In a fight between pirates and ninjas, who would win? I know what you are
thinking. “What in the world does this have to do with security?” Read on to
find out but first, make a choice: Pirates or Ninjas?
Before making that choice, we must know what the strengths and weaknesses are
StrongLoudBrute-Force AttackDrunk (Some say this could be a strength too)Great
at PlunderingCan be CarelessLong-Range CombatNinjas
In last week's blog [/2015/09/17/push-vs-pull-security] (which you should read
now if you have not), I said:
> The core problem with security today isn't about technology. It's about
misaligned incentives. We are trying to push security onto people, teams, and
processes that just don't want it.
To be clear, it's not that people don't care. They say they want security, and I
believe them. Or more precisely, part of their brain wants security. People who
want to break a bad habit