Six Dumbest Ideas In Computer Security
// September 12th, 2005 // Security & Privacy
Marcus Ranum has an article with his take on the “Six Dumbest Ideas In Computer Security”.
In short, they are:
- Default Permit – Allowing broad access by default.
- Enumerating Badness – Trying to handle the many “bad” things, rather than the few “good” things.
- Penetrate and Patch – Designed with flaw-handling in mind, rather than secure by design.
- Hacking Is Cool – Glorifying the hackers and the hacker culture.
- Educating Users – Essentially “Penetrate and Patch” for humans. Constantly having to educate users on the bad things and how to avoid them.
- Action Is Better Than Inaction – Cultural idiosynchracy that convinces us we have to “do something now” and be an “early adopter” rather than pausing and thinking and letting someone else walk the new technology minefield first.
Here here.
Read more at Marcus Ranum’s site.
One Response to “Six Dumbest Ideas In Computer Security”
Leave a Reply
My videos. Featured videos.
- adrienne said: Please don't move to durango!!!! We miss you guy...
- Hugh said: Absolutely the best dentist I know - way above any...
- Matt said: @Joel - Actually I already had comp tickets thr...
- Joel Prunty said: Thanks for the plug on our event coming to Dallas ...
- Georgina Echols said: Congratulations on the Gold Medal Vincent....You m...
- Matt said: More evidence of the US Patent office run-amok... ...
analytics
baseball
books
business
conferences
development
dog
dogs
environment
Family
family travel
food
funny
graphics
homebuilding
hunting
jquery
media
minutiae
movies
Online Marketing
politics
privacy
productivity
programming
rails
rant
reviews
ruby
security
SEO
shooting
Shooting Sports
software
sports
Technology
terrorism
travel
video
work
[...] Security pros are constantly fighting fires in a culture of enumerating badness, which I’ve discussed previously here. [...]