diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Jun092011

TechNet Wiki: Ten Immutable Laws Of Security V2.0

Microsoft Security Response Center, investigate thousands of security reports every year.

“In some cases, we find that a report describes a bona fide security vulnerability resulting from an issue in one of our products; when this happens, we develop a corrective update as quickly as possible. In other cases, the reported problems simply result from a mistake someone made in using the product, or our investigation finds a problem with the product that, while troublesome for users, does not expose them to a security vulnerability. But many fall in between. They are genuine security problems, but the problems don’t result from product flaws,” stated MSRC.

Over the years, we’ve developed a list of issues like these that we call the 10 Immutable Laws of Security.

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it’s not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn’t practically achievable, online or offline.
Law #10: Technology is not a panacea.

Read the complete article in details below:

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...