Attractive nuisance technologies

I’ve come across a situation in software recently that we should repurpose the term attractive nuisance to describe.

An example in the software world is global mutable state like Go’s DefaultTransport. Experts haunted by the memories of broken networking know to stay away.

In common law, an attractive nuisance is a dangerous object that’s both accessible and desirable to children that you can’t expect the children to understand the danger of. Examples include swimming pools, vehicles, wells, and tunnels.

For software, we could define an attractive nuisance technology as a tech that:

  1. Is attractive to amateurs because
  2. it’s easy to use,
  3. it produces an apparently desirable outcome, and
  4. has danger that isn’t apparent without an expert understanding.

Other examples I’ve run across in my career:

  • PDFs being used as a security measure because “they can’t be altered”.
  • DDNS being used to set up mail servers on home networks.
  • TensorFlow’s pretrained models being used by people who didn’t understand an F1 score or confusion matrix.
  • Docker being used as a security sandbox.

These technologies have gone through great lengths to be accessible, so it’s not unreasonable to expect amateurs to use them even when it’s for the wrong reasons. Like responsible pool owners, we should put up fences when there are dangers that amateurs are unlikely to catch. If we don’t, we all pay the price.