I may very well be an old curmudgeon but am I the only one who doesn't like all this comic-y cutesy content? They seem to be a rebranded version of the old `Idiot's guide to X` which were ubiquitous in the '90s. Yes, I'm also talking about stuff like `Clojure for the brave and true` or `Learn you a X for the greater good`. Does anyone actually benefit from this content? I look at it and it seems to be targeted to 10 year olds. Are we as an industry getting dumber?
For this specific subject, instead of reading about the `adventures of Certificat, Browserbird, and Compugter` can we just read something like https://hpbn.co/transport-layer-security-tls/ ?
There are several "celebrity" bloggers who keep this trend alive. I find it annoying too, but better that than some of the other approaches which involve constant! Exclamation!! Marks everywhere!!!
A few zine-style approaches manage to capture the worst of both worlds, but I guess if others find it endearing and cute then good luck to them!!
I think it has to do with who is reading. Some people learn better this way (myself included). I've seen many topics over the years explained in forms similar to this and it was very easy to understand opposed to just reading it out of a textbook. Although I'll admit that even this was done way too cutesy. They put far too many pictures with too small of text on each page, made it hard to follow along and keep focused. I need to be able to read fluently, small white text on a black background is hard on the eyes. You can find little snippets like this in many textbooks, but it's generally a single picture or two that are shown to better show the point made in the preceding text.
Dunno about the industry getting dumber, but they certainly are getting lazier when it comes to UX. I could barely read it for 10s before my eyes started hurting.
I share a similar sentiment. Articles with an abundance of memes/gifs -- ones trying to be funny/cute, not contributing to the subject matter -- are placed in the same category.
At best it adds clutter, but usually lends to distraction and/or frustration and moving on.
Technology isn't only for the wealthy elite who have the time to sit and read hundreds of pages of jargon anymore. The internet is for everyone, not just us nerds.
On the contrary, this phenomenon seems pretty isolated to nerds/tech-interested-people. Are there any areas outside of technology where you have seen something presented in a similarly childish way?
The reason these exist is because these topics are big and somewhat inaccessible, but they are relevant to people who wouldn't learn them in the normal course of their lives. You wouldn't expect to see as many for something that is commonly known in a given field and doesn't matter to people outside it, or things which are already quite accessible without trying to make them super-friendly.
Here's an example that does something similar with the law: http://lawcomic.net/
You'll notice that the law has the same characteristics I identified earlier in technology — it's very relevant to ordinary people, but it's large and inaccessible enough that most people don't really understand it and setting a law book in front of them wouldn't help.
The content is harder to read and to follow, and concepts aren't as accessible. Even if it's an attempt at entertaining, this project falls very short of serving any educational purpose.
You are free to interpret my comment as an isolated opinion and disregard it as a baseless assertion, but you'd be repeating the age old mistake of disregarding user opinions when evaluating user interfaces. Personally I believe that paying attention to user grievences, particularly when they are very recurrent and objective, is the smart thing to do and the fastest path to develop adequate products. If you feel you're better served by ignoring recurrent and needless mistakes and insist on repeating them then be my guest.
I really hate when people assume bad faith like that. What you did there is akin to calling a falsehood a lie. Although this is accusing people of deliberately lying to themselves or something.
I'm sorry to say it, but that framing actually makes me see more merit in the comment you're responding to, when I didn't much before. I'm of the opinion that people do deliberately lie to themselves, quite regularly. To me, it's a fundamental part of cognitive dissonance. Whether it applies here, I don't know, but now I have to consider it.
:-) Sure, I agree. We don't know. The comment I was replying to snarkily and passively-aggressively (said it without saying it) assumed he knew for sure (I won't say 'pretended to know'). But it was ironically more certainly what they were accusing the other of, presenting opinion as fact, than what the other was doing, as another commenter already noted.
Also it was hostile in tone. If I, for example, thought you were being too silly, compare writing "I think you're being too silly" with writing "I really hate when people are too silly." It begs the question, and in a hostile way. He wasn't talking to the person but snidely about them.
Yeah, I definitely get what you mean. I try to see if there's merit in what people say, even on occasions where they forgot their manners at home (as I've done plenty), but in this case, they didn't bother to justify anything here. It makes me think there wasn't really much thought behind it past the craving to be rude.
