Talk:Computer security

this kind of locks are often used for preventing people from partial RAM theft etc. not advanced targeting Luhanopi (talk) 17:45, 4 June 2025 (UTC)

Google.com 202.44.109.14 (talk) 17:20, 10 July 2025 (UTC)

say more

--Luhanopi (talk) 17:21, 10 July 2025 (UTC)

It doesn't claim to be anything more than a lock to prevent physical tampering. Any better ideas? A picture of an ethernet cable? --𝕁𝕄𝔽 (talk) 20:15, 10 July 2025 (UTC)

fixing up description Luhanopi (talk) 20:16, 10 July 2025 (UTC)

An RFID badge reader with a secure door may be a better example. Chainsawvasectomy (talk) 16:29, 12 November 2025 (UTC)

I disagree. Physical tampering is in fact a way to breach computer security. I've seen cases where someone with a modicum of intelligence plants a raspberry pi into the back of a computer by accessing it physically, and using it to steal stuff like Bitlocker secret keys or do some rudimentay USB sniffing. Advanced targetting does take place via this method, and in organizations that take this opsec very seriously, it's often the only way to create a sort of breach.

I think that the description matches this perfectly. It does seem like an odd photo but this is a very common (albiet outdated) way of handling this.

Nowadays the solution seems to be towards prebuilt computers and screwless devices, which prevent some of this.

RFID badge readers aren't so much for "computer security" as they are for "physical security". I've never seen an RFID badge reader with a computer; the prospect is odd. https://winnerwind.in (talk) 13:09, 1 March 2026 (UTC)

I suggest adding information about how severely AI tools have weaponized hackers and the threat they pose to cybersecurity. Anthropic has released a report of how hackers have used Claude to execute cyberattacks. https://www-cdn.anthropic.com/b2a76c6f6992465c09a6f2fce282f6c0cea8c200.pdf Imaazmm123 (talk) 05:25, 10 September 2025 (UTC)

*Controversial* This article indicates that cybersecurity is a subdiscipline of information security. This heavily implies that "Cybersecurity" is a "focus area" https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf specifically the CSF requires that risk management, governance, etc are essential in an effective cybersecurity program. Users should be made aware that this article is focused on certain aspects of cybersecurity. Even though this topic is covered, the article itself seems to indicate in the introduction that they're distinct within an organizational context. Further, many top cybersecurity platform-agnostic certifications like those from ISC2 tend to focus more on the CIA triad (or CIANA +PS). Finally, NIST SP 800-207 https://nvlpubs.nist.gov/nistpubs/specialpublications/NIST.SP.800-207.pdf (discussing ZTA) specifies on pg 1 that "Organizations need to implement comprehensive information security and resiliency practices for zero trust to be effective. " Information Security and Cybersecurity as this article distinguishes, are two interdependent concepts. As much as I recognize the topics might be different, the interdependency should be, at least, explicitly noted. Even though the distinction can "technically" be made CNSSI 4009 https://www.cnss.gov/CNSS/issuances/Instructions.cfm indicates that cybersecurity has largely replaced Information Assurance/Security as the "correct" term.

Additionally, the "Secure by Design" section should mention that the framework was an international effort, headed by the Australian Signals Directorate: https://www.cyber.gov.au/business-government/secure-design/secure-by-design/choosing-secure-and-verifiable-technologies The article section seems to indicate "special ownership" or a "special design" of the concept when it was, in fact, a joint effort.

Software Supply Chain Failures/Vulnerabilities should also be added as its an OWASP top 10 candidate for 2025: https://owasp.org/Top10/2025/A03_2025-Software_Supply_Chain_Failures/

Editors should consider adding privacy concepts to this article in accordance with NIST CSWP 40idp as the CIA, CIANA, or CIANA + PS models are overwhelmingly starting to consider user privacy, not just data/infrastructure protection, as a major component of their cybersecurity programs.

Last, many of the references in this article do not reference "official" sources for definitions. e.g. One company's definition of a concept is not always the respected industry definition for this topic. CNSSI 4009 is a respected publication for a glossary of terms and definitions. Chainsawvasectomy (talk) 14:14, 11 November 2025 (UTC)

I've been made aware that https://www.cnss.gov/CNSS/issuances/Instructions.cfm may be a problematic link. This is due to the DoD using a TLS certificate signed from their own Signing Authority (which your browser very likely doesn't have registered by default). If you don't add that Signing Authority to your browser it will think the certificate is invalid. If you're having issues trusting the link here is an archive.org link to resolve this: https://web.archive.org/web/20251010024632/https://www.cnss.gov/CNSS/issuances/Instructions.cfm Chainsawvasectomy (talk) 15:16, 11 November 2025 (UTC)

There is no segment about education. ~2025-41229-57 (talk) 00:54, 17 December 2025 (UTC)

This article is currently the subject of a Wiki Education Foundation-supported course assignment, between 19 January 2026 and 16 May 2026. Further details are available on the course page. Student editor(s): Dulceelsie1009 (article contribs).

— Assignment last updated by MaryB57 (talk) 01:39, 20 February 2026 (UTC)

I feel as though the image with the description

> Symbolic representation of computer security and data protection.

is irrelevant to the article and does not provide any meaningful benefit to the content other than to be filler.

Alternatively, we can show images of Yubikeys/Onlykeys (as they are ways of boosting the security of a computer) or completely remove the image entirely. WinnerWind (talk) 13:12, 1 March 2026 (UTC)

This image was added two days ago and I agree that its value is dubious at best and not at all appropriate as the lead image. What provenance or international recognition dies it have? How does it comply with MOS: IMAGEREL? Per WP:BRD, I have removed it pending consensus that supports its presence. --𝕁𝕄𝔽 (talk) 14:06, 1 March 2026 (UTC)