Blog

Lessons From The Past: 10 Immutable Laws Of Security

Working From Home
Cybersecurity

Lessons From The Past: 10 Immutable Laws Of Security

A long time ago I found ten rules for computer security on the Microsoft website. I thought the first rule said: “When someone else is at your computer, it’s no longer your computer.” At some point the article disappeared so I couldn’t verify if I remembered correctly. As it turns out, I didn’t. It is still a valuable rule. Physical access to your device is a serious security concern. Where malicious software installs remotely via your web browser, now it can be installed directly via an USB device, for example. This is also the perfect opportunity to modify your hardware. This could be installing a key logger or a tracking device, for example. The rule I remembered the principle of, is rule number three. The original laws were written fifteen years ago by then Microsoft security researcher Scott Culp. Keep the laws in mind as you work out a strategy and tactics for your digital security.

10 Immutable Laws Of Security

  1. If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore.
  2. If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
  3. If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
  4. If you allow a bad guy to upload programs to your website, it’s not your website any more.
  5. Weak passwords trump strong security.
  6. A computer is only as secure as the administrator is trustworthy.
  7. Encrypted data is only as secure as the decryption key.
  8. An out of date virus scanner is only marginally better than no virus scanner at all.
  9. Absolute anonymity isn’t practical, in real life or on the Web.
  10. Technology is not a panacea.

User Agreement

Welcome to Modern Samurai.

An important part of establishing a contract is meeting of the minds. Where many websites hide their user agreement (a.k.a. terms of use, terms of service) at the bottom of their pages, we prefer to be upfront and honest about what you’re getting into. Please download our User Agreement and review it. If you agree, click “Agree” to continue to this Site. If you do not agree, click “Decline” to move away from this Site.