Misunderstanding Computers

Why do we insist on seeing the computer as a magic box for controlling other people?
Why do we want so much to control others when we won't control ourselves?

Computer memory is just fancy paper, CPUs are just fancy pens with fancy erasers, and the network is just a fancy backyard fence.
コンピュータの記憶というものはただ改良した紙ですし、CPU 何て特長ある筆に特殊の消しゴムがついたものにすぎないし、ネットワークそのものは裏庭の塀が少し拡大されたものぐらいです。

(original post/元の投稿 -- defining computers site/コンピュータを定義しようのサイト)

Monday, February 11, 2013

Security Tactics 1 -- Don't Be Valuable

Now that you know what you want to protect and what its value is, and you have spent some time evaluating the cost of security vs. the cost of replacement, you are ready to actually start on a tactic.

Passwords? Security systems?


The first and most fundamental tactic in security is to reduce your potential loss in the case of a successful attack.

Lemme 'splain:

I mentioned the cost of replacement when I talked about planning the costs of security in the last rant.

The absolutely best way to reduce the cost of security is to bring the cost of replacement down to zero.

If you have nothing to protect, you don't need to spend money, time, or other resources protecting anything.

Moreover, you don't care if people walk off with anything, so you basically go into a sharing mode. That reduces the motivation of many attackers, since there is nothing to steal.

Sharing is a good way to turn enemies into friends, which is another good way of reducing the number of potential attackers.

Well, if everything were infinitely reproducible, we could basically get rid of both military warfare and excessive economic competition.

Okay, it's an ideal. But it is a meaningful ideal. If you are having serious security problems, you should re-evaluate your resources, operations, facilities, etc. If there are things you don't need to protect, quit trying to protect them, and security issues disappear like snow in the tropical sun.

And, until you take this step, everything else is a just a bandaid.

No comments:

Post a Comment