The Six Dumbest Ideas in Computer Security
www.ranum.com

This is an article that is now over twenty years old.

And yet posting it seems like a worthwhile refresher for the “Agentic Age” … because very basic principles are being thrown overboard.

One is: There has to be a clear separation between code that controls actions on your computer, and untrusted data.

Looking at agentic systems - what do you see?

  • HaraldvonBlauzahn@feddit.orgOPEnglish
    3·
    20 hours ago

    Education has gone a long way to improving user response and caution against default trust of unverified contact

    If that were true, nobody would run agentic tools.

    Because these:

    • perform actions on your computer, thus are executing programs
    • operate on untrusted data -cannot, by principle, safely discern between commands and untrusted data