Fiber cut in SF area

Mike Lewinski mike at rockynet.com
Sun Apr 12 05:36:14 UTC 2009


Joe Greco wrote:

> My point was more the inverse, which is that a determined, equipped,
> and knowledgeable attacker is a very difficult thing to defend against.

"The Untold Story of the World's Biggest Diamond Heist" published 
recently in Wired was a good read on that subject:

http://www.wired.com/politics/law/magazine/17-04/ff_diamonds

> Which brings me to a new point:  if we accept that "security by obscurity
> is not security," then, what (practical thing) IS security?

Obscurity as a principle works just fine provided the given token is 
obscure enough. Ideally there are layers of "security by obscurity" so 
compromise of any one token isn't enough by itself: my strong ssh 
password (1 layer of obscurity) is protected by the ssh server key (2nd 
layer) that is only accessible via vpn which has it's own encryption key 
(3rd layer). The loss of my password alone doesn't get anyone anything. 
The compromise of either the VPN or server ssh key (without already 
having direct access to those systems) doesn't get them my password either.

I think the problem is that the notion of "security by obscurity isn't 
security" was originally meant to convey to software vendors "don't rely 
on closed source to hide your bugs" and has since been mistakenly 
applied beyond that narrow context. In most of our applications, some 
form of obscurity is all we really have.

Mike




More information about the NANOG mailing list