Showing posts from August, 2022

The Custodian and the Princple of Least Privilege

It can be frustrating, when you suddenly loose permissions to something you have been doing for years only to find out you are now 'not allowed' to do it, and when you ask why you are told about the " Principle of Least Privilege "  - utter nonsense? or good information security practice? Simply put, a person should have only sufficient the minimum sufficient access necessary to do his/her job, and no more.  Similarly, a software program should only have the minimum access to data necessary to fulfill its function and no more.  The principle of least privilege works hand-in-hand with the tenant of separation of duties  and the concept of ' Need to Know '  Consider the case of a custodian , let's call him Dave. Dave is responsible for cleaning the classrooms and office's inside a public school system. In order for Dave to do his job successfully, he needs access to all of the classrooms and offices. He likely has a keychain of many keys. (which always s

The Programmer's Dilemma

Client: This program isn't working the way I need it - I need a program that will do 'X' for me   Programmer: Okay, that's a tall order it will take some time to do. Client : Oh, I didn't realize, how long do you think it will take?   Programmer: Umm, depends, but I'm guessing about 3 weeks. Client:   No that simply won't work -   my reports are due next week, I need it by Monday. I'll just put another 3 programmers on it with you, that will make things 3  times faster, so you should have no problem getting it done by Monday! Programmer: Scratches his head - muttering  "umm,  that's not going to work" - Sound Familiar? Their seems to be a mistaken belief (held by a fair number of people), that any project or process can be made faster simply by adding more resources to it. This is the law of outrageous oversimplification. Brooke's Law coined by Fred Brooks in 1975- Specifically - "adding manpower  to a late software project makes