Warfare all over

[johnemiller at gmail.com (johnemiller at gmail.com)]

I'm going to chime in to be a voice of dissent (kinda). Please take my  
comments with a grain of salt. I have never served in the armed forces, nor  
have I ever been in a war zone. My father was a Vietnam vet, but beside  
that, I don't have any (close) family in the military. I don't have a  
personal connection to the concept of 'warfare' that some of you are  
expressing. I don't think anyone is attempting to be offensive or  
insensitive to the realities of war, but it is a concept detached from most  
people's experiences. To them it is just a word.

The information security culture is made up of a number of different  
sub-groups. Certainly a large number of professionals have a military or  
law enforcement background. There is another group, which I'ma part of,  
that got into the industry because we grew up thinking hacking was cool and  
were part of the Internet subculture that embraced the legal aspects of the  
skill. The culture that grew out of that environment is generally less  
concerned with how other people might feel about terminology and actually  
go for shock value. This is a profession where we bomb and crash and flood,  
where you do things that you aren't 'supposed to do', where you know arcane  
commands and can understand the Matrix-like text that screams by on the  
screen. The fact that what we do appears so much like voodoo to the outside  
world is a selling point to the profession. Its like modern day alchemy.  
Using words like 'warfare' and 'war games' evokes an emotional response  
that makes hacking - an activity that most people would find incredibly  
boring and tedious - seem cooler.

But its the nature of language to apply these types of analogies. It is  
especially the nature of publications to use these 'sexy' analogies for the  
purpose of attracting an audience. In military context, much of the work  
that private sector security professionals perform might be considered  
warfare. I'm sure this is a term that has been and will continue to be used  
by government and military officials when communicating internally and with  
the press. Much like the word 'hacker' has come to mean malicious  
agents, 'Information Warfare' (and its various modifications) have become  
ingrained in our lexicon. Worrying about the semantics used by others isn't  
going to accomplish much.

I can understand where you guys are coming from in feeling that the whole  
warfare analogy doesn't really hold up, but for public consumption, the  
analogy is sufficiently fitting. Both take place in some 'distant' place,  
the tactics and terminology used are both unfamiliar, good guys vs bad  
guys, things blowing up and people dying. The fact that those last two  
don't usually apply to 'information warfare' doesn't really factor into it  
since most people don't realize that fact. The majority of the world  
probably believe that your average high school aged kiddie can set of  
nuclear weapons or cause your computer to literally blow up and kill you.  
To these people, warfare is exactly what they see going on.

Using other terminology in your own writings, encouraging others to do the  
same, and even expressing your opinions on the matter as in this thread,  
are all good things. However, I don't think you'll get much traction by  
directly addressing the issue. If you really want to shift the language  
away from the warfare analogies, you'll have to come up with something  
consistent to replace it with. Use this replacement in many well written,  
widely read papers and articles, and maybe the language will follow. It  
will be hard to beat out the power and automatic emotional connection  
to 'war' references though.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090102/4c0165d4/attachment.htm