The trinity of RIA security explained
Back to the articleI miss read the title as: #
Posted Tuesday 8th April 2008 11:17 GMT
‘The trinity of IRA security explained’.
I expected a detailed piece on Knee-Capping, Intimidation and Bombing...
Which I could follow up with a query for the I.T. angle...
In my defence, Paris would have been confused, too.
The trinity of RIA security RE-explained #
Posted Tuesday 8th April 2008 14:36 GMT
The trinity of RIA security can best be summed up as:
Zip, Nada, Zilch.
We've known this ever since Active-X was first deployed. Here's Microsoft's "First immutable law of computer security":
"Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore."
Here's DaveK's corollorary to the first immutable law of computer security:
> If you let remote websites execute code on your computer, it's not your computer any more.
When combined with DaveK's axiom of rich internet application security:
> Microsoft invented Active-X /so/ that remote websites can execute code on your computer.
It leads us to DaveK's syllogisms of computer security:
>1. If you let Microsoft execute code on your computer, it's not your computer any more.
>2. Microsoft are the "bad guys".
Developer Headlines
- A Tentative Content Plan for 2010
- Lining Up Columns
- A Necessary 101 on Professional Application Development
Popular Whitepapers
- Enabling the Agile Data Center
On-Demand: Audio Only - 10 Strategies for Choosing a Midmarket ERP Solution
Find out how to use the changing ERP market to your advantage - Enabling The Agile Data Center
On-Demand: Audio with slides - Analyst Keynote: The Register Agile Data Center Summit
On-Demand: Audio with slides - Thermal design of the Dell PowerEdge T610, R610, and R710 servers
Monolithic thermal design overview - Seven ways to optimize VMware server virtualization
Virtualized storage complimenting virtualized applications
