The trinity of RIA security explained
Back to the articleI miss read the title as: #
Posted Tuesday 8th April 2008 11:17 GMT
‘The trinity of IRA security explained’.
I expected a detailed piece on Knee-Capping, Intimidation and Bombing...
Which I could follow up with a query for the I.T. angle...
In my defence, Paris would have been confused, too.
The trinity of RIA security RE-explained #
Posted Tuesday 8th April 2008 14:36 GMT
The trinity of RIA security can best be summed up as:
Zip, Nada, Zilch.
We've known this ever since Active-X was first deployed. Here's Microsoft's "First immutable law of computer security":
"Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore."
Here's DaveK's corollorary to the first immutable law of computer security:
> If you let remote websites execute code on your computer, it's not your computer any more.
When combined with DaveK's axiom of rich internet application security:
> Microsoft invented Active-X /so/ that remote websites can execute code on your computer.
It leads us to DaveK's syllogisms of computer security:
>1. If you let Microsoft execute code on your computer, it's not your computer any more.
>2. Microsoft are the "bad guys".
Popular Whitepapers
- Market Primer: ERP Systems
Still stuck in the clouds when in comes to ERP? - SMB phone systems product requirements worksheet
Learn which phone system best suits your business's needs - Ensuring high service levels in cloud computing
Keys to effective service management - IBM System Blue Gene/P solution brochure
Petaflop scale performance in a package efficient in power, cooling and floor spac - What Exchange can't do - and Dell can
On Demand Reg Webcast - Enabling The Agile Data Center
On-Demand: Audio with slides
