frank@...bbe.us) wrote:
> > On Fri, 2004-09-03 at 03:04, gadgeteer@...gantinnovations.org wrote:
> > > > Feel free to play through the same scenario with a wall where "dead"
> > > > people-packets get purposefully deployed in front of the wall until the
> > > > last people-packet can climb the packet mountain and pass over the wall.
> > >
> > > Unfortunately, this tactic has been used in warfare.  It has been referred
> > > to as the "human wave" attack. :-(
> > 
> > But it as a bunch of different people packets. In cyber space it is the
> > copy of one. In the real world you might exhaust your people-packet
> > resources, in cyber space you don't.  :)
> >
> > No we're leading discussion down  a wrong path again due to a flawed
> > analogy :)
> 
> When I put on my 'purist' hat I agree with your extreme position
> regarding analogies.  Even without the hat I agree when the subject
> matter becomes advanced and specific.
> 
> OTOH, if a person were to take this purist position and walk into a
> CEO's office and tell him that he is not smart enough to understand and
> should therefore give free rein.  That person is going to walk back out
> the door looking for a new gig because they will not be working there.
> 
> It has been my experience to 1) never talk down to the audience and 2)
> stay away from analogies with loads of baggage because it leads them to
> falsely think that they have gained deep insight.
> 
> An example from physics would be Einstein's clock tower thought
> experiment.  A familar setting (without heavy emotional baggage) but the
> whole experiment takes place orthogonally to that setting (on a train).
> Then there is the cat in a box and raisins in oatmeal and we are still
> talking about the same realm.  We have an entire century as example
> where phyicists worked with the invisible through analogy.
> 
> In the end, the claim analogies can not be used is to admit a poverty of
> creativity.  "We can not explain this to you because we are not bright
> enough to think of a good set of analogies."  Ouch.
> 
> 
> --
> Chief Gadgeteer
> Elegant Innovations


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