Computer security, as it’s done today by most practitioners, is fundamentally a con. It’s a con the same way that most diet foods and “lose weight fast” schemes are a con: they cost a lot and they only work if you do something sensible that would have worked REGARDLESS of whether you were following the rules of the diet.
The author lists “simple” ideas to keep in mind regarding network security, including Production Systems 101:
10 SET IT UP 20 MAKE IT WORK 30 IF WORKING THEN 40 DON'T F- WITH IT 50 ENDIF 60 IF NOT WORKING 70 FIX IT 80 GOTO 20 90 ENDIF
it's that BASIC (ok, that was a bad one...)
Some of his ideas (including the one above) can be applied to software development.