Follow

Flexibility leads to complexity and complexity is the enemy of security, so it's a shame that many security-related systems and APIs seem to themselves be designed with maximum flexibility in mind

Here's Niels Ferguson and Bruce Schneier's paper from 2000 where they dedicate about a quarter of the paper to ranting about how IPsec is too damned complicated
schneier.com/academic/paperfil

@fraggle ah yes SElinux, designed such that no mortal could possibly configure it properly.

I'm looking forward to Wireguard coming out of alpha. It's so beautifully simple.

Sign in to participate in the conversation
Octodon

Octodon is a nice general purpose instance. more