Four Irrefutable Security Laws
This list is from Malcolm Harkins, Intel’s chief information security officer, and it’s a good one (from a talk at Forrester’s Security Forum):
- Users want to click on things.
- Code wants to be wrong.
- Services want to be on.
- Security features can be used to harm.
His dig at open source software is just plain dumb, though:
Harkins cited mobile apps: “What kind of security do we think is in something that sells for 99 cents? Not much.”
js • September 20, 2010 6:51 AM
Err, according to the article that’s not what he said. He was specifically aiming at 99 cent mobile apps – in other words commercial, closed source software written cheaply and quickly to get a high volume of products onto the app stores to take advantage of the short-attention-span market.
I think it’s probably a fair comment that such a development cycle does not foster high security.