The Six Dumbest Ideas in Computer Security

Discussion in 'other security issues & news' started by Hungry Man, Jun 18, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    This is the part I'd like to point out. I have been saying this forever -- common sense is not a practical security method and developers need to understand this. You can not expect anyone to have learned about computer - if they were going to they would have already.

    http://www.ranum.com/security/computer_security/editorials/dumb/

     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    On its own it maybe not effective method (not sure if anybody purely depends on it) but coupled with desire to learn and listen, very effective. And if only developers used common sense when developing...
     
  3. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    With specific regard to email from "other" banks, there is always the possibility that you've experienced ID theft and the culprit has opened a bank (or other) account using your credit rating, and run into problems with that other bank.

    But of course since no bank I ever heard of uses emails for such communication, you can pretty well guarantee that any such message is phony and a phishing attempt.
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I would argue that common sense is the most practical security method. I would argue that till the day I die. I know too many uneducated "noobs" who have a lot of common sense that manage to stay relatively problem free simply because they exercise thier common sense. And on the same token I know quite a few who have a bit of education, but have many problems yearly, because they don't have any common sense at all!

    Don't confuse common sense with knowledge or expertise, they are wholly different. Common sense is hard to learn, and usually only taught at the "Univeristy of Hard Knocks". I think what this article is saying is that you can educate users, but if they lack common sense, they lack a lot of the needed abilities to apply the education.

    Sul.
     
  5. wat0114

    wat0114 Guest

    Sully, very nicely put and I agree with you :thumb:
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That describes most of the users I encounter. At times, it seems like the more "knowledgeable" people get, the less sense they have. At one time, sense was truly common. Anymore, it's in danger of becoming extinct.

    Been sending links to that page around for years. Used to be my signature.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The idea of common sense being necessary for security is probably the reason we have so many security issues. Programs should be built to be secure from the start -- the burden of security should never ever lie on the end user.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That's a lot of the idea behind how I've set my PCs up. Other users won't be asked to make decisions and do not have the ability to install or remove anything, run anything unknown to the system, and can not change any critical settings. That's why I don't mind letting someone else use them when they need to.
     
Loading...
Thread Status:
Not open for further replies.