I'll share them with you in the following list:
- Never plan security, let it happen naturally
- It's better to apply any security controls in the production envieronment
- No matter what you do, the security guys will know how to secure it
- Always trust your internal networks and users
- You don't have to notify security, it's their job to know what's going on
- Always blame the security staff when something goes awry
- Never read any security document
- Easy passwords might be guessed, strong passwords will be forgotten
- Better to spend in big, expensive, hype-type security consultancy projects than in cheap, small hands-on-security-that-works projects
- If they don't know it they can't attack it, obscurity is the best security technique
2 comments:
I'm hoping that your tongue is firmly planted in cheek :)
@alex It's my way to fight frustration, either you win or you can laugh at it :)
Post a Comment