Or, I just don't like when people summarily dismiss and deride things that don't personally appeal to them, even when others find value in it. I think it's hard to justify calling my direct response passive, regardless of how it was phrased, but if it makes you all feel better to defend the bullies go right on ahead.
Would you propose that we all precede subjective statements with "in my opinion..."? In my opinion, it is your opinion that the parent posted their opinion as fact. In my opinion, it is clear that the parent was simply asserting their opinion, as demonstrated by your accurate (in my opinion) recognition of their opinion as an opinion.
> The content is harder to read and to follow, and concepts aren't as accessible.
For you.
It can be difficult sometimes, but it's very important when evaluating content proposed as educational to ignore personal knowledge and experience on a topic and focus on the learning outcomes desired by the authors of training material, and not impose our own expectations and biases.
I'd have to agree with the parent. And it has nothing to do with personal knowledge/experience/expectations/biases. The linked 'comic' is bad in ways that I think many people would agree on.
I'm not talking about the content or even the "cutesy" style, but the layout/formatting itself. The lack of space or separating lines between the panels makes it quite difficult to follow the chronological order of the story. The font used for dialog is atrocious. And the harsh colors all placed on top of a stark white background isn't easy on the eyes. These are things that all detract from any possible learning outcomes, no matter what they are.
I think a lot of people in this thread are arguing that 'cutesy style = bad', but I think the real reason they might be thinking that is because it's actually just this particular instance of cutesy style is bad.
> The lack of space or separating lines between the panels makes it quite difficult to follow the chronological order of the story.
I agree on the need for lines to delineate between panels. As for the order of the story, it is written in English, and like most comics or visual presentation materials is organized in a left to right, top to bottom layout.
The font used is not great, but it is a sans serif font, and while not designed specifically to be accessible to dyslexic folks, I find it easier to read than many other sans serif fonts, in part owing to the distinctive shape of each of the glyphs. I would prefer more spacing between the letters, but to be fair, I only made that observation after I turned off my letter-spacing:2px user-style
You say harsh colors on white background, I say high contrast is very valuable to me as someone who is dyslexic - I find high contrast content easier to consume.
There's no "for you" to be added, the comic has severe accessibility issues.
If you think it's fine, I wager it's for one of two reasons:
- You may have decided it's fine because you're ignoring the issues by dismissing them as "it's because I'm not the target audience".
- You may actually be in a minority of people who have no issues reading this.
Put it this way, if I print content in light-grey on a pastel-white background and have people complaining about this, I shouldn't be defending it with "Oh it's not fine for you, but for other people it's fine". That's the whole challenge of accessibility: Making your content accessible to the biggest chunk of your target audience (and if possible, beyond that).
I agree with you on the accessibility angle, from the perspective of users with reading disabilities, color blindness, etc. I am not sure if that was the angle you were aiming for.
As for the accessibility of the ideas, they are presented clearly. Where jargon can't be avoided, it is presented by the role it plays, and a simple explanation of what it is not (see the digital signature panels) that presents an idea, gives the user enough information that they can start forming a question and addresses an incredibly common misconception.
As for being in a minority, I don't know. What I do know is that as a person who has to deal with dyslexia on a daily basis in a largely text based position as a remote security engineer, I found this content to be very approachable, and it got positive feedback from several folks I shared it with this morning, including an early childhood educator and a retired teacher, so YMMV.
As far as not being the target audience, frankly, I am squarely in the target audience as I am always looking for new and effective ways to teach people this stuff because as an infosec weenie a big chunk of my job is helping people avoiding the pitfalls of technology by helping others understand how to build secure or maintain basic opsec. This comic is not effective for me, since I am technical enough to need better resources, but it is super great for a project manager who might need to ramp up knowledge about why HTTPS or TLS is important without needed to know how to configure or implement it.
> As for the accessibility of the ideas, they are presented clearly.
They clearly aren't. Some users already pointed out they had problems getting what the cat was supposed to represent. That's a telltale sign of how bad the content was presented when a significant portion of the audience, and one which is educated and technically inclined, has a problem understanding and tracking the meaning of a basic concept that's presented right in the very start.
People aren't "reading it wrong". The comic is simply poorly thought-out and the execution makes it needlessly hard to go around these problems.
