Linked by Eugenia Loli on Wed 8th Dec 2004 20:48 UTC, submitted by Nicholas
Editorial I just spent the last several days reading the lengthy essay "Ying and Yang of Security" which explores the origins of security on the personal computer and explains why the current models are outdated. It seems to argue that security systems designed to keep the system safe are relics of the days of mainframes when the system was more important than the user, but for a personal computer the user is more important than the system.
Permalink for comment
To read all comments associated with this story, please click here.
Features, automation, and choice lead to security issues...
by Anonymous on Thu 9th Dec 2004 03:55 UTC

Add complexity to any system and it will be more likely to fail.

That one rule is the main reason the computers on NASA's space shuttle are largely unchanged -- and are dwarfed by the laptops the crew uses -- while the software running on those comparitively simple computers is as perfect for the task of running the shuttle as humanly possible.

Features added to an operating system are added complxity. Having the software guess your intent also adds complexity. Having to make a decision also adds complexity.

Security holes are only one form of defect caused by complexity.

Yet, we want these complex systems. To handle the negitive impact of complity, make the system less integrated, more modular, and isolate the modules from each other.

Without these steps, you get hijacked systems spewing out spam, malware infestations, identity theft, cats living with dogs (er...maybe not the last one).

Security is difficult on any system. It takes hours not minutes unless you're well prepaired. Security is not a magic pill found in a boxed tool or a fix pack. Microsoft doesn't help with the way they have Windows configured by default. There is no balence between security and features.

The attitude some have here is that the admins are overreacting. Unfortunately, it's really bad out there...if not, why use anti-virus, anti-spyware, 3rd party firewalls and other tools? These tools *AREN'T SECURITY*. They are extra complexity -- needlessly bothering the user, zapping processing power, and occasionally causing problems of thier own.

Here's something simple to consider;

http://www.beyondlogic.org/solutions/trust-no-exe/trust-no-exe.htm

It's not perfect and is not magic. It's just a tool to use if you can't be bothered with all this scarry or senseless security talk.