Colin Percival: ‘Complexity Is Insecurity’

Colin Percival:

Complexity can be thought of as a type of code smell: It doesn’t necessarily imply that there is a problem, but the presence of complexity is very strongly correlated with the presence of security vulnerabilities. In the design and construction of secure systems, it is important to not only consider mistakes which are guaranteed to cause problems, but to also consider factors which make it more likely that problems will arise — or, put another way, factors which make it harder to get things right.

(Via Alex Payne.)

Sunday, 6 September 2009