Principle 4:Least privilege (cont.) Use Secure Defaults By default, -security should be switched on -permissions turned off This will ensure that we apply principle of least privilege ■ Counterexample:bluetooth connection on mobile phone is by default on,but can be abused -CSE825 12CSE825 12 Principle 4: Least privilege (cont.)  Use Secure Defaults  By default, ─ security should be switched on ─ permissions turned off  This will ensure that we apply principle of least privilege  Counterexample: bluetooth connection on mobile phone is by default on, but can be abused