Cryptosmith

Cyber and security architecture, not bitcoins

Example of KISS

Ok, this is a backwards observation.

One of my hot buttons is to spot “cyber security principles,” that is, general but pointed observations on how to improve cyber security.

A long-held principle is “Keep it Simple, Stupid.” Thanks to Moore’s Law and the constantly falling price of ever bigger, faster, and more complex tech, no one puts much effort into keeping things simple. The extra features draw more customers even if they make the tech more fragile.

So, I like this post by Preston Galla that highlights security failures on Android phones. The failures mostly arise from crapware – software added by a vendor to offer distictive features to a phone, but features that bring the vendor more money. Such software is often cheap and unreliable. Not surprisingly, it’s also the source of most Android phone vulnerabilities.

Favorite Posts

Memory Sizes: kilo mega giga tera peta exaOctober 18, 2013
SCI//HCS-P/SI/TK at Mar-a-LagoJune 4, 2023
Stream Cipher Reuse: A Graphic ExampleMay 31, 2008
Password Hashing and CrackingMarch 26, 2021
Kilo mega giga teraOctober 19, 2013
Security Design PrinciplesOctober 19, 2013

ACSAC Android Apple attacks authentication Bitcoin Boak Calibre certificates CIA properties classified Clinton cloud computing Coursera CPU cracking crypto cybercurrency databases design principles domain names Drupal ebooks elections email encrypted messages evaluations file systems flaws Ft. Meade GUI history iOS iPhone KGB Kindle library malware memory sizes Microsoft mobile security MSSE Multics NSA NSTISSI 4011 OPDS passwords phishing President quantum Quizlet RAM risks secrecy spam SSL stream cipher TCSEC Top Secret training Trump UMN video Wordpress xor