I hate to make this a blog where I drop in links from around the world and feel happy at having put something on it. I definitely wouldnt want to do that. Anyways, came across this link on email today.
If you are reading it, dont read it as the six dumbest ideas in Computer Security. Rather read it as the One reason why Computer Security is all screwed up. The first one. Most of the others are a form of the same idea. Read about the description of Default Permit strategy. Think about it.
That is probably one of the biggest things that is causing havoc with having to run an ever-losing race with vulnarabilities, hacks and other evil in the networked world.
And to think all one had to do was ask