Security is futile!

NetBSD or OpenBSD?

Did you really mean the most secure OS is NetBSD or should it read OpenBSD? Both have the same roots and the latter is even a derivative of the former. However, as you mentioned, the OS is not the answer: the OpenBSD team says that a system can only be as secure as the software it is running so the concept of controlled white list is surely the way to go. This even applies to options and plugins: don't take risks installing modules you don't need. This is basic, proactive security. If you reduce the number of holes, you mechanically reduce the risk.

Resistance is futile or is it

It's a sad indictment of the times, when big companies who have the mega bucks to hire the brightest and the best spin doctors, can do little else when standing up on a stage, other than speak the truth, about current trends and developments in the dark world of computer security.

It is disheartening to say the least, to see, that even here evolution, has cast a long line to prove to us all, that no matter how often or what sort of mouse trap you product, nature will come up with a better mouse, and it seems that we may be losing the evolutionary race, as the mouse seems to be changing faster, that the traps that we can produce to contain or eradicate it can be produced.

But who is really to blame for this explosion, is it the consumer, who constantly believes in the socially engineered tag lines of the e-mails, that bombard our in-box's, that they will really seen Britney or Anna, in wonderfully comprising positions, haven't we grown up past the point of the net being a new thing to a place where even average consumers, know what basic common scene computing is all about, Much like the real world, when you visit the shader parts of the net, like the meaner parts of town you can expect trouble, in a variety of sizes shapes, and persuasions, or do they still cling to that old mentality, that it'll be OK nothing bad will happen to me, as deep down inside where all nice people.

Or is it the companies them selves, with their latest PR spin, that all but promise, that no matter where we venture in the land of the net, we will be safe, we are bombarded from OS vendors, right the way down the food chain, that their products will provide unprecedented security, so that your identity, and financial are safe against the nasties of the world, they don't however seem to mention, that while some of their products are good, none are perfect, and even with the latest of everything installed, you can still get stung, it must have something to do with their profit margin, or an aversion to telling the truth I'm just not too sure.

What ever the reason, the one thing you cannot legislate against, or create a program to correct is the stupidity of the person behind the mouse or keyboard, that is the weakest link of any system, and the one that is least able to be patched by security and software vendors.

It would be good to have an acceptance of more secure alternative OS's but in a market driven economy, I don't see that happening any time soon, FOSS evolution is a slow process at best, and while white lists are a good idea, I'd be willing to bet my eye teeth, that no software company will guaranteed their product to work in such an environment, especially with a human driving it.

What we need to a list of white friends who won't continue to forward us stuff that will engage those erogenous areas of our brain in the first place, now that would be a coup for any software maker, compiling a list of people who we can trust to send us anything, mail or site links, that we can open without fear and trepidation because we know it's from a trust worthy source, may be that might be a good start, in combating this ever grow threat, any takers, I hope so but I won't be hold my breath...

I'm sure that even white

I'm sure that even white listed software would have its own problems, unless the software was guaranteed secure.