Heartbleed explained with metaphors

April 13, 2014

Heartbleed. To most of us, it’s that mysterious annoyance that has caused us to change passwords for many of our on-line accounts. But can Heartbleed be explained in a way it’s not seen as a fatal hole in the “magic” of the Internet?

While many sites have explained Heartbleed’s literal failures through code and even comic, I felt an explanation with some everyday analogies and metaphors was still lacking…. until I stumbled across Eric Limer’s article on Heartbleed over at Gizmodo. Not only has Eric saved me the time of crafting an explanation, he’s done an admirable job of making the magic of computer code and internet communication simple through his real-world examples.

First, Eric explains how Heartbleed derives it’s name — from “heartbeat,” a standard operation that two computers must use to make sure they’re talking to each other in sync. Since a personal computer and an Web server are disconnected until they have a reason to talk to each other (over the Internet), they must have some way to check to make sure they both stay connected to each other during their conversation. Like calling your bank via telephone, you don’t want to have your phone call disconnected until your business transaction is finished. This “heartbeat” operation is a way to ensure nothing has gone wrong at either end during the computers’ conversation. Eric uses a clever reference to old audio cassette tapes to illustrate this:

It’s like making sure that both spindles in a cassette tape are moving when you’re playing it. If one spindle stops and the other keeps going, something will break.

Heartbleed was named as such because the recently uncovered flaw is in this “heartbeat” operation, or more specifically, the coded instructions for the “heartbeat” procedure that the Web server follows. As I’ve explained in my book, computers don’t have common sense. They follow only the instructions provided (in the form of code), literally. Like a robot/zombie chef, they follow the recipe exactly as written. So the problem of Heartbleed is actually one of an oversight in the written recipe for the “heartbeat” function. And while a human might be able to recognize this type of sloppy instruction in a recipe and compensate, computers cannot.

So what’s the problem? Read the rest of this entry »

Analogies/Metaphors of Technology

July 14, 2011

At a friend’s suggestion, I’ve started reading Mike Kuniavsky’s book, Smart Things: Ubiquitous Computing User Experience Design. Though focused more on design of future computing, Kuniavsky dedicates an entire chapter to metaphors in computing. The brief chapter provides some great history behind the use of metaphor in computing and also divides metaphors into helpful classifications. What I found most interesting in the chapter was the observation of how metaphors and analogies have impacted the user experience, for better or worse. Yet, what I found most encouraging was that Kuniavsky opens the chapter with a nod to the same reason I based The Ultimate PC Primer on analogies and metaphors — that they’re a helpful way to bridge the known with the unknown.

Metaphors are widely employed in technology and learning, but how does one select the most effective analogy or metaphor? Here are a few tips to keep in mind when using analogies to explain technology: Read the rest of this entry »