|
|
|
|
|
|
by dpwm
3283 days ago
|
|
|
Some of the most effective security measures actually increase complexity. Two-factor authentication increases complexity in every measurable way but mitigates against a number of softer attacks. Adding encryption adds a ton of complexity but effectively removes all man-in-the-middle attacks. The simplest way of storing passwords is in plaintext. Privelege separation is far from the simplest way of structuring a daemon, but it effectively prevents exploits in the complex parts from allowing an attacker to gain remote root access. Perhaps it is more that superfluous complexity is the problem. |
|
|