Communications of the ACM,
Vol. 55 No. 4, Pages 27-28
10.1145/2133806.2133816
A tale of hubris and zealotry.
The full text of this article is premium content
1 Comments
Marko Schuetz-Schmuck
Dear KV,
I agree with the statement "Tools are Useful", but knowing and being able to read a low-level representation goes boyond "preening themselves over their 1337 hex-dump reading skills".
All tools operate in specific contexts with very specific assumptions, e.g. as a standalone program that intercepts network traffic or reads a file that stores such traffic.
It is often helpful to be able to identify and/or parse the same kind of information outside of the context that the tool requires. Using the example of the IPv4 packet this might be when debugging a core dump and finding the hexdump of [[Figure 1] http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/fulltext#F1 ] in some buffer. In my experience it is often that being familiar with the low-level representation is enormously helpful as it allows one to spot suspicious states and to investigate behavior in contexts where the dedicated tool is not available.
"Tools are useful", but so is just /seeing/ through the representation.
Sincerely,
Marko
Displaying 1 comment
Log in to Read the Full Article
Purchase the Article
Log in
Create a Web Account
If you are an ACM member, Communications subscriber, Digital Library subscriber, or use your institution's subscription, please set up a web account to access premium content and site
features. If you are a SIG member or member of the general public, you may set up a web account to comment on free articles and sign up for email alerts.
![[article image]](https://cacm.acm.org/system/assets/0000/7421/031512_CACMpg27_The-Network-Protocol.large.jpg?1476779428&1331915048 "yin and yang symbol composed of computer mice")
Marko Schuetz-Schmuck
Dear KV,
I agree with the statement "Tools are Useful", but knowing and being able to read a low-level representation goes boyond "preening themselves over their 1337 hex-dump reading skills".
All tools operate in specific contexts with very specific assumptions, e.g. as a standalone program that intercepts network traffic or reads a file that stores such traffic.
It is often helpful to be able to identify and/or parse the same kind of information outside of the context that the tool requires. Using the example of the IPv4 packet this might be when debugging a core dump and finding the hexdump of [[Figure 1] http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/fulltext#F1 ] in some buffer. In my experience it is often that being familiar with the low-level representation is enormously helpful as it allows one to spot suspicious states and to investigate behavior in contexts where the dedicated tool is not available.
"Tools are useful", but so is just /seeing/ through the representation.
Sincerely,
Marko