The real experts will likely spend a bunch of time correct popular misconceptions, which the fakers may subscribe to. By contrast, the fakers will generally not bother “correcting” the truth to their fakery, because why would they? They’re trying to sell to unreflective people who just believe the obvious-seeming thing; someone who actually bothered to read corrections to misconceptions at any point is likely too savvy to be their target audience.
This seems to rely on the fakes knowing they are fakes. I agree that is a problem and your heuristic useful but I think we (non-experts) are still stuck with the problem of separating out the real experts from those that mistakenly think they are also real experts. Those will likely attempt to correct the true security approach according to their mistaken premises and solutions. We’re still stuck with the problem that money doesn’t get the non-expert client too far.
Now, you’ve clearly been able to reduce the ratio of real solution to snake oil so moved the probabilities in your favor when throwing money at the problems but not sure just how far.
It seems like “real expert” is here used in two different senses. In the one sense there’s an expert is someone who spend their 10,000 hours of deliberate practice and developed strong opinions about what’s the right way to do things that they can articulate. That person will likely have convictions about what public misconceptions happen to be.
In the other sense being an expert is about an ability to produce certain quality outputs.
You can tell whether a person is an expert in the first sense by seeing whether they try to correct your misconception and have convictions about what’s the right way to act or whether the person just tells you what’s popular to say and what you want to hear.
I assume that is directed at my comment but not certain. The point I am making is that even after eliminating “the person just tells you what’s popular to say and what you want to hear.” you still have the problem of some of the remainder will be experts than understand the subtleties and details as they apply to your specific needs from those that don’t.
The heuristic about how they present their sales pitch are ” leaky filters” as the OP notes and I’m not entirely sure we understand how far they actually move the probabilities for actually getting the expert rather than the mediocre ( knows all the theory and terms and even has a good idea of how they all relate but just does not actually get the system as a whole or perhaps is just to lazy to do the work).
For those pushing these specific heuristics, is there any actual data we can look at to see how effective they are?
This seems to rely on the fakes knowing they are fakes. I agree that is a problem and your heuristic useful but I think we (non-experts) are still stuck with the problem of separating out the real experts from those that mistakenly think they are also real experts. Those will likely attempt to correct the true security approach according to their mistaken premises and solutions. We’re still stuck with the problem that money doesn’t get the non-expert client too far.
Now, you’ve clearly been able to reduce the ratio of real solution to snake oil so moved the probabilities in your favor when throwing money at the problems but not sure just how far.
It seems like “real expert” is here used in two different senses. In the one sense there’s an expert is someone who spend their 10,000 hours of deliberate practice and developed strong opinions about what’s the right way to do things that they can articulate. That person will likely have convictions about what public misconceptions happen to be.
In the other sense being an expert is about an ability to produce certain quality outputs.
You can tell whether a person is an expert in the first sense by seeing whether they try to correct your misconception and have convictions about what’s the right way to act or whether the person just tells you what’s popular to say and what you want to hear.
I assume that is directed at my comment but not certain. The point I am making is that even after eliminating “the person just tells you what’s popular to say and what you want to hear.” you still have the problem of some of the remainder will be experts than understand the subtleties and details as they apply to your specific needs from those that don’t.
The heuristic about how they present their sales pitch are ” leaky filters” as the OP notes and I’m not entirely sure we understand how far they actually move the probabilities for actually getting the expert rather than the mediocre ( knows all the theory and terms and even has a good idea of how they all relate but just does not actually get the system as a whole or perhaps is just to lazy to do the work).
For those pushing these specific heuristics, is there any actual data we can look at to see how effective they are?