Computer security can be both discouraging and liberating. Once you get past the horror that comes with fully grasping its futility (a feeling identical to the one that young French horn players get upon realizing no matter how hard they practice, their instrument will continue to humiliate them periodically without warning), you realize that there's nowhere to go but up. But if you approach system security with:

  • Enough curiosity to learn what the risks are

  • Enough energy to identify and take the steps necessary to mitigate (and thus intelligently assume) those risks

  • Enough humility and vision to plan for the possible failure of even your most elaborate security measures

you can greatly reduce your systems' chances of being compromised. At least as importantly, you can minimize the duration of and damage caused by any attacks that do succeed. This book can help, on both counts.