I <3 Steve McConnell*
Coding Horror
programming and human factors
by Jeff Atwood

September 13, 2005

The Six Dumbest Ideas in Computer Security

Marcus Ranum, the inventor of the proxy firewall, brilliantly condenses why many security efforts are doomed from the start: they fall prey to the The Six Dumbest Ideas in Computer Security :

  1. Default Permit
    Also known as "on by default". This one is huge, and it alone is why the phrase "Windows security" was such an oxymoron for so long. The good news is that Microsoft's new policy of "off by default" that kicked off with Windows Server 2003 is really working.
  2. Enumerating Badness
    This is why blacklists are, and always will be, a bad idea. They're OK in helper roles for spot fixes, but as a primary means of defense, they are fatally flawed.
  3. Penetrate and Patch
    Security starts from the inside, not the outside. No amount of patching will fix a fundamentally bad security design. Should you be patching-- or rearchitecting?
  4. Hacking is Cool
    It is interesting that society considers spammers "sleazy con artists" yet hackers are "whiz kids". I think it has a lot to do with the financial motivations behind the crime. Maybe as hacking becomes more strongly associated with flat-out stealing, this will change.
  5. Educating Users
    A security system that fails to assume users are fallible and weak by default is destined to fail spectacularly. Education, at least when used as security spackle, doesn't work.
  6. Action is Better than Inaction
    You can always recognize the pioneers from all the arrows in their backs. Progress is good, but careful progress is even better. Always do your homework before jumping on any bandwagon.

That's the condensed Reader's Digest version, but I highly recommend reading the rest of the article.

While we're on the topic of security, TristanK has an interesting rant on keyloggers. I think it's a myth that you can protect yourself from the client PC anyway-- the client is always suspect. That is, until client PCs start looking a lot more like Xbox 360, where you have to solder a modchip on the motherboard to run custom software.

Posted by Jeff Atwood    View blog reactions

 

« PDC05: I'm only there for the chicks. Is UI still in the stone age? »

 

Comments

Agreed. Even then, the problem is that you need to trust *something* to gain utility from it, but a client is never a good thing to be trusting. Mitigate, mitigate, mitigate, mitigate.

TristanK on September 13, 2005 02:36 AM

Hacking is cool! I don't agree with that statement but I also don't agree with the reason.
"Maybe as hacking becomes more strongly associated with flat-out stealing" - Isn't that a complete opposite of what hacking really is...what your referring to is "cracking". Hacking is the fulfillment of a voyeristic need is some individuals...cracking is the necessitation of theft and jailtime in a pound-you-in-the-ass prison.

:-)

Sushant Bhatia on September 13, 2005 12:37 PM

And Tristan, how did I miss your link to "The Ten Immutable Laws of Security"?

http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx

Jeff Atwood on September 14, 2005 01:47 AM

In fact, hacking IS cool. It's the hackers who push the systems they have access to that find the really detailed holes in security. If there were no hackers, pushing the limits of software, who would find out about exploits before they got exploited?

Lytri on September 21, 2005 08:00 PM







(hear it spoken)


(no HTML)




Content (c) 2008 Jeff Atwood. Logo image used with permission of the author. (c) 1993 Steven C. McConnell. All Rights Reserved.