Bruce Schneier writes (Crypto-Gram, October 2003):
Small events can have large consequences. To me, the moral of this very funny webpage is that you shouldn't base public policy on what's possible; you should base it on what's likely. Much of the security changes post 9/11 indicate that few really understand this moral.I think the same spirit applies to POSIWID. If we base POSIWID on everything a system happens to do just by chance, we generate too many purposes, some of them rather silly. But if we base POSIWID on what the system systematically does, then we may generate some useful insights.