General discussion

Locked

The Six Dumbest Ideas in Computer Security

By jdclyde ·
This came in a security newsletter I recieve. I read it and some of the ideas I thought were pretty obvious to me, yet some others made me have to think about them for a while as they are counter the conventional "wisdome" about computer security.

"Marcus Ranum released any interesting editorial entitled "The Six Dumbest Ideas in Computer Security." He gives his views on common security misconceptions that seem to be perpetuated throughout corporate IT environments. You can read this and other editorials at:
http://www.ranum.com/security/computer_security/editorials/dumb/"

After reading this, what is your take? Are we just chasing our tails so vendors can continue to make a profit?

Is this approach something that you use, or could use?

This conversation is currently closed to new comments.

127 total posts (Page 5 of 13)   Prev   03 | 04 | 05 | 06 | 07   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Sad but true

by jmgarvin In reply to And the reason for this

I've really pushed my students to learn *nix. They typically know Windows inside and out (sometimes they are even Win sys admins and have a good grasp of admin concepts, but don't quite "get" it)

Windows is pushed as the market leader, but after Zotob and Mytob, it seems there is a backlash in the "MS can cure all" management mentality.

Collapse -

actually

by Jaqui In reply to And the reason for this

I would say it's ms trying to save advertising money.
if the "Techs" are going to sell their products to the companies they work for they can target advertising to areas they have not gotten a significant market share in, or want to increase their share in.

the real problem is that mc* is a meaning less cert.
just as RH* is.
vendor specific training is a waste of time and money.

Collapse -

yep..

by shadowpassword In reply to Bad cooks as well as too ...

I was wondering if I was the only one who felt like that after reading that article.

Collapse -

The good ol' days

by computer_chick In reply to Kindred spirit

"One of the great design elements of my beloved DEC VMS operating system..." Ah, yes, the good ol' days of mainframes with software that actually worked! Remember how fun IT was BEFORE you had to worry about someone hacking your system?

Collapse -

Garden of Eden...NOT

by BHunsinger In reply to The good ol' days

Might I gently remind you that the first security breaches ere on Unix (gasp) I believe the books name is The Coocoo's Egg.

Collapse -

Pull the plug?

by Dr Dij In reply to The good ol' days

disconnect from the internet? that's why they're being hacked. companies want their sales people to be able to dial in from Starbucks.

you let people from Bulgaria and China ping your firewall, when there is no reason for them to ever connect if you have no customers there.

Collapse -

The good ol' days

by computer_chick In reply to Kindred spirit

"One of the great design elements of my beloved DEC VMS operating system..." Ah, yes, the good ol' days of mainframes with software that actually worked! Remember how fun IT was BEFORE you had to worry about someone hacking your system?

Collapse -

Easy to use as a TV

by wdewey In reply to Kindred spirit

I almost need a manual to decypher some newer TV remote controls. Computers and software are extremly complex and that complexity requires knowledge and understanding to use. I don't think computers could ever have been as easy to use as the older TV or telephone systems were because computers are simply 1,000 times more complex.

Bill Dewey

Collapse -

I like how he thinks, however...

by gralfus In reply to The Six Dumbest Ideas in ...

I'm not sure I see the difference between patching and keeping an antivirus up to date. He rails against patching a system (to defeat exploits), but goes on to say in another article that he has his antivirus product update itself automatically. This is very similar to a patch (since the AV wouldn't be able to protect the system without it), but I don't know a way around it outside of having a bubble-boy computer that isn't attached to the internet and has no removable media. I suppose he could argue that we don't have a good antivirus system, since they all continually need updates.

I really do like the way he thinks. He bypasses the standard arguments and looks at the underlying assumptions.

Collapse -

I think his point about patching

by jdclyde In reply to I like how he thinks, how ...

is that if a system is written correctly in the first place, it would not REQUIRE several patches a month, every month, for the life of the package.

When after all this time, MicroSoft still refuses to do a good job of handling limited permissions by default for a home system. The Admin by default config is directly to blame for the vast majority of the windows exploits out today. And if you DO create a limited account, it often can't do half the tasks you need it to do as an end user unless you have LEARNED how to MODIFY the permissions.

A limited user should be able to run any program that does not change the system, but that generally is not the case.

Back to Security Forum
127 total posts (Page 5 of 13)   Prev   03 | 04 | 05 | 06 | 07   Next

Related Discussions

Related Forums