The front page at browser.netscape.com proudly announces:
The All New Netscape Browser 8.0
Speed, Flexibility and More Security Choices Than Any Other Browser
Speed: Good.
Flexibility: Good.
More Security Choices Than Any Other Browser: What ninny decided this was a positive feature?
Adam Shostack mentioned the previous post (Hi, Adam!) and noted that Microsoft is “aggressively promoting” the myth that software is unconstrainable. The first of their so-called Ten Immutable Laws of Security says
Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore.
Totally false.
It’s nice how The Internets have a way of offering me real-life examples, like a cat leaving a dead bird on the doormat, only moments after i’ve been talking about something. Thank you, Internets.
Recently, to demonstrate a security problem in the new Dashboard feature in Mac OS 10.4, Stephan Meyers created a “slightly evil” [...]
“The Armed Butler” is featured in the first Security Carnival, by Kyle Maxwell. Check it out for links to other interesting articles related to security.
Read a typical news article about computer security and you will see words like “attack” and “defend.” People speak of software being “strengthened” or “hardened” as though it were some kind of physical substance. That might cause one to envision cannonballs smashing into the high walls of a fortress, where the only hope [...]
Argument by analogy is common in discussions of computer security. It’s often a useful way to reason about things, but sometimes an analogy can mislead you. I think a large class of misunderstandings about computer security are due to recurring problems in drawing analogies between what goes on in a computer and what [...]