WebApp Sec mailing list archives
RE: simplicity improves security?
From: "Simon Zuckerbraun" <szucker () sst-pr-1 com>
Date: Wed, 14 Sep 2005 16:14:38 -0500
"Complexity is the worst enemy of security." - Bruce Schneier, *Secrets and Lies* p. 354 "A more complex system is less secure on all fronts. It contains more weaknesses to start with, its modularity exacerbates those weaknesses, it's harder to test, it's harder to understand, and it's harder to analyze." ibid, p. 357 Simon -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Tuesday, September 13, 2005 10:02 AM To: webappsec () securityfocus org Subject: simplicity improves security? Hello All, I am looking for a quote to end an presentation, that talks about how simplicity in an application can improve the security, whereas a more a complex application will be more prone to security related issues. Any quotes from any security gurus? -- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better.
Current thread:
- simplicity improves security? Saqib Ali (Sep 13)
- RE: simplicity improves security? Simon Zuckerbraun (Sep 14)
- Re: simplicity improves security? Robert Hajime Lanning (Sep 14)