Mark T. Tomczak on Nostr: npub178rvt…sqekt From the old New Hacker's Dictionary, airplane rule: "Complexity ...
npub178rvtslm3qykq8uy5afswta2qz5pk9atjxsepht4x8ldddssp6kq4sqekt (npub178r…qekt) From the old New Hacker's Dictionary, airplane rule: "Complexity increases the possibility of failure; a twin-engine airplane has twice as many engine problems as a single-engine airplane."
I think people often interpret this in the security space as "Having N implementations makes the system more vulnerable than having one correct implementation," but a lot of NHD-thinking is firmly grounded in the pre-Internet era. in the modern era, distribution and redundancy are also important. Yes, having N passwords to N domains provides N places an attacker can compromise you, but it also (can) mean that if they get one, they don't have the rest!
(It's very worth noting that the NHD interpretation of the airplane rule is emphatically not how aviation thinks about safety; by law, planes that have to fly over water must be able to maintain flight on one engine, and even single-engine planes have redundant just-about-everything under the hood to minimize the chances of that engine going out. You don't just build one magneto and make it perfect; you build two magnetos, test both before takeoff, and have a policy that a magneto failing is an emergency requiring as expedient a safe runway landing as possible).
I think people often interpret this in the security space as "Having N implementations makes the system more vulnerable than having one correct implementation," but a lot of NHD-thinking is firmly grounded in the pre-Internet era. in the modern era, distribution and redundancy are also important. Yes, having N passwords to N domains provides N places an attacker can compromise you, but it also (can) mean that if they get one, they don't have the rest!
(It's very worth noting that the NHD interpretation of the airplane rule is emphatically not how aviation thinks about safety; by law, planes that have to fly over water must be able to maintain flight on one engine, and even single-engine planes have redundant just-about-everything under the hood to minimize the chances of that engine going out. You don't just build one magneto and make it perfect; you build two magnetos, test both before takeoff, and have a policy that a magneto failing is an emergency requiring as expedient a safe runway landing as possible).