Protection Racket

The more you seek security, the less of it you have.

Brian Tracy

We've seen how software construction is like building a house (see "DO WE REALLY BUILD SOFTWARE?" on page 177, and Chapter 14). We must learn to secure our programs just like we'd protect a house, locking all doors and windows, employing a sentry, and adding security mechanisms (like a burglar alarm, electronic pass cards, identity badges, etc.). But you must still be constantly vigilant: A door can be left ajar regardless of any fancy lock devices, and a burglar alarm can be left unset.

Our software security strategies apply at different levels:

The system installation

The exact OS configuration, network infrastructure, and version numbers of all running applications ...

Get Code Craft now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.