Phone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Thycotic shifts the language used in products and materials to promote inclusivity

mm

Written by Erin Duncan

August 27th, 2020

This moment in 2020 is a flashpoint in time. We hear calls for a number of changes to address the current political and cultural climate.  As a security software company, our engineers have seen a lot of discussion around the use of terminology in technology that may be perceived as racist. Is it appropriate to use the terms master and slave? Is it appropriate to say blacklisting and whitelisting? This conversation is not new, but there is a greater willingness to make changes to terminology perceived as racially or otherwise offensive.

The history of non-inclusive terms in technology and other industries

The “master and slave” paradigm in computing is a process that controls another or primary and secondary hard disk drives. The terms are also used in other industries. In 2008, Ron Eglash, an associate professor then at Rensselaer Polytechnic Institute, now at the University of Michigan wrote an essay on the history of the “master/slave” terms in scientific, technical, and technological fields. Based on his research, the terms first appeared in astronomy in 1904. We then begin to see these terms used in technology in patents filed beginning in 1946.

Another term set that is currently under scrutiny is whitelist, blacklist, and greylist. In an article on predatory publishing, authors Frank and Sharon Houghton stated:

“The racism in such “black is bad, white is good” metaphors is inappropriate and needs to cease. The black-white dualism explicit in these binary terms is often associated with Western thinking that is usually traced back to the work of Rene Descartes.”

Dictionary research shows that these terms show up in the 16th century but weren’t used in technology until the mid-20th century.

In 2003, Los Angeles County required hardware suppliers not to use the “unacceptable” terms and to find alternatives to master and slave.

The IETF (Internet Engineering Task Force) published a memo in 2018 acknowledging and outlining the problem and offering specific alternatives to both master/slave and blacklist/whitelist terminology.

The path forward: inclusive language

A number of companies have started announcing their removal of these types of terms. Twitter, GitHub, Google’s Chromium web browser project, JPMorgan, the UK National Cyber Security Centre (NCSC), among others, have all recently shifted language that could potentially be perceived as racial, gendered, and/or abled terms to more inclusive language.

Here are some from Twitter’s engineering division list:

Avoid non-inclusive language

Prefer inclusive versions

Whitelist

>

Allowlist

Blacklist

>

Denylist

Master/slave

>

Leader/follower, primary/replica, primary/standby

Grandfathered

>

Legacy status

Man hours

>

Person hours, Engineer hours

Sanity check

>

Quick check, confidence check, coherence check

Dummy value

>

Placeholder value, sample value

Along with these organizations, Thycotic is removing certain language from our codebase and all materials related to our software. As such, Thycotic will no longer use the terms whitelisting, blacklisting and greylisting.

What terms have replaced whitelisting, blacklisting and greylisting?

Whitelisting is now allowing or allowlist

Blacklisting is now deny or denylist

Greylisting is now restrict or restrictlist

Where will we see changes?

The product where these terms were most used was Privilege Manager. In future releases,  we will remove those terms from both the interface and the code. We are also working to remove the terms from our documentation and marketing materials.

Additionally, we have shifted the Secret Server feature called SSH Command Whitelisting to SSH Command Control. We will continue to work to remove these terms, and others as we discover them, from both product materials and code.

 

Subscribe to Thycotic's YouTube Channel

Subscribe to Thycotic's YouTube Channel

Check out our new PAM products, demos and more.

 

Like this post?

Get our top blog posts delivered to your inbox once a month.

SHARE THIS