<- back
view in plain-text
2020-05-07

Simplicity (mostly) guarantees security

This is why I meme mnmlsm so much

Although it is a very comfy one, it’s not just an aesthetic. Simplicity and minimalism, in technology, is great for security too. I say “mostly” in the title because human error cannot be discounted, and nothing is perfect. However, the simpler your tech stack is, it is inherentely more secure than complex monstrosities.

Let’s look at systemd, for example. It’s got over 1.2 million lines of code. “Hurr durr but LoC doesn’t mean anything!” Sure ok, but can you imagine auditing this? How many times has it even been audited? I couldn’t find any audit reports. No, the developers are not security engineers and a trustworthy audit must be done by a third-party. What’s scarier, is this thing runs on a huge percentage of the world’s critical infrastructure and contains privileged core subsystems.

“B-but Linux is much bigger!” Indeed, it is, but it has a thousand times (if not more) the number of eyes looking at the code, and there have been multiple third-party audits. There are hundreds of independent orgs and multiple security teams looking at it. That’s not the case with systemd—it’s probably just RedHat.

Compare this to a bunch of shell scripts. Agreed, writing safe shell can be hard and there are a ton of weird edge-cases depending on your shell implementation, but the distinction here is you wrote it. Which means, you can identify what went wrong—things are predictable. systemd, however, is a large blackbox, and its state at runtime is largely unprovable and unpredictable. I am certain even the developers don’t know.

And this is why I whine about complexity so much. A complex, unpredictable system is nothing more than a large attack surface. Drew DeVault, head of sourcehut wrote something similar (yes that’s the link, yes it has a typo).:

https://sourcehut.org/blog/2020-04-20-prioritizing-simplitity/

He manually provisions all sourcehut infrastructure, because tools like Salt, Kubernetes etc. are just like systemd in our example—large monstrosities which can get you RCE’d. Don’t believe me? See this.

This was day 3 of the #100DaysToOffload challenge. It came out like a systemd-hate post, but really, I couldn’t think of a better example.

Questions or comments? Send an email to ~icyphox/x@lists.sr.ht—my public inbox.


How To Track Desert Locust Swarms

Billions of desert locusts are swarming across East Africa, multiplying in numbers over several months of favorable rain and breeding conditions, creating what the UN Food and Agriculture Organization (FAO) called an “unprecedented threat to food security,…

via bellingcat on Jun 23, 2020

OpenBSD on the Microsoft Surface Go 2 (notaweblog)

I used OpenBSD on the original Surface Go back in 2018 and many things worked with the big exception of the internal Atheros WiFi. This meant I had to keep it tethered to a USB-C dock for Ethernet or use a small USB-A WiFi dongle plugged into a less-than-…

via joshua stein on May 15, 2020

25/05/2020: This month in KISS (#2)

Welcome to the second monthly update for KISS. This post will be quite a long one, we've seen some nice changes this month and some great work by the Community.…

via KISS Linux Blog on May 25, 2020

Generated by openring.py

email
x@icyphox.sh

github
icyphox

mastodon
@x@icyphox.sh

pgp
0x8A93F96F78C5D4C4

last updated
76b554e on 2020-06-24

friends

Some of my friends and internet bros.

about

More about me and my work.