Misunderstanding Computers

Why do we insist on seeing the computer as a magic box for controlling other people?
Why do we want so much to control others when we won't control ourselves?

Computer memory is just fancy paper, CPUs are just fancy pens with fancy erasers, and the network is just a fancy backyard fence.
コンピュータの記憶というものはただ改良した紙ですし、CPU 何て特長ある筆に特殊の消しゴムがついたものにすぎないし、ネットワークそのものは裏庭の塀が少し拡大されたものぐらいです。

(original post/元の投稿 -- defining computers site/コンピュータを定義しようのサイト)

Monday, February 11, 2013

Security Basics 1 -- Perceived Value

The first principle of computer security is the same as in the real world:

If what you have is perceived to be valuable, there will be people who will decide they want it.

So the first rule of security is to avoid making something look more valuable than it is.

(A derived rule is to try to make it appear less valuable, but such attempts are generally all too easy to read through, and thus backfire. Going that route should be reserved for special cases, not engaged in without careful planning, and definitely left alone if you haven't throughly understand all the principles of security.)

Think about the old MS/PC-DOS machines. Internal storage was small. Networking was primitive. Data tended to be stored off-line. The biggest security problems were computer viruses written mostly by kids who had no idea of the value of the data their toys were mucking around in.

Well, the data itself wasn't that valuable either, because it was hard to dig into, hard to aggregate, hard to interpret.

Security was not a big problem because of a lack of value, and a lack of perceived value.

To get a grip on perceived value, however, you need to know what you are protecting.

No comments:

Post a Comment