, 2007-05-29
The following is a written version of a speech I gave at The Open Solutions Summit (AKA LinuxWorld NY) in New York City in February. It's long, but I think you will find it interesting. If you want to get to the website I announced, jump to the last section.
Expand all |
Post comment
Great article with nice applicable ideas (I already tried to educate this way personally). But I want to point out a defect in the idea of "security analogy". The human mind tends to work in a strange way such that these analogies can actually replace the target notions, having a life of their own independently from the notions they represent. For example one could carry on the biological analogy of Windows/Microsoft, firmly believing that software is a kind of living entity...
It is extremely important that with the analogy you explain both the limits of the analogy (this topic itself is deep, since for example analogic and digital worlds have deep differences: how would you explain copy/paste in the real world?) and give a solid reference to the concept you're talking about (and even from time to time, stress that people should not think of analogies as more than analogies). If not, analogies can actually become counter-productive and create more misunderstanding by giving people the false impression that they "know" (as Stephen Hawking said, "The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge.").
Analogies are great, but only if well mastered and as a step towards understanding. They work very well as introductions, but not as main courses.
But great job with your website, I wish you success!
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/445/34577#34577