I’ve got an unusual topic to discuss today – art history.
You may be wondering “Um, why are you talking about art history on a blog about cybersecurity?”
To which I reply “It’s my blog and I like writing about what I want to write about.”
So, without further ado, let’s talk about art.
* * * * * * * * * * * * * * * * *
A few weeks ago, for some reason I don’t fully understand, I started learning about European art history. My entire life I had zero previous interest in learning about the history of art. Sure, I enjoyed looking at images and I knew what I liked, but I couldn’t have cared less about the story behind it.
But then I read about a book about European history and art. I didn’t think I would care about the art part, but I did. In fact, I soaked it up like a sponge and I’ve been reading about it and watching YouTube videos (some on Khan Academy) a lot of the past few weeks.
I’ve noticed how my opinions have changed, even over the past few weeks. I used to not understand modern abstract art, and I thought it was stupid. Now I still don’t understand it but, but I no longer think it’s stupid.
So why study it at all?
I study it because it teaches me to be a good observer. Why do I like what I like? what details did the artist put into the picture? And why did he or she do it? Before, I couldn’t have told you. And I still can’t… not entirely, but I’m better than before. But by observing and paying attention to the details in a painting, it trains me to observe and pay attention to the details in real life. In many of my features that I work on (such as automatic DKIM key rotation) I had to pay attention to the details in implementation. I do that for many of my features. One influences the other.
Thus, I study art to get the context of a painting, as knowing the full context trains me to be a better observer.
Below is a picture entitled The Third of May, a painting by Francisco Goya of Spain, completed in 1814.
You can see the original here.
Now, before when I was just looking at the painting, I’d say “Hmm, well that seems interesting” and gaze at it for 10-15 seconds and then move on. But no more. What do I notice now?
(Before I continue, I am cheating. This is one of the paintings they analyze on Khan Academy so I am remembering this off the top of my head).
First, it’s important to understand the context. During the Napoleonic era, France had invaded Spain. Some Spanish rebels led a resistance and the next day, the French military put down the revolt. This painting commemorates that, and it is the time period in which the painting takes place. It takes place on May 3, one day after the rebellion.
The next thing I notice is the structure of the painting itself:
- It’s painted with depth. Prior to the Renaissance, paintings were “flat”, that is, in two dimensional space. You can go here for an example (I’m not putting the picture here because I don’t want to divert attention away from the focus of the above picture). By contrast, in this painting, we can see the town way off in the background in three-dimensional space, the artist is using a technique to give depth that was popularized during the Renaissance.
- The soldiers on the right are depicted in the shadows while the victims being executed on the left are in the light.
- The victims on the left of the painting are also trapped in front of a hill. There’s no where for them to run.
- The scene is depicted as taking place at night.
Next up is the social commentary that the artist is making:
- The perpetrators in this scene are shown without their faces visible, a common motif in art to depict aggressors, a lot like this.
- The look of fear is evident on the man whose arms are in the air. However, the artist is depicting him not as a victim in retaliation for leading or participating in a rebellion, but as an innocent victim – either he wasn’t involved or he was involved but the cause he was leading was a just one.How do we know?
First, the man is dressed in white which is a another motif of innocence that is common in art.
But second and more important, the man has his arms up in a pose that you would see on the image of Christ that you would see on crucifix. The theme in the Christian story is that Christ was an innocent sacrifice who was unjustly executed by an oppressive regime.
And third, to cement the fact that Goya is drawing an exact parallel between the innocent Spanish resistance and that of the innocent Christ, if you look close-up on the palms of the man with his hands in the air you can see “holes” in the palms of his hands. This is similar to the image of Christ with holes in the palms of his hands on the crucifix.
Thus, it is clear from the picture of the innocent man in the Christ-like pose that Goya is drawing a parallel between the Spanish resistance and the French putting it down, likening it to a justifiable movement where the ringleaders were sacrificed unfairly.
* * * * * * * * * * * * * * * * * *
All of that analysis wouldn’t have been possible without learning about art history, and now whenever I see a picture I try to look at it and do a quick analysis (actually, it goes pretty slow because I have to consciously analyze it).
As you can see, this doesn’t exactly map to cybersecurity which is much more deterministic in some things, but paying attention to detail matters – maybe even more so. But the one thing that does map is understanding the context of a technology. Just as how I wouldn’t have been able to appreciate the painting above without knowing the historical background of when and why it was painted, it’s important to understand the context of why spam filters push features like SPF, DKIM, DMARC, antispoofing, threat intelligence, and so forth.
Every antispam technology is nuanced, too. SPF is for direct-path communication, it doesn’t work well for forwarded messages. DKIM is good for verifying the sender of the message independent of the path it took, but it doesn’t work well by itself for determining whether or not the message is spam. DMARC is good for detecting spoofing, but is hard for many domain owners to set up. Threat intelligence pushes up the signals, and then we have to interpret what it all means.
And so forth.
It’s my hope that learning about art gives me – and you – a more well rounded point of view and that what you see is often just scratching the surface of what’s really there.