Re: The 10 Immutable Laws of Security

0.1: Don't use Internet Explorer.

I disagree. I have used IE for years, browsing all around, and never
been infected by malware. That is not to say that malware hasn't tried
to install itself, just that it has not been successful. I would amend
this to say, Don't browse the Internet without considering defense-in-
depth. Use the right tools and do not run as Administrator.

Which reminds me, I would also amend "Law #6: A computer is only as
secure as the administrator is trustworthy." A computer is only as
secure as the processes running under Administrator are trustworthy.
You might trust yourself, but do you trust anything that might be
launched under your session?

J Wolfgang Goerlich


Relevant Pages

  • Re: Cannot set auto-protect on Symantec Norton AV. CAn someone help?
    ... First make sure you are logged on as a local administrator. ... command net localgroup administrators at the command prompt to see local ... an attempt to keep you from removing the malware. ...
  • Re: Do I have TOO MANY antivirus, antispyware, etc
    ... Running in Safe Mode is always recommended if you believe you have ... you do not need administrator powers such as for installing applications. ... and you therefore can reduce the threat of malware infection if you are not ... administrator account a hard to guess password and write it down and store ...
  • Re: are porn sites a huge security risk?
    ... What cataract covered lens affords that view? ... as the ability to actually configure a safe browsing system. ... If all you do is 'react' to malware, ... Trust yourself. ...
  • Re: Norton
    ... >> to administrator only for things that require admin privs ... > admin, which is on by default - even for XP home. ... > effective one given the malware in circulation today. ... > regardless of what environment it finds itself in. ...
  • Re: control panel and security settings missing from the start menu
    ... This is a fairly common side effect of the cleanup of certain malware ... get a message that something has been disabled by the Administrator, ... Trial and error methods ... There would be some personal information (like System Name and User ...