Principle 4:Least privilege (cont.) Use Secure Defaults By default, -security should be switched on -permissions turned off This will ensure that we apply principle of least privilege ■ Counterexample:bluetooth connection on mobile phone is by default on,but can be abused -CSE825 12CSE825 12 Principle 4: Least privilege (cont.) Use Secure Defaults By default, ─ security should be switched on ─ permissions turned off This will ensure that we apply principle of least privilege Counterexample: bluetooth connection on mobile phone is by default on, but can be abused