Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

9/29/2005

Six Dumbest Computer Security Ideas

Filed under: Advice from your Uncle Jim,Criticism, Marginalia, and Notes,Geek Work,The Dark Side,Things to Read — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:39 am for you boring, normal people.
The moon is Waning Crescent

Actually, to anyone in the business, these should be pretty obvious.
Of course, I about read this article on Slashdot, but the Six Dumbest Computer Security Ideas is still worth checking out. I say “still” because getting computer security advice from Slashdot is like getting advice about home alarm systems in the waiting room at a prison. The “real” crooks are somewhere else, but everyone claims they “know someone” and, therefore, have insight. Still, the article is pretty good.
I’m not sure that I agree with point five “Educating Users”. I still that that’s a good idea, but I sure wouldn’t rely on it, mainly because so many users don’t want to be educated about computer security. And, I have to admit feeling a little conflicted about some of the issues raised in point four “Hacking is cool”. Sure, I don’t think we should glamorize hacking so much, but how else am I going to know that my security works if I don’t do penetration testing on it? It’s like a backup, as far as I’m concerned. Until I’ve restored data (ie. test my backup scheme), I don’t know that it’s working. Same thing for my security scheme. Of course, spending a lot of time perfecting those penetration skills probably isn’t the best idea, either.
Anyway, it’s a good article and worth the read if you do any of this at all in your job. Pay close attention to the “Minor Dumbs” at the end, too.


Advice from your Uncle Jim:
"In times like the present, men should utter nothing for which they would not willingly be responsible through time and eternity."
   --Abraham Lincoln


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.