Someone pointed out to me today that cryptography (and information security) might be really good ways to develop humility. I can’t count the number of times I was *certain* I was right about something, only to have someone show me I’m completely wrong.
I’m sure there are other fields where it’s easy to be confident about your judgement and learn you’re wrong, but the adversarial nature of crypto/infosec amplify the experience. You just learn that you can’t trust your intuition at all: it lies to you.
@matthew_d_green At the same time you learn that precision matters, and that a proof or counterexample cannot be ignored other than by changing the assumptions we operate under. One also learns that structuring things so that being precise is easy very often makes problems and possible approaches easier to notice. I would dearly wish that all infosec-adjacent people shifted a bit in this direction.
@matthew_d_green I started thinking recently that anyone in any sort of position of authority in infosec should take an academic introduction to cryptography course, as an easy way of at least realizing that the approach of "things are true or false, we might just not know", "modus ponens works", "vacuously satisfied implications are true, not some weird third state", ... exists (and, I'd hope, adopting it at least somewhat).