Journal Frater 219's Journal: Security is like the Tao. 1
The antivirus model, the software firewall model, and to a certain extent the NIDS model, are all built on the precept that running more software can make your system more secure, provided that it is the right software. If only you buy the right product -- install the right virus definitions file -- do the right upgrade, your system will be secure. Meanwhile, systems keep getting cracked and worms keep spreading.
"I eat lots of diet food, but I'm still fat." "I install all these security programs, but I still get cracked."
The insecurity of Windows default installs is not due to their well-known failure to install sufficient security features. It is due to their quiet installation of an excess of insecure features.
If you are in a position to need antivirus software, your problem is not viruses. If you are in a position to need a rootkit detector, your problem is not rootkits.
"Best practices" cannot improve "worst design".
When you receive virus spam in your email, do not blame the idiot who clicks on attachments. Do not blame the asshole who writes viruses. Neither of them put the feature to execute active content in the idiot's email program.
The Tau of Security (Score:1)