Cybersec’s Messy Messaging

I saw an article on The Register today entitled, Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees.

TL;DR the argument is whether or not crypto should mean cryptography or cryptocurrency.

Now, I get it, it can be an emotional topic for some – but really? The majority of the population don’t even understand what cryptography actually is. You have governments trying to ban end to end encryption (refer to Alec Muffet for more nuanced discussions on E2E encryption), no-one ever seems to have got PGP working, and what does cryptography has to do with privacy or secure banking?

To me, that is the fundamental issue – the world is on fire, and we have the people who are probably best suited to not just explain what cryptography is, but implement it and validate it’s being used properly – arguing over whether we should call it crypto for short.

It seems to be a common theme in cyber security, or should I say information security? Maybe you prefer the term IT security because cyber meant something else to you in the mid-90’s?

I’m not trying to be difficult (that just comes natural to me). But sometimes I do think people spend too much time on the messaging, and not enough time on the intent of the message itself.