Simplicity makes security easier. Complexity allows for mistakes, greater attack surface, and weak links.
- Our second general security principle is simple is more secure. Let me start by asking a question. Which would be easier to secure? A house that had only one door, or a house that had five doors and five windows? The answer's, obviously, the house with one door. The larger and more complex a system becomes, the harder it becomes to secure. Larger systems have more areas of concern. They have a larger attack surface to keep secure. More complex systems increase the likelihood of bugs or of making mistakes. Simpler is always more secure. When programming, there are several techniques that you can use to reduce complexity, and therefore, increase security. Giving clear names to functions and variables makes your code easier to read and to understand. Write code comments. Describe what you intend for the code to do, how it does it, and why you chose a particular approach. List the expected inputs and the expected outputs of a function. Make notes about any security concerns that might help during future development. Code comments may add to the length of a file, but they simplify the process of understanding how code works. Next, built-in functions are better than custom functions. The built-in functions in a language or framework are often better written, more error-resistant, and better tested than custom code that performs the same task. Built-in versions may address security concerns that your code might overlook. You should remove cruft from your code. Cruft is anything that's left over, redundant, or getting in the way. It may be legacy code, or features that are no longer needed. Cleaner code is easier to understand and removes potential vulnerabilities. Disable features you don't intend to use. Every feature you remove is one less feature you have to keep secure. If a web server won't be sending emails, then disable email-sending features. If you're not using PHP, then there's no reason to leave yourself open to any PHP vulnerabilities. Breaking up long sections of code into smaller functions can greatly reduce complexity. Give each function a specific purpose. Don't let it do more than one thing, and give it a name that makes that purpose clear. In programming, we call this refactoring. The function of the code doesn't change, but the quality of the code is improved by making its structure simpler and clearer. Perhaps most importantly, don't repeat yourself. Object-oriented programming strongly encourages this practice, but functional programming can use it too. If we duplicate code, and then later find a bug, the bug may get fixed in one version, but not in the other. If there are subtle differences in the code, we may use the wrong version by accident. Don't let unnecessary complexity become a security liability. Remember, simple is always more secure.
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting