Skip to main content

To Build A Good Security

There is nothing that 100% secure. If people would sell security, they just like selling dead donkey. Even a multi-million dollar item equipped with strong security can easily be broken with common tool.

Hmm.. I'm sleepy. Okay people, some other time. (to be continued if time permit and I'm not that lazy).

To sum it up, to build a good secure system:
1. Build a good secure social system first, introduce security to the humans.
2. Build a good base code, black boxing each part of the system.
3. Stack up your code and consider of a domain problem. A domain problem is like there is nothing wrong with the modules, but as they integrates, they create holes.
4. Familiarize people with the good security practice and make sure they do the damn thing right!

Uhm, just like when you implement a password for entering the secure area, it is important to keep the person whom uses the feature to not use any common, easy to guess phrase. No matter how sophisticated your application, people just second guessing the password.

To make it worst, there would be a bad practice where people shares password each other. The login confidentiality that was used to overcome the non-repudiation is no longer effective. Another threat is as person write their password anywhere that made people phisically would enable to require the password.

That just a little example. Time to go to sleep. Bye....
Labels:

Comments

Post a Comment

Popular posts from this blog

STAN vs. UI

Ugh, kasihan banget adek gue. Saking kepinteran dia jadi dapet Akuntansi UI dan STAN. Jadi bingung mau masuk yang mana. Beberapa orang (termasuk orang tua gue), menyarankan masuk STAN. Gue malah memperburuk suasana dengan membela memasuki Akuntansi UI, maklum bela almamater. Duh, gue jadi merasa bersalah bikin dia ragu-ragu. Kira-kira enakan masuk mana, yah? Gue juga gak tahu keuntungan masing-masing. Hasil debat sementara: ~ Untuk jangka panjang masuk UI, untuk jangka pendek STAN. ~~Tapi, dia itu kan cewek, ntar pas menikah kemungkinan besar karir terhambat. Eits, ntar, dulu, sekarang kan jamannya emansipasi, bisa aja cowoknya yang jadi BRT. ~ STAN sarang korupsi, kalo masuk STAN jadi pegawai negeri. Kalo mau kaya harus korupsi. Tapi kalo masuk UI, lulus masuk jadi akuntan publik. Sekarang ini, orang membayar akuntan publik untuk memanipulasi nilai pajak dan aset. *SIGH*. Jadi gak ada yang beres ~ dll. Yah, udah gue jadi bingung, apa lagi dia nanya saran gue. Buah, gue gak pengalaman ...
62 comments
Read more

I Hate Marvel Civil War Storyline In Comic

See this snippets from The Amazing Spiderman: [1] http://scans-daily.dreamwidth.org/4625006.html The snippets on [1] made it clear: Stan Lee made Spidey have a strong believe in Privacy. The comic strips show how Spidey even have to face charges because of his anonymity. The accuser even made many accusation to other entities for political attacks. A fan-art/art I've found in the 90's illustrated Spiderman standing in front of Peter Parker tomb. I don't know if that was originally from comic book or fan-made, 90's are a long time ago. That art mesmerized me and introduced me to the importance of privacy. In late nineties, I was joined to a program hold by an NGO. So, at that time I know how crucial a privacy was (and still is) to humanity. I'm not exaggerating! Humanity would fall to big financial organizations if people could not voice their fears in anonymity. Whistleblowers around the world would not dare to come up. We would not see any suppression ge...
Post a Comment
Read more