We know that software requires security update, because we never know how it’ll be hacked. There are thoughts on, however, minimal programming, where it doesn’t require security update to continue its usage.
Basically, we reduce complicated programming infrastructure to easy-to-understand infrastructure, such that no one can take advantage of the complicated infrastructure in the future. This effectively reduce potential loopholes, potential surface area for hackers to exploit.
Whenever we design a program, think, what’s the most simple solution to a problem? What are the programs that are so straightforward, telling what it does, that we don’t have to think whether it’ll cause a security problem in the future?
In contrast, a design that looks cool, that take different strategy with different if-else statement, are doomed to security loopholes. We might find loopholes in the future that we patch, and hackers tries to find more loophole. That’s the problem with large surface area.
Reducing the surface area for a hacker to attack, and reduce the code that make changes, is vital. Additionally, reduce what the hacker can access to is another solution.