One of the principles that seems to be constant no matter what endeavour you’re engaged in is – simplicity is your friend.
When it comes to eating plans, exercise regimes, cooking lessons, writing practices – whatever – an imperfect plan consistently practiced will always beat the perfect plan inconsistently followed.
Success is found that way mainly because of the incredible power that comes from building habits (no matter how small).
But simplicity has another very distinct benefit in another specific area – writing secure code. Or, more accurately, less insecure code (as security can never be an absolute).
To look further into this, it’s worth reading this thread by Sarah Jamie Lewis about the proposed Swiss online voting system. It’s hard to believe that this could ever be a good idea – for a whole number of reasons. But for the present purposes, let’s just focus on the security implications:
Some people in this thread asked what I meant by "code that was not written to be easily audited", and asked how they can write audible code.
So join me on this fine Sunday evening as I wax lyrical about writing code that is easy to audit.https://t.co/PEjdGBBe68
— Sarah Jamie Lewis (@SarahJamieLewis) February 18, 2019
There’s been a lot of criticism about the project so far. But it’s impossible to disagree with what she’s saying here. No matter what kind of rockstar genius coders you might have, to date no one has ever written perfect code. Their will always be errors – and when the system is critical (even when it isn’t, to be honest, it’s just the stakes are much higher), you want to be using things that have been demonstrably proved to work together in ways that are robust.
Once you have complex code in play, not only does the code have to be written perfectly itself but the different packages etc also have to be integrated perfectly.
You’ve just massively increased the chances of causing problems in the future.
The easier it is to fix things, the more chance you have of getting it right. That’s why all important code has to be auditable. Because no-one can expect to get things right the first time around. And when when you start playing around with individual’s democratic rights, the stakes have just gone through the roof.
Anyway, I wish the swiss election team the best of luck in ensuring that the thousands of new, highly configurable, ZKP code, written in Java, decomposed over hundreds of files, is up to the standard of securing national elections.
— Sarah Jamie Lewis (@SarahJamieLewis) February 18, 2019