Bonum Certa Men Certa

Featuritis as Threat to Computer Security

posted by Roy Schestowitz on Jun 10, 2024

Featuritis

They say too much of a good thing can be bad for you. And "apropos OpenSSH," an associate said, "I suspect traces of Microsoft in that growing mess".

Like Mesa and Linux, Microsoft has in effect infiltrated (by payment) OpenSSH, which puts it at risk. They add Windows code to otherwise-simple and relatively secure bits of software to "extend" them to platforms with NSA back doors.

Here are some old articles about creeping featurism, featuritis, or feature creep [1, 2, 3].

Featuritis, also known as feature creep or creeping featurism, refers to the phenomenon in technology wherein a product does many things poorly rather than doing one thing well. At the very least, features will be “hidden” from the user among other features. In UX terms, this might manifest as poor information architecture, but it could lead to an unusable product.

When I think about avoiding featuritis I’m thinking about minimalism. What’s my MVP? How does “less is more” apply to my design? Of course, there are a certain number of affordances and features that belong to this product, but it’s my job to make sure users are not overwhelmed by a product that is poorly thought out.

1. Describes a systematic tendency to load more chrome and features onto systems at the expense of whatever elegance they may have possessed when originally designed. See also feeping creaturism. “You know, the main problem with BSD Unix has always been creeping featurism.”

2. More generally, the tendency for anything complicated to become even more complicated because people keep saying “Gee, it would be even better if it had this feature too”. (See feature.) The result is usually a patchwork because it grew one ad-hoc step at a time, rather than being planned. Planning is a lot of work, but it's easy to add just one extra little feature to help someone ... and then another ... and another.... When creeping featurism gets out of hand, it's like a cancer. The GNU hello program, intended to illustrate GNU command-line switch and coding conventions, is also a wonderful parody of creeping featurism; the distribution changelog is particularly funny. Usually this term is used to describe computer programs, but it could also be said of the federal government, the IRS 1040 form, and new cars. A similar phenomenon sometimes afflicts conscious redesigns; see second-system effect. See also creeping elegance.

“Creeping featurism is the tendency to add to the number of features of a product, often extending the number beyond all reason. There is no way that a product can remain usable and understandable by the time it has all of those special-purpose features that have been added in over time.”

― Donald A. Norman, The Design of Everyday Things

K.I.S.S. (Keep It Simple, Stupid) is essential for real security and outsourcing is the very opposite of security because it is compromising oneself based on trust in some unverifiable, inauditable entity, i.e. the antithesis of self-determination. It is imperative that we collectively reject the doctrine of fake security, wherein people controlling their computers is "sideloading". This morning we mentioned this in relation tom CAs.

Other Recent Techrights' Posts

The Free Software Foundation (FSF) Represents People, Not Corporations
FSF isn't in the "business" of appeasing oligarchs
IBM: We Can't Make 'AI' (Voice Recognition) Do the Work of a McDonald's Teenager, So Let's Try the Same on Saudi Planes
IBM is lost. It's truly lost.
The General Public License (GPL) Inspired the Web's Original Openness/Freedom, According to Tim Berners-Lee
"During the preceding year I had been trying to get CERN to release the intellectual property rights to the Web code under the General Public License (GPL) so that others could use it."
 
