[gnull]

I was sure it's something else, never heard of this being a standard term. Google search gives me only movie characters, "name meaning" pages, and a project called "Mallory in the middle" that implements some specific man-in-the-middle attack.

I guess it's another case of those "raising awareness" changes, that is supposed not to cost anything, but just made me spend like 4 min confusedly googling what the new term means.

[bitexploder]

I released a MiTM tool over a decade ago at BlackHat named Mallory. It is the common name for a malicious actor in between Alice and Bob in cryptography explanation.

[helloooooooo]

It has to do with the history of using names like Alice and Bob in cryptography, and nothing to do within your suggested reason.

[gnull]

You mean calling the adversary Mallory? Yes, this is standard. The term mallory-in-the-middle is not, as you can confirm with one Google search. There's barely anyone using this term, and nobody was using it 4 years ago.

At first, I thought that Mallory-in-the-middle was some special type of man-in-the-middle attack. In crypto, Mallory is a very specific type of adversary (active one, I think).

[UncleMeat]

Mallory is used to refer to active network exploitation (as opposed to Eve, who is passive). "Mallory-in-the-middle" is a great term that actually makes the attacker capabilities more clear and should already be understood by people with relevant context. The default "let's remove gendered terms" approach would be "person-in-the-middle."

[matthewdgreen]

Most MITM attacks that we care about are active attacks (hence Mallory.) An eavesdropper-in-the-middle attack would just be the standard attack setting, not an MITM. For those who are experts the term is “MITM” and I don’t care what the first M stands for.

[Retr0id]

While Mallory-in-the-middle is certainly less-common as a term, Mallory is most strongly associated with active-MitM examples, and vice-versa.

[lucb1e]

> There's barely anyone using this term, and nobody was using it 4 years ago.

At my employer (security consultancy in Germany), we switched ~two weeks ago from "man" in the middle to "machine" in the middle as expansion for the MITM acronym. Mallory is also a good option, although more known to cryptographers than our mainly developer audience (who might have more of an idea what a machine is than a Mallory). It's all not perfect but we're figuring this out. Yes, neutral gender writing is indeed relatively new and won't be much on web searches. Apparently some others use AiTM for attacker in the middle (yes, with that capitalization), which most people hated and voted against (because capitalizing the The but not the in looks dumb and, also, everyone already knows mitm so that change harms readability even more). It'll be a while before the community settles on something and "man" is not the most commonly known one. Bear with us until then!

[shaftoe]

It's hard not to write this entire exercise off as a dumb game of woke semantics.

[lucb1e]

Especially in Germany, albeit with an outsider's perspective, I would say it's very clear how relevant it is how you speak of persons. There is no commonly accepted 'singular they' and e.g. 'teacher' is always male (you'd have to say 'teacheress' or 'teacherin', not sure how to translate it, and so what people do is say both every time they refer to any teacher/in).

When always having to gender every word, not being inclusive has a measurable effect. There are enough studies that show the effects of listing genders alongside job listings that are typical/historical male or female jobs, also in other languages with less gendering. English is a lot better as a language, in my opinion, but still if you say "he" when referring to the aforementioned "doctor" when, really, it could be a doctor of either gender using the patient portal, you are still reinforcing a bias.

I don't think it's unnecessary to include the other half of the population in general writing, even if nobody has studied the effect of a "man in the middle" specifically. There's enough evidence elsewhere so that we might as well just switch things over at hardly any cost of change and no cost at all afterwards.

[the_gipsy]

The change of terms itself, or the people getting so riled up about it?

[gnull]

> which most people hated and voted against

Was there voting about these things? Who got invited to vote?

[lucb1e]

People just speak out for or against things in the chat. Manner of speaking, not an official ballot voting system.

And to be clear, nobody was against being more gender neutral, just in favor of machine in the middle over attacker in the middle.

[gnull]

I'm not saying this way of gathering people's opinions is completely useless, but it has big flaws. Being against this sort of feminist initiatives can get you labeled all sorts of things in the best case, and cancelled in the worst case.

It's like making a poll in Russia about whether citizens support the invasion of Ukraine or not, when saying you don't like it is a criminal offense that can get you in jail. "I just went out and asked some people on the streets of Moscow whether they support bombing of Ukraine, nobody said no while a couple of them said yes, so they must really like that."