I feel the same way. Another thing I've noticed along the same lines is companies and technologies named after words in "toddler speak" by adding -y or -ly to the end of a word (e.g. dog -> doggy). I initially chalked this up to the .ly TLD but that doesn't seem to be widely used nowadays. Maybe it started out that way and took on a life of its own?
> named after words in "toddler speak" by adding -y or -ly to the end of a word (e.g. dog -> doggy)
Can you provide some examples of "toddler speak" involving the -ly suffix? I don't mean company or technology names -- words like "doggy", but using a -ly suffix.
Some people like the comics, some people like the naked horrific rfc docs (https://tools.ietf.org/html/rfc2818) complete with the phony typewriter linebreaks.
Many prefer something in between. Something for everybody.
Yep, we have that option and lots of explanations like that already exist.
This is a different approach to explaining the subject. I don't see how that's a problem. Personally I think they just went overboard with it (to the point of being distracting), but I get what they're trying to do and appreciate the effort - even if it's not for me. Kudos I say. Others might find it useful. Plus it could inspire someone else to explore another approach.
I mean, the OP's comic is just... really, really hard to read. It's not a medium problem, it's a layout/font/design problem.
I think GP is just hating on the wrong thing. Comics are fine, and having that as well as the technical explanations, is fine.
I agree with a commenter further down wrt. the immensely popular "For Dummies" series which manages to make various complex subjects more accessible. I also think this type of webcomic can be really well done. Chrome's webcomic springs to mind:
Geez, man. Really, "Learn You" and "Brave and True"? Those books are 95% pure instruction, and you have a problem with them because they include a small captioned cartooned image every 10 pages? The tutorial in this post is on a completely different level, but if you have a problem with those other books injecting even the slightest bit of humor into an otherwise very dry material (however interesting it may be, it is dry), then I really feel angry at whoever hurt you.
See I disagreed with the poster you're responding to but now you've gone too far in the other direction. Can't people just live and let live? Some people want cartoon-style explanations and others don't, simple as that.
I think your link is ideal for computer professionals, but I think `the adventures of Certificat, Browserbird, and Compugter` will probably be better for people with little to no actual technical knowledge.
You are definitely an old curmudgeon, and I assume you are proud of that. Ironic thing about your link is that it's using Cloudflare
...So in an up-to-date browser it comes over TLS 1.3 (Cloudflare enables this by default, technically they're talking Draft 28, but this differs from the final RFC only in that drafts deliberately switch off TLS 1.3 downgrade protection since otherwise each draft would be mutually incompatible with every other system)
...So the description of how this works ends up being wrong for the site it's describing because it assumes TLS 1.{0,1,2} semantics but
...Despite the micro version change, TLS 1.3 is a significantly different protocol, both in how it begins and in details like resumption (now handled with PSKs) that this post describes for older SSL/TLS. It looks enough like TLS 1.2 that dumb middleboxes let it past.
One seldom acknowledged reason to write this sort of explanation (as a cartoon, as blog post, as a slide deck, whatever) is that the process of explaining something to other people clarifies our own understanding. When you're rehearsing "And of course the hats are invisible to bears, because..." you pause for a second -- wait, why _are_ these hats invisible to bears? Now that you come to say it, that's incredible and you realise you don't know. You go away and read the source materials - aha! Now you know why the hats are invisible and so although the purported purpose was to teach others, what you've actually done is learn for yourself.
> I may very well be an old curmudgeon but am I the only one who doesn't like all this comic-y cutesy content? They seem to be a rebranded version of the old `Idiot's guide to X` which were ubiquitous in the '90s.
The For Dummies series - corny jokes, mediocre cartoons, and all - are what taught me computing as a kid growing up in the '90s. So I support content like this because, empirically, it works.
I remember learning a lot from 1980s computer books with jokes and cartoons when I was older than 10, for example http://wiki.c2.com/?ThinkingForth , or the Fortran colouring book.
I'm not sure I'd've got on with ones where all the text is in cartoons, though. Too hard to scan, perhaps.
It was best when the cartoons were doing double service as diagrams showing what was going on inside the computer.
I think they are actually. It used to require skill to be a programmer in the old days. You knew one language very well. Today you know hundreds of small things on medium level and you can Google anything. It's quite easy to write code in any text editor, they are all filled with colorful fonts, intellisense, plugins etc.
