alex asunder


Doctor Johnston’s Security Maxims for the Ages
October 2, 2009, 1:35 pm
Filed under: Uncategorized | Tags: ,

Via Tech Republic, Roger G. Johnston Ph.D.’s security maxims:

The following maxims explain why security issues are slow to be resolved:

  • Show-Me Maxim: No serious security vulnerability, including blatantly obvious ones, will be dealt with until there is overwhelming evidence and widespread recognition that adversaries have already catastrophically exploited it. In other words, “significant psychological (or literal) damage is required before any significant security changes will be made”.

Sad, but oh so very true.