A lot of people in security call themselves curmudgeon because they think it's a license to spew vitriol. It's time to throw that label in the trash.
I've been thinking about this a lot lately because I see an increasing number of security practitioners who are good people and good at their craft who choose to screw it all up by taking their disposition into the gutter.
When doing so, they often throw the word curmudgeon around when describing themselves.
I'll hang on to the curmudgeon word for a bit longer because, for what I'm about to say, I'm at a loss for a better word at the moment. But my fingers will feel a little sting every time I use it...
There are good curmudgeons and bad curmudgeons (twice in one sentence. My fingers are killing me now).
A good one might complain a lot on Twitter. About the weather. About clueless customers. About a whiskey bottle that has run dry. But they don't rip apart specific people by name, and they mix their crankiness with a lot of useful advice for their audience.
A bad one calls specific peers names because they disagree with a point of view. They drop one or more F-bombs per tweet and always brag about being drunk because they think that makes them cool.
Get your morning news fix with the daily Salted Hash e-newsletter!
Someone on Twitter recently noted how a relative was over and happened to see her Twitter stream. Noting all the people who claimed to be drunk, the relative said something like this: "So security people are all a bunch of alcoholics who think all computer users are stupid?"
I got a kick out of that, and I happen to like the particular tweeter. She talks of being drunk a lot, but she also offers some good security insight from time to time.
But her relative was too accurate for comfort.
In our business, we all deal with people who can be hard to like. For you it might be the user who keeps opening links in emails that are obvious social engineering traps. For me, it can be the hordes of PR people who crush my inbox with a lot of unusable pitches.
I've complained on Twitter about the PR pitches quite a bit, so I single myself out for criticism as well. I have a cranky streak of my own, and sometimes I misuse that crankiness.
But I will never call myself a curmudgeon. I might call myself misguided, stupid or moronic. But not that other word.
After seven-plus years writing about the security industry, I don't consider myself a technological master. But I have studied with great interest the effect the human condition has had on the industry.
When visiting Twitter, the human condition of security becomes larger than life. It leaps out of the screen and punches you between the eyes.
I love it and hate it at the same time.
I feel comfortable noting this much:
The more our Twitter presence becomes about being drunk and tearing other people down, the less useful we become to the newbies who dip their toes in the social networking realm in search of some wisdom that may actually help them do their jobs better.
If they do their jobs better, we have less to complain about.
Could it be we'd rather they stay ignorant so we'll keep finding fodder to keep our curmudgeonly images alive? We'd rather the user stay stupid so we can keep saying they're stupid?
I hope not.