See also: Heapify

Go back to post Create new comment

RSS Be notified of new comments on this post with the RSS feed for this post.


This is pretty much the problem with most modern IT security.

Obviously there are many sources of insecurity that can be introduced into any system. Incompetency perhaps being one of the leading. Security by defaulting is a safety net for incompetency. Not infallible, but what is?

I expect overtime smarter defaults to be shipped. However there is a real balance that needs to be achieved between usability, functionality and security. The reason for instance that Windows has so many things enabled is because many users have no idea how to enable them! To ensure everyone has a fully functionality system they are switched on by default.

Unfortunately it was decided that the security implications are secondary to functionality. It's not necessarily a stupid decision, its just one which results in greater likelihoods of insecurity. The Windows philosophy values functionality above security. The OpenBSD philosophy values security above ease of us, which has a two fold effect of being secure by default and of increasing the chances that the user is naturally more competent in the first place.

Go back to post

Create a new comment

Go to the top

You can use a restricted version of markdown formatting here. You can use the toolbar above the text field to make this more painless. For more information about markdown please refer to the markdown cheatsheet.

For post: Security is sensible defaults
Your name:
Your email (optional):
Your website (optional):

A preview of your comment:

Powered by Debian, Guinness, and excessive quantities of caffeine and sugar.