10 Immutable Laws of Security

The Laws Are

Law 1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore

Law 2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore

Law 3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore

Law 4: If you allow a bad guy to upload programs to your website, it’s not your website any more

Law 5: Weak passwords trump strong security

Law 6: A computer is only as secure as the administrator is trustworthy

Law 7: Encrypted data is only as secure as the decryption key

Law 8: An out of date virus scanner is only marginally better than no virus scanner at all

Law 9: Absolute anonymity isn’t practical, in real life or on the Web

Law 10: Technology is not a panacea ( The Greek goddess of Healing)

Don’t hold your breath waiting for a patch that will protect you from the issues discussed above. It isn’t possible for Microsoft—or any software vendor—to “fix” them, because they result from the way computers work. But don’t abandon all hope yet—sound judgment is the key to protecting yourself against these issues, and if you keep them in mind, you can significantly improve the security of your systems.

Advertisements
Posted in Security. Tags: , , . 1 Comment »

One Response to “10 Immutable Laws of Security”

  1. mbt Says:

    You do not have to change any settings at this point.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: