Dailydave mailing list archives
Re: visualizing security techniques
From: Marsh Ray <marsh () extendedsubset com>
Date: Mon, 06 Dec 2010 12:35:44 -0600
On 11/04/2010 07:20 PM, travis+ml-dailydave () subspacefield org wrote:
So for those of you who make presentations for non-experts, I was wondering if you had any ideas on how to create compelling graphics/video/animations for security presentations.
There are a lot of good "security fail" pictures floating around the net. Sometimes these illustrate perfectly even some relatively deep principles and everyone in the audience can relate to them.
Now, I don't need fancy graphics to explain something to this list - I can just say DEP or ALSR or ROP and we're all on the same page. But for teaching the concept in the first place... sometimes some animation is worth a thousand words.
Yep.
I almost finished an electrical engineering degree before switching to CS, and I found myself inventing a method for visualizing linear circuits. Electricity was water, a capacitor was a bladder,
The books I read just had a wide pool or a literal tank.
resistors were narrowing of the pipes, and an inductor was... well, no direct analogy,
That's a hard one. A paddlewheel with an inertial flywheel?
but I had a visualization for the magnetic field building up and collapsing. Turns out I wasn't the only one who did this, but I was upset I had to invent it independently.
When I was little, the cell phone store "Radio Shack" used to sell discrete components. They had an booklet series on electronics which explored this analogy pretty thoroughly with cartoons.
Other things that really could benefit from visualization are mixing in radio circuits and "beat frequencies" in audio.
Sometimes you just can't beat a primitive oscilloscope.
So, does anyone have good ideas on making presentations for teaching security concepts? Do you guys have personal ways for visualizing any security techniques or processes?
I've been experimenting with OpenGL lately. I saw a vendor discussing a product which gave a 3D depiction of the subject network. If/when WebGL exposes 3D to Javascript in a useful way, we might expect that format to become more commonplace.
I'm mostly interested in F/LOSS tools, which certainly limits the options available.
I haven't found anything you can't do yet with OSS apps, that really needs doing.
I use lyx with the Beamer template for presentations, which produces nice PDFs, but it can't do animations or embedded video clips.
It depends on your audience and it depends on your message, but IMHO those things are usually more of a distraction. But don't listen to me, I'm not exactly a master presenter. The few times I've tried to mix video into a presentation it didn't go smoothly. It's hard to get the sound level right. One time it cut off the critical last few seconds of the clip for no reason - this was a commercial product on a Mac. I currently have a mixed-media presentation in early stages. I'm thinking of just having the animation code run live the whole time and interacting with it as part of the talk rather than trying to switch apps and stuff in the middle of the talk. The challenge may be then to make it not feel like a software demo.
PS: If anyone here has network security inclinations, perhaps you can tell me how to best graphically explain this: http://www.subspacefield.org/security/dfd/
May I suggest a policy of not drawing a brick wall that's on fire? Perhaps you could start a trend. Your app reminds me of http://en.wikipedia.org/wiki/Maxwell%27s_demon which has a long tradition of visual depictions. You might look there for inspiration. Dave doesn't usually take a lot of follow-ups, but for anyone who's interested, we should continue the discussion with off-list CC. - Marsh _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- visualizing security techniques travis+ml-dailydave (Dec 06)
- Re: visualizing security techniques Marsh Ray (Dec 06)
- Re: visualizing security techniques L. Aaron Kaplan (Dec 06)