“It is not a case of simply fixing a few vulnerabilities and moving on. Reducing the impact of viruses and worms to an acceptable level requires fundamentally new thinking about software quality, continuous improvement in tools and processes, and ongoing investments in resilient new security technologies designed to block malicious or destructive software code before it can wreak havoc. It also requires computer users to be proactive about deploying and managing products. Technology has come an incredibly long way in the past two decades, and it is far too important to let a few criminals stop the rest of us from enjoying its amazing benefits.”
– Bill Gates.
Boy, is this guy a ninny! He does not realize that security is not about new products, and techniques and strategies. It’s about going back and looking at your existing architecture, and finding the architectural issues that lend themselves to in-security.
So, for example, if my OS allowed an application to have a higher level of trust with the OS than that of the user using the application (The case with many Microsoft apps) then I would re-architect my OS such that those applications could not violate security rules in that way.
Bill needs to learn that security is not something new - its something very old. And that new products are not going to help the problem until system architectures are fixed.
Thank you.
0 Responses to “Stupid quote of the week.”