posted on Thursday, September 30, 2004 12:19 PM
by
stefandemetz
Security should also mean "easily securable"
If implementation of security has one major flaw is that it is difficult to install and configure.
Alas, Windows can be made VERY secure, just there are so many knobs to turn
that it is almost easier to learn voodoo or black magic.
Threfore most people don't bother, leaving Windows in it's default shipping configuration.
Alright, some install antivirus and personal firewalls.
What does securable mean? One just needs to look at how many castles were build in the middle age.
The castle was built on a rock or hill, so the attackers had to put in a maximum effort to get close.
If they wanted to enter though the main gate, they had to cross a slim bridge, where they would be easily intercepted.
The defenders really needed to closed the main entrance, perhaps lift the bridge and they were safe for a while.
Secure by design, secure by default, secure by deployment and even a fourth: secure by defendibility.
So to needs to be an OS, easily defendable by applying all the clever criteria, but also by making it more defendable.