I think “falsehoods” articles should include a counterexample for each falsehood to drive the point home. Falsehoods about addresses does this pretty well.
I agree it’s a nice list that should have examples and/or mitigations.
I’m curious on this one:
Encrypted data on the network cannot be altered.
Do it means it can be altered on the endpoint ?