ExtremeProgramming suggests that one choose a metaphor as a minimal architecture for software to be written. The raincoat metaphor is an example of a metaphor not chosen. We can contrast the implicit assumptions of the alternate metaphor with those of the prevailing metaphor. This is difficult work since the prevailing metaphor has already become our reality. The effort will be rewarded with a glimpse of an alternate reality and possibly some insight into the power of metaphor over software architecture and even our everyday thought. -- WardCunningham '''Prevailing Metaphor''' ''A packet filter is like a firewall.'' The wall is substantial, immobile, and placed at the edge of our property. We are protected by the wall even if we are unaware of its presence. The property administrator maintains the wall on behalf of all tenants and is unlikely to compromise it for an individual. '''Alternate Metaphor''' ''A packet filter is like a raincoat.'' Individuals choose what kind to have and when to wear them. Daily forecasts may induce one to have a raincoat handy even with no visible need. Children are continually reminded to wear their raincoats but often don't because they interfere with play. Even adult habits vary with some choosing wrinkle free clothes, waterproof wrist watches and protective document cases instead. The choice has more to do with convenience and fashion than any real fear of illness and death. ---- Hackers are more like fire than rain. Yes, in this reality they are. But isn't that because we've foolishly built and bought systems that make it so? And doesn't the firewall metaphor preserve this foolishness? ---- I like the firewall metaphor. Security is like a raincoat; a packet filter is like a firewall. A packet filter / firewall... * is a physical barrier that stands between your assets (property) and the "outside." * You must pass "through" the barrier to get from one area ("outside") to another ("inside"). * There are a number of holes or gates in the "wall" that allow some kind of controlled or monitored access. * A "hole" in the filter/wall may allow unrestricted access, but only to those of a certain "size" that approach along a certain "path." This would be filtering by port. * A "gate" may impose arbitrary security checks before allowing one in. This would be filtering or checking of packet contents. Yes, firewall software is well developed along the lines suggested by the metaphor. One might argue that the software has to work this way independently of the metaphor. I'm suggesting that an alternate metaphor early in the history of networking might have lead to a different reality where users were more active participants in security and networks were more open than they've turned out to be. ''Oh, so it's not that packet filters aren't "firewalls," it's that if things were "done differently" then Internet security '''could be''' more like raincoats than firewalls.'' ''Consider this alternative idea: Perhaps, if security had been '''stronger''' in early releases, then we wouldn't have to be as paranoid now. Many Internet protocols are based on a high level of trust: telnet and ftp transmit passwords in plain text, and "trust" relationships between hosts are based on everyone telling the truth about their IP address.'' ----- In buildings, a "firewall" constrains the spread of fire, so that it can be isolated and controlled (and eliminated). Firewalls typically constrain access, because for them to be effective you have to use fire resistant doors that close automatically on loss of power. Firewalls are often inconvenient to the users of the building, and are an additional expense. But in the event of a fire, you'll be glad you have them. ----- Even ''packet'' and ''filter'' are metaphors by your definition. How can we even talk about computers without using metaphor. ''We probably can't.'' I don't think that's really true. Every day I certainly experience thinking about computers in terms of computers (i.e. mathematics). The problem is that it's really hard to convey a complex mathematical system to even those adequately competent in the theory of computer science, let alone the lay programmer. Metaphors are just short cuts, just like in literature, to a greater idea. '''But not the idea itself.''' That's a common logical fallacy. (http://www.don-lindsay-archive.org/skeptic/arguments.html#extended_analogy) -- SunirShah ''I'm reminded of my study of modern physics where I was advised to work the equations but not think of what they mean. Physical science has experiment to keep it on course. Physical space is what it is while cyberspace is what ever we can imagine.'' What is an example of thinking about computers in terms of computers? Refactoring within the semantic constraints of a language to control a measurable property like method length. Even this does not seem concrete but relies on metaphor. Oh? Variables have scope. Source is made of characters that take space on a screen. You may find metaphor in the words I use, but the ideas exist independently of those metaphors. ''I think you are confusing metaphor with semantics.'' ---- ''I don't think that's really true. Every day, I certainly experience thinking about computers in terms of computers (i.e. mathematics).'' Yes, but the association of mathematics with computer systems is itself a metaphor; the reality is electrical currents passing through circuitry. Despite it's usefulness, the association of '''0''' with low current and '''1''' with high current (or vis versa) is not intrinsic, nor are the various mathematical models of software. If there was any one lesson to be drawn from 20th century science, it is that no matter how compelling a particular model may be (e.g., classical mechanics), it is still only a model, not reality. -- JayOsako ''And for that matter, all thought deals with models, not reality (TheMapIsNotTheTerritory), and metaphor is one of our primary modes of thought. People usually think of English class when they think of metaphors, but "the stock market is up" is a metaphor of the sort that I mean. See the works of GeorgeLakoff, including WomenFireAndDangerousThings.'' ---- See SystemOfNames ---- CategoryMetaphor