This is the same spurious argument that we're getting dumber because we can Google anything we forget. Hey, we developed software to make our lives easier and make us orders of magnitude more efficient! What a bunch of idiots!
Part of the situation might be because of outsiders who try and learn these things on their own time. You might have a molecular biologist who finds themselves needing to setup up a webapp for some research and they were never formally educated as an "engineer".
Grown-ups also sometimes like to pass on what they know to children, teens and grandparent, so they might resort to cutesy stuff.
Then there are dummies like me who need lots of illustrations and everything explained from 10 different points of views before they start to understand. But, most of us hate getting in the way of the masters and experts.
We should have a "kids" version of HN and of various reddits. Everyone will be anonymous because your 50-yr-old co-worker doesn't want to be known around the office for reading comics that include cartoon superheroes showing you how to battle the evils of CSRF/SSRF.
(Thanks for linking to that page that explains TLS. That also helps.)
Different people learn in different ways. I usually prefer a well written, funny text to a dry one. If I am forced to use a completely dry reference to learn a new topic, I often make up humorous mnemonics and explanations as I go, to help things stick.
So, yes, I (and I assume many others) benefit from the content. Of course that is not to say it is for everyone. Personally I don’t care much for learning from videos but know many people who much prefer them to text.
I doubt there is a single, universal style of learning medium that is optimal for most (let alone all) learners.
Ruby on Rails became popular with teenagers partly because of "Why's Poignant Guide to..." (and I forget the exact name.) It was full of funny drawings, jokes, and memes.
Honestly, I couldn't make it past a few panels of this comic. It's a good idea, though.
I think the reason why Why's guide worked is that the content came first, and the jokes were more for comedic relief. Trying to make everything a cutesy analogy doesn't make it more accessible. Pacing is just as important.
No and apparently "we as an industry" also struggle to get less condescending.
Maybe "we as an industry" don't have to learn the intricate details of such technologies in this cheerful manner. But is every potential consumer of this site really a CS-degree holding, experienced developer coming from the trenches?
You know, some 13-year old might stumble upon this and find it quite a bit more engaging than the (very good) link you have shared.
Not all content is for all people at all times. Thankfully, the internet is still free enough for all of us to close pages if they don't provide useful content.
If you need more details there are certainly better sources. But imho there is usually a huge lack of trustworthy high level overviews. Newbies make mistakes and seasoned teachers may have a hidden agenda.
no man or woman on the street with a job not in the information economy would care to digest even your excellent linked doc.
TFA target audience is not even someone that understands that the Internet and the Web are different things.
It's a wonderful doc, wonderfully presented. With every mom and pop retail business needing a website these days, this is a really great explanation for them, so they can start to understand why they want https.
I had this issue even starting from the first panel after the introduction, where the dog was sending a message to the bird. I kept having to scroll to the top to double check who was who.
I have this problem with most analogies used to explain things. Computer concepts are abstract enough without layering another abstraction on top. If you're trying to explain something complicated, you're just adding more cognitive overload. If you're trying to explain something simple, why not be direct? It's possible that I just run into nothing but bad analogies, but I don't see them as being helpful.
Because it barely spends any time setting that up, for one thing. It would probably be a bit more memorable if the characters actually said things like “Hi! I’m Compugter! I sit on your desk or in your lap and talk to the Internet for you!”; instead there is just a panel with a tiny label floating off to one side.
Or maybe it should be “Hi! I’m Compugter, I sit in a rack in a puppy farm somewhere, and talk to the browserbird in your hand or lap or desk”? It really doesn’t define its terms at all before launching into a description of a man-in-the-middle attack. This is just not well-written, and no amount of cute drawings will cover for that, no matter how well done they are.
I found the layout confusing but stuff like this is desperately needed. Encryption is a difficult subject but so important to how the Internet functions; the better people understand the concepts the better decisions they will make.
I tried to explain explain how the web browser retrieves a web page (including HTTPS) in simple terms once; the resulting text quickly got away from me[0] so I respect the creators of this for trying.
A major problem with this is that non-expert users might interpret it to mean that the "green lock" always means everything is ok. That is dangerous advice since it's possible to publish a phishing site having proper SSL. Users need more context than what is offered here to avoid becoming victims of phishing scams.
