Tuesday, 15 March 2005

There's a excerpt from a yet-to-be released book by Jesper Johansson and Steve Riley available to read online. The article, entitled "Security Myths," it takes a look at some of the security shortcomings typical to use of security guides and reliance upon following a predefined set of steps without looking at the whole picture. It's a great lesson in how to look at things, rather than how to follow prescriptive

This section is somewhat (OK, very) cynical. Take it with a grain of salt and laugh at some of the examples we give. Do not lose sight, however, of the message we are trying to get across: These are myths. If you are careful to avoid falling into the trap of believing them, you will be able to focus your efforts on the things that make a real difference instead of being lured like so many others into staring at a single tree and failing to see the security forest.

So what are the myths? Well, for the details go read the article, but at a high level...

  • Myth 1: Security Guides Make Your System Secure
  • Myth 2: If We Hide It the Bad Guys Won’t Find It
  • Myth 3: The More Tweaks the Better
  • Myth 4: Tweaks Are Necessary

Add/Read: Comments [0]
IT Security | Tech
Tuesday, 15 March 2005 17:54:10 (Pacific Standard Time, UTC-08:00)
#  Trackback

Referred by:
http://search.daum.net/ [Referral]
http://www.stumbleupon.com/su/ [Referral]
Comments are closed.