I read elsewhere on HN - "Well-meaning users will always quickly turn an unusable secure system into a usable insecure system."
I read elsewhere on HN - "Well-meaning users will always quickly turn an unusable secure system into a usable insecure system."
The corollary is that a perfectly secure system is one which is completely and utterly inaccessible to anyone, including the users.
I always like this when explaining why the A in the CIA Triad matters: The most secure computer is one powered off, encased in cement, and dropped into the middle of the Pacific Ocean. But it's not very useful
“A ship in harbor is safe, but that is not what ships are built for.”
If the system is unusable some well-meaning user will set up their own system, which is unlikely to be secure.
Hey now, don't knock on batch processing systems.