You mean calling the adversary Mallory? Yes, this is standard. The term mallory-in-the-middle is not, as you can confirm with one Google search. There's barely anyone using this term, and nobody was using it 4 years ago.

At first, I thought that Mallory-in-the-middle was some special type of man-in-the-middle attack. In crypto, Mallory is a very specific type of adversary (active one, I think).

Mallory is used to refer to active network exploitation (as opposed to Eve, who is passive). "Mallory-in-the-middle" is a great term that actually makes the attacker capabilities more clear and should already be understood by people with relevant context. The default "let's remove gendered terms" approach would be "person-in-the-middle."

Most MITM attacks that we care about are active attacks (hence Mallory.) An eavesdropper-in-the-middle attack would just be the standard attack setting, not an MITM. For those who are experts the term is “MITM” and I don’t care what the first M stands for.

While Mallory-in-the-middle is certainly less-common as a term, Mallory is most strongly associated with active-MitM examples, and vice-versa.

> There's barely anyone using this term, and nobody was using it 4 years ago.

At my employer (security consultancy in Germany), we switched ~two weeks ago from "man" in the middle to "machine" in the middle as expansion for the MITM acronym. Mallory is also a good option, although more known to cryptographers than our mainly developer audience (who might have more of an idea what a machine is than a Mallory). It's all not perfect but we're figuring this out. Yes, neutral gender writing is indeed relatively new and won't be much on web searches. Apparently some others use AiTM for attacker in the middle (yes, with that capitalization), which most people hated and voted against (because capitalizing the The but not the in looks dumb and, also, everyone already knows mitm so that change harms readability even more). It'll be a while before the community settles on something and "man" is not the most commonly known one. Bear with us until then!

It's hard not to write this entire exercise off as a dumb game of woke semantics.

Especially in Germany, albeit with an outsider's perspective, I would say it's very clear how relevant it is how you speak of persons. There is no commonly accepted 'singular they' and e.g. 'teacher' is always male (you'd have to say 'teacheress' or 'teacherin', not sure how to translate it, and so what people do is say both every time they refer to any teacher/in).

When always having to gender every word, not being inclusive has a measurable effect. There are enough studies that show the effects of listing genders alongside job listings that are typical/historical male or female jobs, also in other languages with less gendering. English is a lot better as a language, in my opinion, but still if you say "he" when referring to the aforementioned "doctor" when, really, it could be a doctor of either gender using the patient portal, you are still reinforcing a bias.

I don't think it's unnecessary to include the other half of the population in general writing, even if nobody has studied the effect of a "man in the middle" specifically. There's enough evidence elsewhere so that we might as well just switch things over at hardly any cost of change and no cost at all afterwards.

The change of terms itself, or the people getting so riled up about it?

> which most people hated and voted against

Was there voting about these things? Who got invited to vote?

People just speak out for or against things in the chat. Manner of speaking, not an official ballot voting system.

And to be clear, nobody was against being more gender neutral, just in favor of machine in the middle over attacker in the middle.

I'm not saying this way of gathering people's opinions is completely useless, but it has big flaws. Being against this sort of feminist initiatives can get you labeled all sorts of things in the best case, and cancelled in the worst case.

It's like making a poll in Russia about whether citizens support the invasion of Ukraine or not, when saying you don't like it is a criminal offense that can get you in jail. "I just went out and asked some people on the streets of Moscow whether they support bombing of Ukraine, nobody said no while a couple of them said yes, so they must really like that."

This change wasn't an organised discussion but casually came up while writing a report: the writer changed the acronyms template text (for this report) from MITM to AiTM, he let the team know and asked whether the upstream (company-wide) template should be changed also. That sparked alternative suggestions like Machine instead of Attacker and we ended up going with that. It wasn't intended to be formal and vote-like. I'm not sure setting up an anonymous vote (on some third party system to avoid being able to see server logs) is feasible every time something like this comes up.

How would you say we could do better? I'm definitely open for ideas if there are feasible methods. (And if it's not a "feasible" method for this one-off, then it might still be a good thing for more general / organised opinion gathering.)