I just read this article on security advice by Kevin Mitnick and I’m equal parts pissed and laughing at it. It’s a classic case of ignoring the elephant in the room and it really makes me wonder where Mitnick’s integrity is since I don’t think he’s a particularly stupid person.

He starts the article with the old “We live in dangerous times. Evil hackers can attack you with their viruses!” line and then proceeds to outline ten steps he feels will increase your safety and security. Some are common sense recommendations that I agree with:

1. Back up everything
2. Choose strong passwords
3. Be diligent with applying security updates
4. Use encryption for sensitive data
5. Disable unused services
6. Use a firewall/router to restrict/limit access to your machine
7. Encrypt your wireless networks with uber-strong passwords using WPA

All these points I agree with. All are basic, simple, common sense things everyone should do, but often do not. His other recommendations are what give me pause:

8. Use commercial antivirus products
9. Use one or more anti-spyware applications
10. Avoid Internet Explorer and disable scripts in your email client

This is where I completely disagree. Recommendations 8-10 can be simplified to one step:

1. Stop fucking using Windows already

(more…)