Microsoft Layoffs in 2026 Can be Bigger Than 2025 Microsoft Layoffs (30,000+ Workers Laid Off)
"Is there going to be any reorg or Microsoft layoffs?"
Gemini Links 21/12/2025: Solstice, Chaos of CSS, and Program Interpreter Fun
Links for the day
Why?
Why write articles?
Microsoft-Connected Publisher Spinning XBox's Death Spiral (It's Dying Fast) as a Strength and Something Deliberate
"Microsoft’s big gaming pivot"
Slop is Rare by Now
A year ago slop was so abundant that we did a whole series about it, and it was daily
Links 21/12/2025: U.S. Strikes in Syria, "Epstein Files Photos Disappear From Government Website"
Links for the day
Gemini Links 21/12/2025: Labrador Retriever of Lagrange's Developer Dies From Cancer, Political Philosophy, and "Getting to Inbox Zero"
Links for the day
Microsoft is Becoming Irrelevant: The Case of Georgia
Not Georgia Tech
Sirius Open Source is Now Imminently Dead (Struck Off)
compulsory strike-off
Dr. Richard Stallman, Invited by LibreTech Collective, is Giving a Public Talk in Georgia Tech Next Month (Scheller College of Business)
They can probably squeeze about 400 people into this room
25 Years of Activism for GNU/Linux
My passion for GNU/Linux brought a lot of contentment
Africa, Where Microsoft Used De Facto Slaves to Pretend to be "AI", Chatbots Usage is 0.2% of Measured Online Traffic
Judging by recent trends in Africa, many "Windows PCs" are being converted into GNU/Linux computers
New Drone Footage Shows IBM is Dead (Parts of It)
The people who participated in IBM when IBM actually mattered probably have boasting rights, unlike people who work for IBM today
Michael Larabel Adds Slop Category to Phoronix, Quickly Realises That It's Worthless
Phoronix nowadays gets carried away; it made a new category to talk about slop and it decided to call it "intelligence" with some caricature of a brain (that's misleading)Phoronix nowadays gets carried away; it made a new category to talk about slop and it decided to call it "intelligence" with some caricature of a brain (that's misleading)
After 35 Years the World Wide Web, HTML, and HTTP Are Proprietary
HTTP/2 added a lot of complexity (it's just a Google protocol, based on SPDY originally), many image formats are proprietary and patented, HTML got 'replaced' by Java-Scripts [sic], and many URLs (the URL system was created in the early 90s) are just long strings for proprietary 'webapps'
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 20, 2025
IRC logs for Saturday, December 20, 2025
The Register MS Has Lowered Its Standards Considerably
Incidentally, we've only just noticed that "US editor for The Register since July 2025" has not been active for 4 weeks already
Scamfarms, Spamfarms, and Slopfarms in "Linux" Clothing
Today, Linux searches in Google News produced no slop at all. That's an improvement.
Did Bill Gates Lobby to Blur the Face of the Young Woman He Openly Braces (and Who Isn't His Wife)?
"This photo of of Microsoft co-founder Bill Gates with a woman whose face is blurred out is just one of 68 more photos and documents released today."
Links 20/12/2025: Microsoft Ruins Televisions, 'Epstein Files' Deeply Sanitised (to Protect Particular Culprits)
Links for the day
Gemini Links 20/12/2025: Merry Christmas 2025 and Running a Factorio Headless Server on FreeBSD with the Linuxulato
Links for the day
With 10 Days Left, the Free Software Foundation (FSF) Has Already Raised Close to $300,000 This Winter
they're besieged by despicable corporations and very despicable people
The Real Problem With Rust is Not "Wokeness" (It Never Was)
Don't feed the trolls who attack "Rust People" on political grounds
2025 in Numbers
What was very good about this year is that we truly got "into the rhythm" of publishing
More Microsoft Layoffs Coming Soon
When I spoke about Microsoft layoffs (routinely) I got very viciously attacked by Microsoft boosters
My Humble Assessment of the Future of Red Hat, A Company That IBM is Flushing Down the Loo
GNU/Linux will be OK without Red Hat, but shaping the future of it matters because we don't want companies like Valve (DRM) to set the agenda
Probably the Least Useful Gadgets, Ever
as if a "smart" thing worn on the wrist is the "new Rolex"
Former Manager at IBM Research (Yorktown) Says Why IBM is Doomed and the Anonymous Tipline (Speak Up) is a Trap
IBM isn't willing to change or to address internal issues
Links 20/12/2025: Fentanylware Becomes CheeTok and "Why Roomba Died"
Links for the day
Linux Foundation: Richard Stallman Developed Only a Software Licence
We already criticised this report several times last night
Impulsive Writing, Quotas, and Keeping Things as Concise as Feasible
A 10-word sentence being read by a million people can have the same impact or magnitude (exposure-wise) as a million-word book being read by just 10 people
Gemini Links 20/12/2025: Christmas Songs, Storms, and Old Web
Links for the day
Coming to Grips With a Lack of Future at IBM
Red Hat's future doesn't look bright under the auspices as they seem right now
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 19, 2025
IRC logs for Friday, December 19, 2025
Links 20/12/2025: Media Layoffs, a Third of Online Traffic is Bots
Links for the day