On Duct Tape and Fence Posts
There's a parable in the security industry. A person owns some land in the desert, and they want to prevent trespassing. So they start building a fence. They want the area to be really secure, so they build a really tall fence post, to make absolutely sure that no one could climb over it. But they never get around to building the rest of the fence; any intruder could simply walk around it. The height of the fence post is irrelevant.
This is fence post security. It doesn't matter how well-defended the door is if the walls around it are so flimsy. A smart attacker will generally attack the weakest part of a system; good security requires that all possible methods of attack are covered.
This idea is closely related to the principle that a chain is only as strong as its weakest link. A chain is minimalist; there are no redundant links, so every link is playing an essential role, and if any of them fails, the whole system fails. Fencepost security is what happens when someone fails to consider this and spends their resources reinforcing a single link, leaving the others untouched.
It's an easy mistake to make. People think to themselves "in the current system, what's the weakest point?", and then dedicate their resources to shoring up the defenses at that point, not realizing that after the first small improvement in that area, there's likely now a new weakest point somewhere else.
