Microsoft: Ten Immutable Laws Of Security (Version 2.0) - 2011

[Andrezj]

The 10 Laws are:

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.

Ten Immutable Laws Of Security (Version 2.0)

learn.microsoft.com

 

[Zero Knowledge]

Law #9: Absolute anonymity isn't practically achievable, online or offline.

This may true but it shouldn't mean we don't try to achieve anonymity and high-level privacy. You can't have security without privacy, they are intertwined.

It's a basic list but a good reminder of what every person should know. There are more complex layers to it that should be discussed, another time though.

 

[ForgottenSeer 97327]

The 10 Laws are:

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.

Ten Immutable Laws Of Security (Version 2.0)

learn.microsoft.com

Sorry, after earlier Microsoft communications with over the top woke-ism (video), I can't let this one pass addressing BAD GUY only

Law #11: You are catched with your pants on your ankles when a @cruelsister tests your security software



P.S. I am by no means suggesting that we should not strive to an inclusive society, but actions are more important than words in my book (in Dutch "geen woorden maar daden")

 

[WhiteMouse]

Law #12: If an anti-malware can delete every shortcuts on your computer, it's not your computer anymore.

 

[Andy Ful]

Law #12: If an anti-malware can delete every shortcuts on your computer, it's not your computer anymore.

If the above is true then let's think about:
Law #13: If you use Windows, it is not your computer anymore.