

The Security Mindset (2008) - billswift
http://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html

======
billswift
I was rereading some essays a few hours ago and came across this and the essay
by Ed Felten on Freedom-To-Tinker commenting on it, _The Security Mindset and
"Harmless Failures"_ ([http://freedom-to-tinker.com/blog/felten/security-
mindset-an...](http://freedom-to-tinker.com/blog/felten/security-mindset-and-
harmless-failures)).

On of Ed Felten's points, _"The second way is to think, "This looks like a
harmless failure, but we should avoid it anyway. No good can come of this."
The first way protects you if you're clever; the second way always protects
you."_ Is also useful in protecting against other types of failure, not just
security problems.

------
mdemare
Fascinating stuff!

Programmers (good ones) also have a different mindset - always trying to think
of all paths, not just the happy paths. But we don't expect malice, just
Murphy's law.

