Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Security for the Paranoid
Mark Burnett, 2005-04-26

Paranoia is the key to success in the security world. Is it time to worry when other security professionals consider you too paranoid?

Comments Mode:
Security for the Paranoid 2005-04-26
norwegian
Security for the Paranoid 2005-04-26
Anonymous (5 replies)
Security for the Paranoid 2005-04-26
Anonymous
Security for the Paranoid 2005-04-27
Rickard Johansson (1 replies)
Re: Security for the Paranoid 2005-06-09
Anonymous
Security for the Paranoid 2005-04-27
Anonymous (1 replies)
Re: Security for the Paranoid 2005-05-25
Bradbury9
Security for the Paranoid 2005-04-27
Anonymous
No such thing as "being TOO paranoid/careful" 2005-05-05
Anonymous
Security for the Paranoid 2005-04-26
Anonymous (1 replies)
Security for the Paranoid 2005-04-27
Anonymous (1 replies)
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-26
Times Enemy <times@krr.org>
Security for the Paranoid 2005-04-26
styliee
Security for the Paranoid 2005-04-26
Jeroen Kemperman (2 replies)
Security for the Paranoid 2005-04-26
Anonymous (1 replies)
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Shadowkill
Security for the Paranoid 2005-04-26
Anonymous
Security for the Paranoid 2005-04-26
Anonymous (1 replies)
Security for the Paranoid 2005-04-26
Anonymous
Security for the Paranoid 2005-04-26
Anonymous
Security for the Paranoid 2005-04-26
Anonymous
Personally, I think the author might be clinically paranoid.

Remember the word "excessive" from that dictionary definition of paranoia which was quoted in the article? I think that's the key. There must be a limit on what qualifies as "excessive", how much is too much.

For example, note that there is no discussion in this article of ROI or costs vs benefits. None. Applying every possible security measure irregardless of whether it actually does anything or not sounds excessive to me. Using a 14-word password with a "lame account" such as a New York Times login, for example, seems excessive to me (just falsify your personal info and the attacker would have nothing to gain). "Excessive" has to represent some limit, and the author shows no evidence of being aware of that limit.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/320/31593#31593
know your enemy 2005-04-26
Anonymous
Playing the "You're Paranoid" Card for Social Engineer & Profit 2005-04-27
Anonymous
When Paranoia Annoys Ya 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Kron
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
dan@3-e.net
Padded Cell for the Paranoid 2005-04-27
Aenox
Security for the Paranoid 2005-04-27
Anonymous (1 replies)
Re: Security for the Paranoid 2005-06-23
Morris Cox
Answers and clarifications 2005-04-27
Mark Burnett (1 replies)
Answers and clarifications 2005-04-28
Chatos Anonymous
sounds to be a reflection myself 2005-04-27
<visitbipin hotmail com>
Security for the Paranoid 2005-04-27
Anonymous
What OS are you using? 2005-04-27
Anonymous (1 replies)
What OS are you using? 2005-04-27
Zachary Palmer
Yet you use microsoft products? 2005-04-27
Anonymous
Missed the most obvious security precaution 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous coward
Security for the Paranoid 2005-04-27
ORBVS
Security for the Paranoid 2005-04-27
Anonymous (1 replies)
Re: Security for the Paranoid 2005-06-23
Morris Cox
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Stephen
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid - Firewall? 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Forget TerraFly, use Google! 2005-04-27
Anonymous Bastard
Security for the Paranoid 2005-04-27
f1r3f1ght3r
Security for the Paranoid 2005-04-27
Anonymous Coward
Security for the Paranoid? 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
josh
Social Engineer Past The Technology 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Autoversicherung
Not all that Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
JB kybrdcowboy@hotmail.com
the 50 character password 2005-04-27
Chirayu
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Security for the Paranoid 2005-04-27
Anonymous
Windows? 2005-04-27
Anonymous (1 replies)
Windows? 2005-05-02
Anonymous
Security for the Paranoid 2005-04-28
SafeCracka
Security for the Paranoid 2005-04-28
cornhead
Security for the Paranoid 2005-04-28
ZeroXeal
Security for the Paranoid 2005-04-28
Me
Being paranoid doesn't mean they wont get you! :) 2005-04-28
n54
Absolutely right, although... 2005-04-28
Dmitry Kirsanov
Security for the Paranoid 2005-04-28
Anonymous
Security for the Paranoid 2005-04-28
Anonymous
Security for the Paranoid 2005-04-28
Anonymous
Security for the Paranoid -trust wife 2005-04-28
Anonymous
Security for the Paranoid 2005-04-29
Anonymous
my password is my wife's name 2005-04-29
Anonymous
Security for the Paranoid 2005-04-29
Mat
Due Dilligence vs. Effeciency 2005-04-29
Anonymous
Security for the Paranoid 2005-04-29
Anonymous (1 replies)
Security for the Paranoid 2005-05-02
Anonymous [Information Security Defender]
50-character password is overkill 2005-05-03
Anonymous (1 replies)
Re: 50-character password is overkill 2006-02-26
Anonymous
Security for the Paranoid 2005-05-06
Anonymous (1 replies)
Re: Security for the Paranoid 2006-05-25
Anonymous
Links for the Paranoid 2007-06-16
Anonymous
Security for the Paranoid 2008-02-17
Anonymous







 

Privacy Statement
Copyright 2009, SecurityFocus