Bonum Certa Men Certa

Featuritis as Threat to Computer Security

posted by Roy Schestowitz on Jun 10, 2024

Featuritis

They say too much of a good thing can be bad for you. And "apropos OpenSSH," an associate said, "I suspect traces of Microsoft in that growing mess".

Like Mesa and Linux, Microsoft has in effect infiltrated (by payment) OpenSSH, which puts it at risk. They add Windows code to otherwise-simple and relatively secure bits of software to "extend" them to platforms with NSA back doors.

Here are some old articles about creeping featurism, featuritis, or feature creep [1, 2, 3].

Featuritis, also known as feature creep or creeping featurism, refers to the phenomenon in technology wherein a product does many things poorly rather than doing one thing well. At the very least, features will be “hidden” from the user among other features. In UX terms, this might manifest as poor information architecture, but it could lead to an unusable product.

When I think about avoiding featuritis I’m thinking about minimalism. What’s my MVP? How does “less is more” apply to my design? Of course, there are a certain number of affordances and features that belong to this product, but it’s my job to make sure users are not overwhelmed by a product that is poorly thought out.

1. Describes a systematic tendency to load more chrome and features onto systems at the expense of whatever elegance they may have possessed when originally designed. See also feeping creaturism. “You know, the main problem with BSD Unix has always been creeping featurism.”

2. More generally, the tendency for anything complicated to become even more complicated because people keep saying “Gee, it would be even better if it had this feature too”. (See feature.) The result is usually a patchwork because it grew one ad-hoc step at a time, rather than being planned. Planning is a lot of work, but it's easy to add just one extra little feature to help someone ... and then another ... and another.... When creeping featurism gets out of hand, it's like a cancer. The GNU hello program, intended to illustrate GNU command-line switch and coding conventions, is also a wonderful parody of creeping featurism; the distribution changelog is particularly funny. Usually this term is used to describe computer programs, but it could also be said of the federal government, the IRS 1040 form, and new cars. A similar phenomenon sometimes afflicts conscious redesigns; see second-system effect. See also creeping elegance.

“Creeping featurism is the tendency to add to the number of features of a product, often extending the number beyond all reason. There is no way that a product can remain usable and understandable by the time it has all of those special-purpose features that have been added in over time.”

― Donald A. Norman, The Design of Everyday Things

K.I.S.S. (Keep It Simple, Stupid) is essential for real security and outsourcing is the very opposite of security because it is compromising oneself based on trust in some unverifiable, inauditable entity, i.e. the antithesis of self-determination. It is imperative that we collectively reject the doctrine of fake security, wherein people controlling their computers is "sideloading". This morning we mentioned this in relation tom CAs.

Other Recent Techrights' Posts

Where Microsoft's Bing Cannot Even Reach 1% "Market Share"
Looking at "I" countries
Links 16/02/2026: Barack Obama Responds to Racist Cheeto and Benjamin Mako Hill Studies Online Communities
Links for the day
IBM Reduces the Thresholds for Acceptance (and the Salaries)
Are chatbots good enough as IBM staff?
When It Comes to Rust, Keep All the Eyes on the Ball (Technical and Legal Perils, Sustainability Questions)
It's not about security or politics
 
