[Cascavel-pm] OFF: Por dentro da mente tortuosa de um profissional de segurança

Nelson Ferraz nferraz em gmail.com
Sexta Março 21 08:16:58 PDT 2008

Artigo de Bruce Schneier, sobre o modo de pensar voltado para a segurança.

"This kind of thinking is not natural for most people. It's not
natural for engineers. Good engineering involves thinking about how
things can be made to work; the security mindset involves thinking
about how things can be made to fail. It involves thinking like an
attacker, an adversary or a criminal. You don't have to exploit the
vulnerabilities you find, but if you don't see the world that way,
you'll never notice most security problems.

I've often speculated about how much of this is innate, and how much
is teachable. In general, I think it's a particular way of looking at
the world, and that it's far easier to teach someone domain expertise
-- cryptography or software security or safecracking or document
forgery -- than it is to teach someone a security mindset."


Nelson Ferraz

Free Software Foundation Associate Member #3203
Projeto Software Livre Brasil (www.softwarelivre.org.br)
Sociedade Perl do Brasil (www.perl.org.br)
Rede Livre de Compartilhamento de Cultura Digital

Mais detalhes sobre a lista de discussão Cascavel-pm