You are currently browsing the daily archive for December 12, 2009.

A good hacker leaves no trace of his activities.
A good speaker has no gaps in his preparation.
A good coder is not dependent on his analysis tools.

Good security is inverse to points of entry,
and resists compromise even in the presence of holes.
Good design is inverse to complexity,
and resists compromise even in the presence of fools.

Therefore, the Consultant
is good at helping his clients,
and does not abandon them.
As for their code,
he retains what is salvageable,
and avoids duplicating effort.
This is called Basic Professionalism.

Thus, the able man
will teach the competent,
and take the incompetent in hand.
Those who fail to teach, fail to learn,
or fail to use their resources effectively,
no matter how brilliant, are on the wrong track.
This is called Basic Effectiveness.


chapter notes:

I apologize for using “hacker” in its popular, pejorative sense as a breaker of computer security, and not in the sense of the Hacker’s Dictionary: a computer expert who enjoys programming (and related explorations) for its own sake. I’m afraid the old MIT term has been fighting a losing battle for a while now, though. Also, the popular term fits the original text really well.

I should also note that the lines about security and design were originally more similar to the first lines. I have rephrased them, to somewhat awkward effect, in order to recognize good computer security (and good engineering design) as relative, not absolute.

Note that literal accuracy is not a requirement here; it’s just that claiming absolute security, or foolproof design, is an exercise in hubris: someone will break your unbreakable security, and the world will provide a greater fool than you ever anticipated.

December 2009

Post Categories