By John Gruber
WorkOS Radar:
Protect your app against AI bots, free-tier abuse, and brute-force attacks.
- Colin Percival: ‘Complexity Is Insecurity’
-
Colin Percival:
Complexity can be thought of as a type of code smell: It doesn’t necessarily imply that there is a problem, but the presence of complexity is very strongly correlated with the presence of security vulnerabilities. In the design and construction of secure systems, it is important to not only consider mistakes which are guaranteed to cause problems, but to also consider factors which make it more likely that problems will arise — or, put another way, factors which make it harder to get things right.
★ Sunday, 6 September 2009