I also found the content itself difficult to read in both layout and copy. The character names were confusing, and I don't think the three concepts of privacy, integrity, and identity were conveyed in a clear enough sense so that a non-expert could interpret how those are actually 3 different things.
I skimmed over it and it seems to be a bit dated.
The handshake description is basically a static RSA key exchange. This is deprecated in TLS 1.3 and largely unused even in older TLS versions, because it's horrible. (I wrote a paper to show how horrible it is.)
Unfortunately I see this quite often that people are simply not up to date when it comes to crypto.
I'd be curious to read that paper, if you don't mind sharing a link - I recognize your name from the TLS mailing list, but I don't recall seeing that paper referenced there, and everything I google is in German...
I like the light-hearted direction taken to explain HTTPS, but I personally find the narrative difficult to read and follow.
It might be unfair for me to compare the two, but I do like Randall's approach to explaining Heartbleed https://xkcd.com/1354/ because it feels like it has a better flow.
I'd definitely like to see this idea get expanded upon and improved, so I can feel confident about forwarding this link to non-technical users who are interested in learning how the Internet works. I also agree with doing one of these on phishing.
Self signed certificates do not prove integrity. A crab in the middle can generate another self signed certificate for the same domain name and your browser will not know that it isn't the one you expected.
The only workaround is to manually add the certificate to the root store. But this depends on securely receiving the certificate - say by physically transferring it from one computer to another by USB stick.
I found this really hard to read. At first I tried to read left-to-right, top-to-bottom, but then it felt like the "panels" (or lack thereof) were not lining up. Then I thought "Oh! It must be three columns top-to-bottom" so I tried that then realized I was missing content and that I was right the first time.
I'd love to see you lay this out a bit differently. Apart from that, I love the content. Thanks.
76 comments
[ 3.2 ms ] story [ 139 ms ] threadContent marketing and SEO purposes for the parent company, dnsimple.
As a technical person I don’t particularly love privacy = confidentiality, but I understand the desire to simplify.
If you’re looking for something next, I vote for phishing. We tried to make a short explanatory video, but it’s not even remotely cool as this one! https://twitter.com/_conorpp/status/1036751355346595840
For this specific subject, instead of reading about the `adventures of Certificat, Browserbird, and Compugter` can we just read something like https://hpbn.co/transport-layer-security-tls/ ?
A few zine-style approaches manage to capture the worst of both worlds, but I guess if others find it endearing and cute then good luck to them!!
At best it adds clutter, but usually lends to distraction and/or frustration and moving on.
Technology isn't only for the wealthy elite who have the time to sit and read hundreds of pages of jargon anymore. The internet is for everyone, not just us nerds.
Here's an example that does something similar with the law: http://lawcomic.net/
You'll notice that the law has the same characteristics I identified earlier in technology — it's very relevant to ordinary people, but it's large and inaccessible enough that most people don't really understand it and setting a law book in front of them wouldn't help.
The content is harder to read and to follow, and concepts aren't as accessible. Even if it's an attempt at entertaining, this project falls very short of serving any educational purpose.
Also it was hostile in tone. If I, for example, thought you were being too silly, compare writing "I think you're being too silly" with writing "I really hate when people are too silly." It begs the question, and in a hostile way. He wasn't talking to the person but snidely about them.
For you.
It can be difficult sometimes, but it's very important when evaluating content proposed as educational to ignore personal knowledge and experience on a topic and focus on the learning outcomes desired by the authors of training material, and not impose our own expectations and biases.
I'm not talking about the content or even the "cutesy" style, but the layout/formatting itself. The lack of space or separating lines between the panels makes it quite difficult to follow the chronological order of the story. The font used for dialog is atrocious. And the harsh colors all placed on top of a stark white background isn't easy on the eyes. These are things that all detract from any possible learning outcomes, no matter what they are.
I think a lot of people in this thread are arguing that 'cutesy style = bad', but I think the real reason they might be thinking that is because it's actually just this particular instance of cutesy style is bad.
I agree on the need for lines to delineate between panels. As for the order of the story, it is written in English, and like most comics or visual presentation materials is organized in a left to right, top to bottom layout.
