Recently I was in a meeting about computer security where the presenter concluded an explanation with "…basically, it's an example of the Confused Deputy problem." For me, the term *confused deputy* vividly invoked a kind of genial befuddlement that might indeed result in a security problem.

In the world of math and computers, certain problems are typically described using personifications. The Confused Deputy is an example; this is a security breach in which the bad guy gets a trusted entity to (inadvertently) perform a task on the bad guy's behalf. I can't withdraw money from your bank account directly, but if I can get you to withdraw your own money (the bank trusts you with your own account, after all) and give it to me, then you are the confused deputy. Social engineering scams and browser-based security breaches often are examples of the Confused Deputy problem.

Another personification in computer security is the man-in-the-middle attack, where the bad guy puts himself between two parties. Unlike simple eavesdropping, the bad guy forges messages to both parties, who believe that the messages are from a trusted source and therefore willingly disclose sensitive information. MiTM attacks can be a problem anywhere there's public WiFi, like in coffee shops or libraries.

Not all personified problems are about security. Many computer students know about the Dining Philosophers Problem. A group of philosophers is around a table; each has a fork to the right and to the left. Per the problem, to eat dinner, a philosopher needs two forks, one in each hand — meaning there aren't enough forks to go around. Devising a way for each philosopher to get dinner in turn is an exercise in designing processes that depend on shared resources.

In the Byzantine Generals Problem (PDF), information comes from several sources, some of which might be incorrect or even deliberately misleading. The personification helps clarify the problem of computer systems that must work reliably in spite of imperfect input. (One of the authors actually recounted where the name came from.) A problem that can particularly affect those who work in cloud computing is that your process is slowed down because someone *else's* process on the same computer is using too much memory or processing power. This is known as the Noisy Neighbor Problem.

The programmer, entrepreneur, and blogger (also, former Israeli paratrooper) Joel Spolsky once coined his own personified problem, perhaps the only one based on Yiddish humor: Shlemiel the Painter's Algorithm. Shlemiel is hired to paint lines down a road. Each day he gets less and less done. When his boss asks him why, he says, "I can't help it. Every day I get farther and farther away from the paint can!" Spolsky's blog post (linked above) shows the programming problem that's illustrated by the hapless painter.

And then there's an infamous problem in probability studies. Let's say you're on a game show where you can choose between three doors. Two of the doors conceal goats; one conceals a new car. You choose door #1. To help you, the host now opens door #3 and reveals one of the goats. The question is this: should you change your choice from door #1 to door #2? This problem, which has vexed people for decades, is known as the Monty Hall Problem, named after a famous game-show host on American television.

The famous (infamous) Monty Hall Problem. (Source: Wikipedia)

A very well-known problem in math (specifically, in computational mathematics) is the Traveling Salesman Problem. Given a number of cities interconnected by roads, what's the most efficient route by which a salesman can visit each city once? (Seasonally speaking, there's a Santa Claus version of the problem also.)

The Traveling Salesman problem. (Source: Wikipedia)

There are other personifications as well. The Sleeping Barber Problem personifies a problem with synchronizing multiple processes. Probably many people have heard of the Prisoner's Dilemma, which is a personified version of a problem in game theory.

Personifying problems by giving them names is not just a way to keep undergraduates amused in computer or math classes. Illustrating problems using a scenario is an effective way to help people conceptualize abstract ideas. For example, the Monty Hall Problem has a formula; the formula is compact and lends itself to mathematical manipulation, but it doesn't help people — even mathematicians — visualize a problem. Similarly, you might not know what it means for a problem to have an O(n2) solution, but imagining poor Shlemiel walking back and forth to his paint bucket sure can give you a feel for the issue. And of course, putting a name on a problem — Monty Hall, Dining Philosophers, Confused Deputy — adds a mnemonic that makes it easy to recall.

In fact, when we eventually got around to documenting the feature that mitigates the Confused Deputy problem, we described the problem in the abstract, but then added a parenthetical note: "(… known as the ‘Confused Deputy' problem.)" We know that adding this little note would help at least some of our readers instantly understand what problem we were talking about. Fortunately, I doubt we'll ever have to write about optimizing routes or about the probabilities of choosing between three doors. However, if we must, we'll have a shorthand way to describe those problems as well.

## Join the conversation

## Comments from our users:

http://en.wikipedia.org/wiki/Missionaries_and_cannibals_problem