Complication leads to many more security holes than simplification. The more complex a system is, the more likely it is to contain a security problem. In fact, it probably has more holes and problems than are ever discovered.
Any system, no matter how simple, CAN have security holes. It's the nature of the beast; when you have a system that anyone can use, there is the risk that one of those people will find a way to use it in unintended ways.
In this case, an attempt at simplification appears to have led to a security problem. I say appears not because I doubt there's a problem but because I don't pretend to know exactly what mistake was made here. I still much prefer simplification to complication.
- email Ozymandias