Microsoft: Ten Immutable Laws Of Security (Version 2.0) - 2011

Andrezj

Andrezj

Level 6
Thread author
Verified
Well-known
Nov 21, 2022
246
990
466
The 10 Laws are:

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.
Click to expand...

learn.microsoft.com

Ten Immutable Laws Of Security (Version 2.0)

learn.microsoft.com
 
Last edited by a moderator:
  • Like
  • Applause
  • +Reputation
Reactions: Andy Ful, Ashish1+1, ForgottenSeer 97327 and 7 others
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Click to expand...

This may true but it shouldn't mean we don't try to achieve anonymity and high-level privacy. You can't have security without privacy, they are intertwined.

It's a basic list but a good reminder of what every person should know. There are more complex layers to it that should be discussed, another time though.
 
  • Like
  • Applause
Reactions: ForgottenSeer 97327, [correlate], simmerskool and 4 others
Andrezj said:
The 10 Laws are:

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.

learn.microsoft.com

Ten Immutable Laws Of Security (Version 2.0)

learn.microsoft.com
Click to expand...
Sorry, after earlier Microsoft communications with over the top woke-ism (video), I can't let this one pass addressing BAD GUY only :)

Law #11: You are catched with your pants on your ankles when a @cruelsister tests your security software



P.S. I am by no means suggesting that we should not strive to an inclusive society, but actions are more important than words in my book (in Dutch "geen woorden maar daden")
 
Last edited by a moderator:
  • Like
Reactions: simmerskool, Gandalf_The_Grey, Jan Willy and 2 others

You may also like...