Re: The 10 Immutable Laws of Security



0.1: Don't use Internet Explorer.

I disagree. I have used IE for years, browsing all around, and never
been infected by malware. That is not to say that malware hasn't tried
to install itself, just that it has not been successful. I would amend
this to say, Don't browse the Internet without considering defense-in-
depth. Use the right tools and do not run as Administrator.

Which reminds me, I would also amend "Law #6: A computer is only as
secure as the administrator is trustworthy." A computer is only as
secure as the processes running under Administrator are trustworthy.
You might trust yourself, but do you trust anything that might be
launched under your session?

J Wolfgang Goerlich

.