Did you just want to voice your opinion and find my comment relevant enough to serve as a place to hang it, or did you mean that as a response to what I wrote? I don't think I substantively disagree, although I think Norvig's claim is often read (not sure if intended) slightly stronger than is merited. I would also note that the list does not seem to be restricted to "security professionals", but to all those interested in learning about the topics in the list I quoted above. I broadly agree with the thesis that Design Patterns doesn't fit that mold particularly well.
(In general, I find it a recurring problem on HN - and to some degree similar fora - that I am not sure what conversational role a poster intended their comment to serve; I wonder if there is a good way to address that...)
I was chiming in on support of I suppose if the system you're reverse engineering made substantial use of GoF design patterns, familiarity with them would probably help, but that seems a little bit of a stretch and to clarify my opinion about the 'tptacek comment pointing out a common vulnerability (sql injection) and how GoF doesn't really addresss it.
And we could discuss I think Norvig's claim is often read (not sure if intended) slightly stronger than is merited quite a bit. I might go the other way, as I think Norvig is really quite gentle in making his points.
So not disagreeing with your comment, and perhaps I did hang my comment on the wrong post.
Regarding GoF, I think having more well-known constructs to reference can provide some value even when those constructs are motivated by overcoming limitations that may not be present in a given context. Picking more broadly useful constructs will provide more value, but you may or may not be able to get there from here, and certainly (perhaps unfortunately) enough people still find themselves coding in contexts where GoF patterns can be directly useful.
(In general, I find it a recurring problem on HN - and to some degree similar fora - that I am not sure what conversational role a poster intended their comment to serve; I wonder if there is a good way to address that...)