Easy to use software can also be safe
----------------------------
Anyone who has been working with computers for a long time have noticed that all major operating systems and applications have become easier to use in recent years (supposedly). Tasks are often complex procedures and require experienced professionals to do can now be done with the push of a button. For example, creating an Active Directory on Windows 2000 or higher can now be done by an assistant carrying even the most novice technical person to believe they can "secure" operating environment configuration. This is actually very far from the truth. Half the time this procedure is not properly configured for DNS security or permissions are relaxed, because the end user can not perform a specific function.

If it is easy to develop, it is also safe
--------------------------------------------------
One of the reasons why operating systems and applications "appears" to be easier to work with then are used to the developers have created procedures and reusable objects to look after all the complex tasks for you. For example, back in the old days, when I started as a developer using assembly language and C / C + +, I had to write almost all the code myself. Now everything is visually driven, with millions of lines of code already written for you. All you have to do is create the framework for its implementation and development environment and compiler adds all the other complex things for you. Who wrote this other code? How can you be sure it is safe. Basically, you have no idea and no easy way to answer this question.

Secure environments are not well with the complexity
----------------------------
The reality is that it may seem easier on the surface, but the complexity of management software can be incredible. And guess what, secure environments do not mix well with complexity. This is one reason why there are so many opportunities for hackers, viruses and malware to attack computers. How many bugs in Microsoft's operating system? I can almost guarantee that no one really knows, not even Microsoft developers. However, I can tell you there are thousands, if not hundreds of thousands of bugs, security holes and flaws in the major systems and applications waiting to be discovered and exploited maliciously.

How reliable and safe are complex systems?
-------------------------------------------------- --------
Let's make a comparison between the world of software and security with the space program. NASA scientists have known for years that the space shuttle is one of the most complex systems in the world. With miles of wiring, incredible mechanical functions, millions of lines of code operating system and applications and failsafe systems to protect failsafe systems, and even more fail-safe systems to protect other systems. Systems like the space shuttle must perform consistently, profitably, and have a high mean time between failures (MTBF).

Overall the space shuttle has a good record. One thing is not whether it is profitable and consistent. Whenever there is a release of different issues crop up that cause delays. In some circumstances, even the most basic components of this complex system, such as "O" rings, have sadly led to a fatal outcome. Why are things like lost? Are they just not on the radar screen, because all the other complexities of the system demand so much attention? There are millions of different variables, I'm sure. The fact is that NASA scientists know they have to work on developing less complex systems to achieve their goals.

This same principle of reducing the complexity to increase safety, performance and reduce failures actually applies to the world of computers and networks. Never associated time here talking mine incredibly complex system designed for customers and how hard they were to implement I shudder. How in the world are people supposed to cost-effectively and securely manage such things. In some cases it is almost impossible. Ask any organization or the number of versions of different brands of intrusion detection systems that have passed. As they often have had infections with viruses and malware, due to poorly developed software or applications. Or, if you have had a security breach because the developer of a specific system was driven by the ease of use, and not wanting to start a useful piece of code was also useful for a hacker.

¿I can write a document without any potential security problem for
-----------------------------------------------
Only a few days ago I was thinking of something as simple as Microsoft Word. I use MS-Word all the time, every day, in fact. Do you know how powerful this application really is? Microsoft Word can do all kinds of complex tasks, such as mathematics, algorithms, graphs, trend analysis, crazy font and graphic effects, links to external data, including databases and run web based functions.

You know what I use it for, to write documents. nothing crazy or complex, at least most of the time. Would not it interesting that the first time you install or configure Microsoft Word, was not an option to install only a succinct version of the commodities. I mean, really stripped down so there was not much for him. You can do this to a degree, but all shared application components are still there. Almost all computers have been compromised during security assessments has had MS-Word installed on it. I can not tell you how many times I have used this ability of applications to make all kinds of complex tasks to compromise the system and other systems. We leave the details of this article, but on the other.

Conclusion
----------
Here is the final result. Systems get more complex, usually on behalf of the ease of use for end users more opportunities for failure, compromise and infection increases. There are many ways to make things easy to use, better performance, and provide a wide variety of functions and still reduce complexity and maintain security. It just takes a little longer to develop and think safety. You might think that a large part of the blame for insecure software complex should fall on the shoulders of the developers. But the reality is that we, the end users and consumers are partly to blame. We want software that is bigger, faster, can do almost everything, and we want it fast. We do not have time to wait for it to develop a safe, right?