Fiber cut in SF area

Stephen Sprunk stephen at sprunk.org
Mon Apr 13 14:18:04 UTC 2009


Mike Lewinski wrote:
> Joe Greco wrote:
>> Which brings me to a new point:  if we accept that "security by 
>> obscurity is not security," then, what (practical thing) IS security?
>
> Obscurity as a principle works just fine provided the given token is 
> obscure enough. Ideally there are layers of "security by obscurity" so 
> compromise of any one token isn't enough by itself: my strong ssh 
> password (1 layer of obscurity) is protected by the ssh server key 
> (2nd layer) that is only accessible via vpn which has it's own 
> encryption key (3rd layer). The loss of my password alone doesn't get 
> anyone anything. The compromise of either the VPN or server ssh key 
> (without already having direct access to those systems) doesn't get 
> them my password either.
>
> I think the problem is that the notion of "security by obscurity isn't 
> security" was originally meant to convey to software vendors "don't 
> rely on closed source to hide your bugs" and has since been mistakenly 
> applied beyond that narrow context. In most of our applications, some 
> form of obscurity is all we really have.

The accepted standard is that a system is secure iff you can disclose 
_all_ of the details of how the system works to an attacker _except_ the 
private key and they still cannot get in -- and that is true of most 
open-standard or open-source encryption/security products due to 
extensive peer review and iterative improvements.  What "security by 
obscurity" refers to are systems so weak that their workings cannot be 
exposed because then the keys will not be needed, which is true of most 
closed-source systems.  It does _not_ refer to keeping your private keys 
secret.

Key management is considered to be an entirely different problem.  If 
you do not keep your private keys secure, no security system will be 
able to help you.

S

-- 
Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20090413/11f873e1/attachment.bin>


More information about the NANOG mailing list