At work, we’re switching things to encrypt a lot of information in our databases for security reasons. The project has been time consuming and painful, and in the end, our database is far less usable from a developer’s standpoint than it was before. Soon the days when I can quickly diagnose issues on the production system with a few well-placed SELECT statements will be a thing of the past.
As far as the implementation goes, I’ll tell Hibernate users who want to implement an encryption system that there’s only one way to go — UserTypes. Don’t bother with anything else.
What this project really has me thinking about, though, is the high cost of security. It ties into something from the Bill James interview that I linked to the other day. Here was his response to the question of whether we overestimate or underestimate the importance of crime:
We underestimate it, because it’s our intent to underestimate it. We only deal with it indirectly. We all do so many things to avoid being the victims of crime that we no longer see those things, so we don’t see the cost of it. Just finding a safe place for us to have this conversation, for example — we needed a quiet place, but before that, we needed to find a safe place. A hotel lobby is what it is because of the level of security. I’ve checked out of this hotel, but I’m still sitting here in the third-floor lobby, because it’s safe. When you buy something, it’s wrapped in seven layers of packaging in order to make it harder to steal.
I think that people are generally excessively afraid of crime but underestimate the day to day costs that crime imposes. In software engineering, we spend a lot of time and effort on security. If everyone were honest, we wouldn’t need passwords, encryption, or any of the other stuff that occupies a lot of time on every project. We’d still need to take precautions against damage caused by user error, but most of the hours we spend on security could be spent on other things.
The other cost of security, beyond implementation time, is the ongoing cost related to the inconvenience of security. Whether it’s the time we take to unlock our screen or set up SSH tunnels or deal with the fact that we have to decrypt data in the database in order to see it, it all counts. Security is almost always a form of technical debt.
In many cases security precautions are necessary (or even mandated by law), but it’s important to be vigilant and not add more of it than is necessary, because it’s almost always painful in the moment and forever thereafter.
Happy birthday, MetaFilter!
This week is MetaFilter‘s twelfth anniversary. To commemorate the event, Matt Haughey purchased the first domain ever linked to from MeFi and posted a stories of how members of community originally found the site and what it has meant to them.
Matt, recently featured on the cover of his local alternative newsweekly, was a member of the original blogging community. There are a few blogs still kicking that were born in 1999 (mine was technically born in 1998), and Matt was a member of that group. He was cleverer and more generous than most of us, though. Rather than creating a space to post his own thoughts, he built a site where anyone could post links and comment on them.
At the time, I thought it was a crazy idea. Someone created a mailing list that some of the early bloggers were using to discuss ideas for a blogging-related startup. It was the height of the dot com bubble and we felt we all ought to be able to capitalize on this great idea that we’d all latched onto. Little did we know at the time that Matt already had the great idea — empower the community and lovingly care for it.
Here’s to twelve more years.