Blasting away security myths
During my nearly two-decade computer security career, I've always been amazed by how many security myths are propagated as fact by readers, instructors, leaders, and writers.
Just because most people say it's so doesn't make it correct.
Because of this, I have a new rule: You should not teach, lead, or write about something until you've at least tried it once yourself. Don't just repeat the same things as mantra without testing to see if the statement holds water.
[ Read more ]