The font used is not great, but it is a sans serif font, and while not designed specifically to be accessible to dyslexic folks, I find it easier to read than many other sans serif fonts, in part owing to the distinctive shape of each of the glyphs. I would prefer more spacing between the letters, but to be fair, I only made that observation after I turned off my letter-spacing:2px user-style
You say harsh colors on white background, I say high contrast is very valuable to me as someone who is dyslexic - I find high contrast content easier to consume.
If you think it's fine, I wager it's for one of two reasons:
- You may have decided it's fine because you're ignoring the issues by dismissing them as "it's because I'm not the target audience".
- You may actually be in a minority of people who have no issues reading this.
Put it this way, if I print content in light-grey on a pastel-white background and have people complaining about this, I shouldn't be defending it with "Oh it's not fine for you, but for other people it's fine". That's the whole challenge of accessibility: Making your content accessible to the biggest chunk of your target audience (and if possible, beyond that).
As for the accessibility of the ideas, they are presented clearly. Where jargon can't be avoided, it is presented by the role it plays, and a simple explanation of what it is not (see the digital signature panels) that presents an idea, gives the user enough information that they can start forming a question and addresses an incredibly common misconception.
As for being in a minority, I don't know. What I do know is that as a person who has to deal with dyslexia on a daily basis in a largely text based position as a remote security engineer, I found this content to be very approachable, and it got positive feedback from several folks I shared it with this morning, including an early childhood educator and a retired teacher, so YMMV.
As far as not being the target audience, frankly, I am squarely in the target audience as I am always looking for new and effective ways to teach people this stuff because as an infosec weenie a big chunk of my job is helping people avoiding the pitfalls of technology by helping others understand how to build secure or maintain basic opsec. This comic is not effective for me, since I am technical enough to need better resources, but it is super great for a project manager who might need to ramp up knowledge about why HTTPS or TLS is important without needed to know how to configure or implement it.
They clearly aren't. Some users already pointed out they had problems getting what the cat was supposed to represent. That's a telltale sign of how bad the content was presented when a significant portion of the audience, and one which is educated and technically inclined, has a problem understanding and tracking the meaning of a basic concept that's presented right in the very start.
People aren't "reading it wrong". The comic is simply poorly thought-out and the execution makes it needlessly hard to go around these problems.
Can you provide some examples of "toddler speak" involving the -ly suffix? I don't mean company or technology names -- words like "doggy", but using a -ly suffix.
They don't really involve the diminutive -y suffix either; that looks more like the adjective-forming -y suffix.
Some people like the comics, some people like the naked horrific rfc docs (https://tools.ietf.org/html/rfc2818) complete with the phony typewriter linebreaks.
Many prefer something in between. Something for everybody.
Yep, we have that option and lots of explanations like that already exist.
This is a different approach to explaining the subject. I don't see how that's a problem. Personally I think they just went overboard with it (to the point of being distracting), but I get what they're trying to do and appreciate the effort - even if it's not for me. Kudos I say. Others might find it useful. Plus it could inspire someone else to explore another approach.
I think GP is just hating on the wrong thing. Comics are fine, and having that as well as the technical explanations, is fine.
I agree with a commenter further down wrt. the immensely popular "For Dummies" series which manages to make various complex subjects more accessible. I also think this type of webcomic can be really well done. Chrome's webcomic springs to mind:
https://www.google.com/googlebooks/chrome/big_00.html
...So in an up-to-date browser it comes over TLS 1.3 (Cloudflare enables this by default, technically they're talking Draft 28, but this differs from the final RFC only in that drafts deliberately switch off TLS 1.3 downgrade protection since otherwise each draft would be mutually incompatible with every other system)
...So the description of how this works ends up being wrong for the site it's describing because it assumes TLS 1.{0,1,2} semantics but
...Despite the micro version change, TLS 1.3 is a significantly different protocol, both in how it begins and in details like resumption (now handled with PSKs) that this post describes for older SSL/TLS. It looks enough like TLS 1.2 that dumb middleboxes let it past.
One seldom acknowledged reason to write this sort of explanation (as a cartoon, as blog post, as a slide deck, whatever) is that the process of explaining something to other people clarifies our own understanding. When you're rehearsing "And of course the hats are invisible to bears, because..." you pause for a second -- wait, why _are_ these hats invisible to bears? Now that you come to say it, that's incredible and you realise you don't know. You go away and read the source materials - aha! Now you know why the hats are invisible and so although the purported purpose was to teach others, what you've actually done is learn for yourself.
