I gave a class lecture the other day in which I gave a little spiel, as I sometimes do, about the dangers of metaphor and analogy as techniques for reasoning about software systems. Some of my students reacted pretty adversely. Certainly, since then any use of metaphor or analogy around them has led to intense ribbing :-). Needless to say, this was not what I intended…
What I intended was to point out that most of the time folks in the technology business, in particular, seem to use metaphor and analogy for one of two less-than-noble reasons: because it makes a good rhetorical device, or because they're trying to reason about something they don't really understand.
My favorite illustration of both problems is provided by the usual bad analogy for login security: "A password prompt is like a lock on the door of your computer." OK, there's a vague resemblance there. There's also a million points of disagreement. I don't think I've ever seen this analogy used except by (i) folks who are trying to persuade others that the penalties for physical breaking and entering (at minimum) are perfectly applicable to bypassing a password prompt, or (ii) folks who just don't understand anything about login security and want a comforting analogy that makes them think they do. In my experience, the (ii) crowd is much smaller on this one, and consists mainly of attorneys.
"But what's wrong with the analogy?" Hmm, where to start? The heck with it. Why should I waste my time explaining and yours reading? If you can't or won't enumerate at least three important differences between a password and a doorkey in 30 seconds, you shouldn't be reasoning about computer security in public until you've educated yourself better and/or developed a conscience.
We don't do this in medicine. We use analogy and metaphor, certainly: "a cold virus is like an army invading the body." Smart people, however, don't assume that the metaphor extends, and is useful in reasoning about cold treatments. "We need to introduce another virus into the body, so the two armies will battle it out. While they're distracted, we'll drink cement, forming an impenetrable wall between the invading armies and our bodies."
This is not metaphorical thinking; it is magical thinking. One of the key ideas of magical reasoning is that operations on the model have effects on the thing modeled. This is how "voodoo dolls" are supposed to work. Real science is not voodoo. Metaphors may provide a starting point for understanding and explanation, but a real scientist makes sure the system drives the metaphors, and not the other way around.
At a Usenix ATC some 20 years ago, I remember some well-known person (Tom Duff, if I recall correctly) standing up in the middle of some heated debate on computer security and calling for "an end to the analogy wars". It's a deeply ironic statement, if you think about it. It also has become a life goal of mine. Metaphor and analogy have their place. In my opinion, that place is not as a powerful tool for reasoning about system behavior—except maybe for the magi. (B)