Friday, December 24

The Three Laws of Security

When someone says something confusing about computer security, now you can say "I think that's just a restatement of Schiffman's second law."

  1. Locks Only Keep Out Honest People: Security measures inconvenience authorized users more than their adversaries.
  2. Ask, "Qui Bono?": The "pointless hassle" security procedure is there for a reason — only not the reason you think.
  3. Outrun the Other Hikers, not the Bear: If you're a harder target than all others equally or more attractive, you're working too hard.

No comments: