Difference between revisions of "User:ThomasMcC"
Jump to navigation
Jump to search
(first entry) |
(1) |
||
Line 1: | Line 1: | ||
== '''Tom's Thoughts''' == | == '''Tom's Thoughts''' == | ||
− | Don't roll your own. (AKA: The first rule of cryptography.) | + | # Don't roll your own. (AKA: The first rule of cryptography.) |
− | If a bad guy can persuade you to run his program on your computer, it's not your computer anymore | + | # If a bad guy can persuade you to run his program on your computer, it's not your computer anymore |
− | If a bad guy can alter the operating system on your computer, it's not your computer anymore | + | # If a bad guy can alter the operating system on your computer, it's not your computer anymore |
− | If a bad guy has unrestricted physical access to your computer, it's not your computer anymore | + | # If a bad guy has unrestricted physical access to your computer, it's not your computer anymore |
− | If you allow a bad guy to upload programs to your website, it's not your website any more | + | # If you allow a bad guy to upload programs to your website, it's not your website any more |
− | A computer is only as secure as the administrator is trustworthy | + | # A computer is only as secure as the administrator is trustworthy |
− | Absolute anonymity isn't practical, in real life or on the Web | + | # Absolute anonymity isn't practical, in real life or on the Web |
− | Nuke it from orbit. | + | # Nuke it from orbit. |
− | It depends | + | # It depends |
Revision as of 12:48, 1 December 2016
Tom's Thoughts
- Don't roll your own. (AKA: The first rule of cryptography.)
- If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
- If a bad guy can alter the operating system on your computer, it's not your computer anymore
- If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
- If you allow a bad guy to upload programs to your website, it's not your website any more
- A computer is only as secure as the administrator is trustworthy
- Absolute anonymity isn't practical, in real life or on the Web
- Nuke it from orbit.
- It depends