Microsoft Turned Bing Into Censorship Machine of China, But Bing Is Pegged at a Mere 2% in Asia, Yandex is Bigger
Expect many Bing layoffs some time soon (like in past years)
Just Like The Register MS, Conde Nast's Ars Technica Has Just Publicly Admitted That It Published Fake Articles (Slop) Made by LLMs About Serious Subjects
Conde Nast might shut Ars Technica down to escape the bad publicity/association
Solicitors Regulation Authority (SRA) Way Too Slow to Respond to Financial Fraud at Law Firms, in Effect Helping Those Law Firms Defraud Many More People (Fleecing Clients)
Who will hold the SRA accountable for this?
Techrights Became a Hub for News That IBM/Red Hat Doesn't Want You to See (and Pays Mainstream Media to Distract From)
the more viciously the notorious organisation attacks the reporter, the greater the interest in what the reporter has to say
EPO's Central Staff Committee on Fourth Technical Meeting, Two Days Before First of (At Least) 4 Winter Strikes at the Second-Largest European Institution
“future orientations on the salary adjustment procedure”
IBM's Collapse Continues, Half of EU Countries to Have Mass Layoffs, "IBM Clearly Disinvests From Europe" Says IBM European Works Council
Recent publication
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, February 16, 2026
IRC logs for Monday, February 16, 2026
Gemini Links 17/02/2026: Alpenglow Industries' Closure and Gemini Server Issues
Links for the day
The Southern California Linux Expo (“SCALE”) or SCALE 23x Becomes Microsoft
It's not supporting the event, it is buying it.
Microsoft to Focus on Name-Dropping Buzzwords to Distract From Declining Business, IBM RAs (Layoffs) With Staff Stack-Ranked
Calling everything cloud or reclassifying as "AI"
Another EPO Strike One Week From Now, Local Staff Committee Munich to Discuss It This Week
Campinos MIA while Office staff goes on strike at least 4 times
Gemini Links 16/02/2026: Task Completed by Avoidance and "Playing Again With Akkoma"
Links for the day
Happy Birthday (or Anniversary) to SoylentNews
"Happy Birthday SoylentNews"
Techrights' Architecture
Stability is the main goal
Linux Foundation Continues Falling Off a Cliff in Geminispace
Gemini Protocol will turn 7 this summer
Links 16/02/2026: cURL’s Daniel Stenberg Asserts That Slop is DDoSing Free Software, But Still Uses a Plagiarism and GPL-Violating Blender (Microsoft GitHub)
Links for the day
The Techrights Community Never Needed Money, Only Goodwill
We accomplish things by a track record of suppressed facts
"AboutCode" is a Microsoft Proxy and Microsoft's Acquisition of the OSI Advances Via OSI Moles
presenting direct evidence anybody can verify
Social Control Media is Just a Digital Weapon
Social control media is not social and not media
They Will Call Smart People "Luddites"
Is society "seeing the light"?
Microsoft Amutable Already Reveals That Its Focus Is Not Linux, It'll Promote "Remote Attestation"
This is basically an attack on Software Freedom, even if they toss around the brand "Linux"
More People in Chad Move to GNU/Linux
Last year we began to see GNU/Linux rising there - a trend which continues this year
Dr. Andy Farnell on How Universities and Culture of Education Got Crushed by "Technofascist Nightmare"
Farnell says he "already soft-quit in [his] mind"
Debt of Broadcom Grew by More Than 50%, Broadcom is Deeper in Debt Than Google
Expect many more cuts
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, February 15, 2026
IRC logs for Sunday, February 15, 2026
Links 15/02/2026: Slop, Politics, and Gemini
Links for the day
Small is Beautiful (in Cascading Style Sheets/Inheritance Rules)
If done correctly, pages can take a tenth of a second to fully load
Microsoft Has Fallen to New Lows in Hong Kong This Year
That Windows "market share" falls there is perhaps expected
Free Software Foundation (FSF) Raised About 1.5 Million Dollars This Winter, Almost 50% More Than in All of 2024 Combined
Verbal advocacy goes a long way
Spread the Word About EPO Strikes and Patent Injustices in Europe
Corruption in Europe is a real thing
The Register MS is Promoting Slop, Promotion Connected to Microsoft (Trying to Replace Judges With Microsoft)
marketing spun as "science"
He Did Not Have Enough Souls
A lot of the subjects we cover here no other site dares touch
"Mix Vale" is a Slopfarm
3 "articles" about "ubuntu"
Links 15/02/2026: Roy Medvedev Dead at 100, Rise of "YouTube Politicians"
Links for the day
Links 15/02/2026: How Alexey Navalny Was Executed by Putin, Erdogan Helping Iran
Links for the day
IBM Fedora Keeps Promoting Slop, Red Hat Has Been Turned Into Chaff and Trash to Help IBM's Stock (With "AI" Storytelling)
Red Hat's Fedora is an old brand (20+ years). It no longer stands for what it meant to people in the Fedora Core days (I was a Fedora user back then).
What IBM Said About 2026 Layoffs and What's Happening in Practice
t'll leave IBM at the very bottom, in due course (customers will notice something profound has changed)
Gemini Links 15/02/2026: "Already Midway February" and Loadbars Remembered
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, February 14, 2026
IRC logs for Saturday, February 14, 2026