The 6 Dumbest Ideas in Computer Security

Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good
ideas. They're the braindamage that makes your $100,000 ASIC-based
turbo-stateful packet-mulching firewall transparent to hackers. Where
do anti-good ideas come from? They come from
misguided attempts to do the impossible – which is another way of
saying “trying to ignore reality.” Frequently those misguided attempts
are sincere efforts by well-meaning people or companies who just don't
fully understand the situation, but other times it's just a bunch of
savvy entrepreneurs with a well-marketed piece of junk they're selling
to make a fast buck. In either case, these dumb ideas are the
fundamental reason(s) why all that money you spend on information
security is going to be wasted, unless you somehow manage to avoid

For your convenience, I've listed the dumb ideas in descending order
from the most-frequently-seen. If you can avoid falling into the the
trap of the first three, you're among the few true computer security

Great article by Marcus J. Ranum.


Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s