Fiber cut in SF area

• Previous message (by thread): Fiber cut in SF area
• Next message (by thread): Fiber cut in SF area
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> An easy way to describe what your saying is "Security by obscurity is  
> not security"

Yes and no.  From a certain point of view, security is almost always 
closely tied to obscurity.

A cylinder lock is simply a device that operates through principles that
are relatively unknown to the average person:  they just know that you
stick a key in, turn it, and it opens.  The security of such a lock is
dependent on an attacker not knowing what a pin and tumbler design is, 
and not having the tools and (trivial) skills needed to defeat it.  That
is obscurity of one sort.

Public key crypto is, pretty much by definition, reliant on the obscurity
of private keys in order to make it work.

Ouch, eh.  And "hard to obtain" is essentially a parallel as well.
Simply making keyblanks hard to obtain is really a form of obscurity.
How much security is dependent on that sort of strategy?  It can (and
does) work well in many cases, but knowing the risks and limits is
important.

But that's all assuming that you're trying to secure something against
a typical attacker.

My point was more the inverse, which is that a determined, equipped,
and knowledgeable attacker is a very difficult thing to defend against.

Which brings me to a new point:  if we accept that "security by obscurity
is not security," then, what (practical thing) IS security?

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

• Previous message (by thread): Fiber cut in SF area
• Next message (by thread): Fiber cut in SF area
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]