[Edited s/hosted on/using/]
The For Dummies series - corny jokes, mediocre cartoons, and all - are what taught me computing as a kid growing up in the '90s. So I support content like this because, empirically, it works.
I remember learning a lot from 1980s computer books with jokes and cartoons when I was older than 10, for example http://wiki.c2.com/?ThinkingForth , or the Fortran colouring book.
I'm not sure I'd've got on with ones where all the text is in cartoons, though. Too hard to scan, perhaps.
It was best when the cartoons were doing double service as diagrams showing what was going on inside the computer.
Without beej's guide to networking I wouldn’t have understood TCP.
Grown-ups also sometimes like to pass on what they know to children, teens and grandparent, so they might resort to cutesy stuff.
Then there are dummies like me who need lots of illustrations and everything explained from 10 different points of views before they start to understand. But, most of us hate getting in the way of the masters and experts.
We should have a "kids" version of HN and of various reddits. Everyone will be anonymous because your 50-yr-old co-worker doesn't want to be known around the office for reading comics that include cartoon superheroes showing you how to battle the evils of CSRF/SSRF.
(Thanks for linking to that page that explains TLS. That also helps.)
Any opinion of the "Head First" books? https://ssearch.oreilly.com/?q=head+first They seem better than the 90s "...For Dummies" books.
So, yes, I (and I assume many others) benefit from the content. Of course that is not to say it is for everyone. Personally I don’t care much for learning from videos but know many people who much prefer them to text.
I doubt there is a single, universal style of learning medium that is optimal for most (let alone all) learners.
Honestly, I couldn't make it past a few panels of this comic. It's a good idea, though.
I think the reason why Why's guide worked is that the content came first, and the jokes were more for comedic relief. Trying to make everything a cutesy analogy doesn't make it more accessible. Pacing is just as important.
No and apparently "we as an industry" also struggle to get less condescending.
Maybe "we as an industry" don't have to learn the intricate details of such technologies in this cheerful manner. But is every potential consumer of this site really a CS-degree holding, experienced developer coming from the trenches?
You know, some 13-year old might stumble upon this and find it quite a bit more engaging than the (very good) link you have shared.
Not all content is for all people at all times. Thankfully, the internet is still free enough for all of us to close pages if they don't provide useful content.
So some people do benefit from it a great deal, it seems.
no man or woman on the street with a job not in the information economy would care to digest even your excellent linked doc.
TFA target audience is not even someone that understands that the Internet and the Web are different things.
It's a wonderful doc, wonderfully presented. With every mom and pop retail business needing a website these days, this is a really great explanation for them, so they can start to understand why they want https.
Or maybe it should be “Hi! I’m Compugter, I sit in a rack in a puppy farm somewhere, and talk to the browserbird in your hand or lap or desk”? It really doesn’t define its terms at all before launching into a description of a man-in-the-middle attack. This is just not well-written, and no amount of cute drawings will cover for that, no matter how well done they are.
I tried to explain explain how the web browser retrieves a web page (including HTTPS) in simple terms once; the resulting text quickly got away from me[0] so I respect the creators of this for trying.
[0] https://sheep.horse/2017/10/how_you_are_reading_this_page.ht...
I also found the content itself difficult to read in both layout and copy. The character names were confusing, and I don't think the three concepts of privacy, integrity, and identity were conveyed in a clear enough sense so that a non-expert could interpret how those are actually 3 different things.
Unfortunately I see this quite often that people are simply not up to date when it comes to crypto.
I'd be curious to read that paper, if you don't mind sharing a link - I recognize your name from the TLS mailing list, but I don't recall seeing that paper referenced there, and everything I google is in German...
It might be unfair for me to compare the two, but I do like Randall's approach to explaining Heartbleed https://xkcd.com/1354/ because it feels like it has a better flow.
I'd definitely like to see this idea get expanded upon and improved, so I can feel confident about forwarding this link to non-technical users who are interested in learning how the Internet works. I also agree with doing one of these on phishing.
The only workaround is to manually add the certificate to the root store. But this depends on securely receiving the certificate - say by physically transferring it from one computer to another by USB stick.
I'd love to see you lay this out a bit differently. Apart from that, I love the content. Thanks.