[pishpash]

I've come to the conclusion that absolute security is a fool's game, sort of like never getting sick. You have a Turing machine, you have a tape, it's not going to be secure. It's better to invest in research on an adversarial "immune system", so to speak.

[d4mi3n]

This is absolutely correct! Modern technical security practice preaches defense-in-depth. Over a long enough period of time, you WILL be compromised. It’s much more effective to plan for it and mitigate the damage than it is to attempt perfect security.

The trick is to make sure you have good network segmentation, don’t allow apps/users more access than they need, and have reliable monitoring and anomaly detection in place so you can respond rapidly to breaches that do occur.

[brightball]

The only problem with that take is that people will hear it and remember “don’t attempt security because it’s hopeless”. It’s the same problem that comes from people discussing premature optimization and using it as a reason to skip simple and obvious performance improvements.

Nuance has a way of being lost in advice like that.

[tokipin]

Like many things, it's about how far into the diminishing returns you want to go. At some point it's more effective to apply further investment to other parts of the ecosystem.

[robocat]

My own conclusion for the security of a small business was to set up a honeypot - a virus needs to search for vulnerabilities to transmit itself, and that search can be detected. Any virus that doesn’t search for vulnerabilities is much more benign.

[justusthane]

That might be how worms work, but it’s not going to protect someone from installing a keylogger or a RAT from opening an infected Excel spreadsheet in an email, for example.

That’s much more reactive than proactive either way. Better as a secondary measure for a large business than as a primary measure for a small business.