Chapter 30. Simplicity and Security
A big part of writing secure software (probably the biggest part) is simplicity.
When we think about software security, the first question that we ask is, "How many different ways could this program possibly be attacked?" That is, how many "ways in" are there? It's a bit like asking "How many doors and windows are there on this building?" If your building has 1 exterior door, it's very easy to protect that door. If it has 1000, it will be impossible to keep the building secure, no matter how good the doors are or how many security guards you have.
So we need to limit the "ways in" to our software to some reasonable number, or it won't ever be secure. That's accomplished by making the overall system relatively simple, or breaking it down into very simple and totally separate component parts.
Then, once we've limited the ways in, we need to start thinking about:
"How many different...