A good friend of mine, Tony Cowan, said that the best way to secure a Web site is to run it from a CD-ROM. Clearly he meant "secure it from defacement" because even running a Web site from a CD-ROM will not prevent denial-of-service attacks.
Microsoft has shouldered a lot of the blame for security problems in Windows, but security breaches didn't start with Windows. Other operating systems like Linux have them too because both Linux and Windows can trace their ancestry to UNIX, and many of the security holes found today were discovered by exploiting holes in UNIX first. However, with code access security we have the mixed blessing of security that orthogonally complements role-based security, making .NET more secure but also more challenging to instrument correctly.
In this chapter I introduced you to how to administer security policy and how to make demands of that security policy. Time will tell whether the security challenges are so great that it is impossible to completely secure connected systems or to what degree code access security alleviates security holes. The best approach has always been to treat all aspects of security with care and to anticipate and adapt to security challenges.