Shostack + Friends Blog Archive


More on Bridge Blogging

Recently, I discussed bridge bloggers, folks who make an effort to make their posts comprehensible to those outside their country. In that post I mentioned a few information security bridge bloggers; folks who try to make our profession understandable to those outside.

Something that I wanted to mention, if only it had fit into an already long post, is the reactions to bridge builders. The process of building a bridge involves making choices. With enough scotch, I could spend hours on the social and economic aspects of the jargon around ‘trusted computing.’ But if I were to write a bridge post, I’d likely limit myself to saying something like “A trusted computer is one that you really hope works.” That definition ignores all sorts of subtleties, which are very, very important to those of us who deal with such systems. If you’re in information security, you’re probably thinking about adding a comment telling me that there’s a better short definition. (Go for it!)

This problem is probably endemic with bridge blogging. If an issue is at all complex, there just isn’t room to discuss it in depth. The choices a blogger makes in discussing it are likely to upset those who are in the know. That’s ok, it gets you comments and trackbacks.

One comment on "More on Bridge Blogging"

  • Two quotes come to mind:
    “A little inaccuracy sometimes saves tons of explanation” – Saki
    “Trust is earned, not given” – Worf
    I’d try “A ‘trusted’ computer is one that you *have* to trust”.
    Oversimplifying security for a nonspecialist while allowing only a little inaccuracy is *hard* work.

Comments are closed.