[KernalSanders]

Thank you for this!

Abbreviations and acronyms are highly inefficient if not defined clearly and up front. It also creates a division between those who know and those who don't.

I absolutely detested seeing "ISO" suddenly everywhere on Facebook and Nextdoor in place of "in search of". If you didn't know that before, you know it now, but you may also be annoyed by it not being about the international organization for standardization, which also goes by ISO, but not for any reason people would magically guess, without a background in Greek. (ISO explains that, since the acronym would differ in every language, ISO is actually derived from isos, which means "equal". Happy coincidence that it almost matches the name of the organization, but could also become obscure with time and lost history.)

For our company, I've been very clear that we don't make up acronyms unless a layperson could reasonably guess what it stands for, and also not confuse it for something else.

[CaptainOfCoit]

> It also creates a division between those who know and those who don't.

Yeah, it's called "expertise" and it isn't as bad as you seem to think. Blogs for security professionals will use jargon and technical words aimed at other security professionals, and that's OK, not everything on the web is for everyone.

Just like how in my game development blog I don't explain what a "loop" is because I'm assuming the audience knows basic programming already, otherwise every article would be balloon out of scope easily.

[riehwvfbk]

TLAs are not basic knowledge, or expert knowledge. They are expertise theater.

[zeristor]

Come here to say that too.

Now what if an “AI” system could come up with the key points to know for domain knowledge, that would make each domain that bit less intimidating.

Providing there’s a reliable publicly available store of data to extract the domain knowledge from.

Sounds so good I guess there’s several systems like that already.

[akerl_]

A quick skim of https://iverify.io/blog makes it seem pretty clear that iVerify’s audience is people who are interested in security, not just existing industry experts.

[CaptainOfCoit]

But then skim the submission article and try to evaluate which audience it seems written for.

Considering they have stuff like "Located within the Sysdiagnoses in the Unified Logs section (specifically, Sysdiagnose Folder -> system_logs.logarchive -> Extra -> shutdown.log)" in the article, my guess is that they're aiming for people who at least have a basic understanding of security, not general users, as those wouldn't understand an iota of that.

[eviks]

Considering there is actualy not an iota of technically security challenging stuff (specifically, any computer user can understand your quote that there is a log file located at some path, there is 0 security understanding required there), using your own logic we can deduce the general audience was the target

[CaptainOfCoit]

The typical/general computer user wouldn't even understand the ">" character, I think you either don't grasp the wide range of people who sit in front of computers daily, or you over-estimate their ability of grasping computer concepts, because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.

[eviks]

That's fine, you don't need to understand the > character, it clearly says there is some log file located at some folder.

> because you'd say that sentence to the typical computer user and most of them wouldn't understand most of it.

Yeah, do try that, just not your cut version focusing on the irrelevance of a specific path and the meaning of >, but the whole paragraph. Do see how many people fail to understand that there was some file at some folder. You could even ask extra SAT questions "what do you thing a "shutdown log" is, does it record activities during device shutdown?")

[akerl_]

This argument seems neatly circular.

Any example where somebody says an article doesn’t do a great job defining its terms just becomes proof that the authors only wanted readers who already understand the terms.

[pcthrowaway]

I think it's fine for the magazine, but I would have liked to see it expanded in the HN submission title, since many of us are not cybersecurity specialists.

[CaptainOfCoit]

Some stuff is written for some people, other stuff is written for other people. This shouldn't be hard to understand, nor particularly novel either.

[integralid]

I assume this blog post is targeted for the security community, where IoC is universally understood. Of course it is confusing on HN, but authors are free to assume their audience - like we don't define what HTTP, MVC and "btw" mean every time we use it. Or, for a better example, HN and YC are used here all the time, but would be confusing for outsiders (and should be defined outside of HN context).

[alexjplant]

The web already had terminology for this in online enthusiast forums: WTB (Want to Buy), FS (For Sale), FT (For Trade), etc. The slow death of the open web in favor of platforms has evidently caused a lot of rework like this. Other notable examples include backwards emoticons (: and DM instead of PM.

[scrps]

The corp platform model seems to excel at abstracted wheel re-inventing and then pretending it is innovation.