墨菲定律应用于互联网安全
我是墨菲定律的狂热爱好者,在编程时我就会牢记它。 各个领域都有很多“应用”版本。 也许(作为堆栈溢出用户)我们可以编制一个应用于互联网安全的列表。 我建议这样做是因为,在网络钓鱼、XSS、CSRF 以及围绕程序员和用户的更多对待的时代,最好有一个预期的列表,以便跟踪您的应用程序中可能存在的漏洞,以及系统。
一个例子是: “漏洞会自发出现,但不会以同样的方式消失”。
请展示您对此的想法。 提前致谢。
I'm a fanatic of Murphy's Law and I have it in mind at programming time. There are a lot of "applied" versions in a variety of fields. Maybe (as stack overflow users) we can compile a list of them applied to Internet Security. I suggest this because in times of phishing, XSS, CSRF and a lot more of treats surrounding the programmer and the users it would be a good idea to have a list of what to expect in order to keep track of possible vulnerabilities in your apps and systems.
An example would be:
"Vulnerabilities appears spontaneously but they don't disappear in the same way".
Please show your ideas about it.
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
唯一真正安全的系统是一个断电的系统,用一块混凝土浇铸而成,并密封在一个有武装警卫的铅衬房间里——即便如此,我仍心存疑虑。
——尤金·H·斯帕福德
The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts.
-- Eugene H. Spafford
您的安全系统将成功阻止您跟进黑客的行为。
Your security system will successfully prevent you from following up on what the crackers did.
摆脱烦人的安全功能的最佳方法是 13 岁的孩子。
The best way past a pesky security feature is a 13-year-old.
坚不可摧的安全性并非如此。
Impenetrable security isn't.
“任何时候遇到安全漏洞,你都只能发现更多。”
"Any time you encounter a security hole, you can only find more."
你越多地询问专业人士,你的安全漏洞就越多。
The more you ask professionals, the more you have security holes.
“期待意想不到的事情。” (里奇鸭8-)
"Expect the unexpected." (Richie ducks 8-)
这是我今天发现的:
一种“牢不可破”的安全解决方案得到认可,因为一旦它被破坏,它就会让系统完全开放并容易受到攻击。
This is one I have found today:
An "unbreakable" security solution is recognized because once it's broken it lets the system completely open and vulnerable.