Hackers and malware designers are people who understand computer systems and their vulnerabilities. IT Security professionals are also just people who understand computer systems and their vulnerabilities.
Very few people comprehensively understand computer systems. Certainly less than even a fraction of the numbers in the above groups.
A lot of ‘hacking’ and ‘security’, even at the lowest levels of abstraction, are folks operating at several layers above the bare metal.
Thus the actual dynamics that are observed occur in less secure system with actors of only partial understanding on both sides.
Yeah, I know they don’t understand them comprehensively. Is this the point though? I mean they understand them at a level of abstraction necessary to do what they need, and the claim is they have basically the same kind of knowledge of computers. Hmm, I guess that isn’t really communicated by my phrasing though, so maybe I should edit that
Very few people comprehensively understand computer systems. Certainly less than even a fraction of the numbers in the above groups.
A lot of ‘hacking’ and ‘security’, even at the lowest levels of abstraction, are folks operating at several layers above the bare metal.
Thus the actual dynamics that are observed occur in less secure system with actors of only partial understanding on both sides.
Yeah, I know they don’t understand them comprehensively. Is this the point though? I mean they understand them at a level of abstraction necessary to do what they need, and the claim is they have basically the same kind of knowledge of computers. Hmm, I guess that isn’t really communicated by my phrasing though, so maybe I should edit that