[Cascavel-pm] OFF: Por dentro da mente tortuosa de um profissional de segurança
Nelson Ferraz
nferraz em gmail.com
Sexta Março 21 08:16:58 PDT 2008
Artigo de Bruce Schneier, sobre o modo de pensar voltado para a segurança.
"This kind of thinking is not natural for most people. It's not
natural for engineers. Good engineering involves thinking about how
things can be made to work; the security mindset involves thinking
about how things can be made to fail. It involves thinking like an
attacker, an adversary or a criminal. You don't have to exploit the
vulnerabilities you find, but if you don't see the world that way,
you'll never notice most security problems.
I've often speculated about how much of this is innate, and how much
is teachable. In general, I think it's a particular way of looking at
the world, and that it's far easier to teach someone domain expertise
-- cryptography or software security or safecracking or document
forgery -- than it is to teach someone a security mindset."
http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320
--
Nelson Ferraz
Free Software Foundation Associate Member #3203
Projeto Software Livre Brasil (www.softwarelivre.org.br)
Sociedade Perl do Brasil (www.perl.org.br)
Rede Livre de Compartilhamento de Cultura Digital
Mais detalhes sobre a lista de discussão Cascavel-pm