[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
"Scruffies" vs. "Neats"
PREFACE
I haven't written many essays lately...something about having several
hundred or more of them on this list over the past three and a half years
makes writing another one less urgent for me.
But I've been thinking a lot about the interesting discussion we are having
over the Java security issues and basic security model for running applets,
and note some similarities with similar approaches in AI (artificial
intelligence).
I think it important that people here not "firmly commit" to positions they
may have to change, as this leads to a "sticking coefficient" that retards
changes (note that I am not commenting on which positions may need to
change!).
No one language is the end-all and be-all of programming, nor is any one
approach the inevitable winner. But it certainly behooves us to think about
likely future (and current) computing platforms. (We've done this many
times, as with discussions a few years ago about which environments to put
effort into...we had advocates of Emacs, Eudora, Perl, TCL, Safe-TCL, the
clipboard of Mac and Windows systems, pure text only, and so on. In fact,
an extensive poll was taken--by Eric Hughes, I believe--in November 1992,
with the conclusion that at least a dozen major choices were popular, with
none having a share over 10%.)
So, it is a mistake to assume that I am making a "primate display" of
supporting Java. At this point, and with having seen many fads come and go,
my strong hunch is that "Web plus browsers plus applets plus Java" is
likely to become the main choice of many people. (I am hardly alone in this
judgment, natch. Any look at the trade press, the stock market, the shelves
of new books, etc., will confirm this. But just because something is
popular does not mean it is not in fact the likely future.)
And I am sure that even the critics of various aspects of this
model--including the studies of Java security--see this same scenario
unfolding. I view their criticisms as being necessary and helpful, though I
tend to dismiss the conclusions of some that the model is so deeply flawed
that it should be discarded completely and a new model and/or language
should be awaited....this just ain't gonna happen anytime soon. (The thrust
of this essay is not how and why new computing paradigms spread, so I won't
get into my views on this. Suffice it to say that historically the world
has gotten a major new model (paradigm) no more than twice a decade, and
usually only once per decade. Left as an exercise is what those have been.)
SCRUFFIES AND NEATS
On to "scruffies" and "neats."
The AI world had two main camps, according to a popular view. The
"scruffies" and the "neats."
The scruffies believed intelligent behavior in a program would likely only
come from gobs and gobs of code. They believed in cobbling together apps as
quickly as possibly, racing out into the new landscape of computing and
rigging something up to work. Loosely speaking, they favored hacking Lisp
until something worked...a checkers program (a la ur-hacker Greenblatt), a
vision system, a robot, etc. Scruffies like messy desks, because they like
to be blasted with lots of random inputs, lots of unrelated ideas and
concepts, and "inspiration."
More recently, the scruffies have embraced neural nets, emergent
computation, stochastic computing, genetic algorithms, and similar
buzzwords. The recent work on "subsumption architectures" (a la Brooks) and
agent architectures is consistent with viewpoint (though elements of logic
are of course involved).
(These are all gross overgeneralizations, caricatures, to clearly show what
the polar viewpoints are.)
The neats, on the other hand, believed that logic rules. Epitomized by
Newell and Simon, and by the early Winograd, they believed intelligent
behavior would come when the logical principles of thought could be found
and implemented in a programming language. Much of the work on theorem
proving and logic programming came out of this camp.
According to the caricature (and caricatures can be useful, even if
overstated), the neats have neat desks, work in neat languages, and favor
mathematical rigor.
(Of course, not all neats are neat. Some are scruffy, as Ted Kaczynski shows!)
SCRUFFIES AND NEATS IN SECURITY
The "security neat" believes in applying rigor to security. Machines and
languages should be "provably secure." (Better yet, machines should be
"provably correct," a la Viper, and operating systems and languages should
produce provably correct code.)
The "security scruffy" believes things are moving too quickly to insist his
machine must be Orange Book top-rated, or that his OS must be fully
secure....in fact, he doubts that such definitions have real meaning.
[Aside: This polar caricature overstates things, as I said earlier. For
example, even the "security scruffies" are not in favor of bad
cryptographic code, of seriously-flawed PGP implementations, or of Java
applets that can reach into user files and read or corrupt them. And even
the security neats use machines hooked up to networks rather than running
programs in some secure kernel on a machine locked in a secure room....]
The scruffies believe that it may ultimately produce more overall security
(not to mention producing interesting other results!) to race out into the
new terrain, to establish outposts and colonies....
Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."