Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adobe Alternatives

From: ron () gmail com
Date: Tue, 29 Sep 2009 15:25:01 -0600
Hey Jeff:

The definition I was thinking of is that "Security by Obscurity" depends on doing something to hide from hackers.  But 
usually the attempt to hide is so weak that anyone except the computer illiterate can see through it with a trivial 
effort.  

For me the classic example of "security by obscurity" that comes to mind is the suggestion to turn of SSID broadcast to 
help "secure" your wireless access point.  It may have been a useful tip 5-10(?) years ago, but since then enough 
freeware and hacking tools have become available that anyone can defeat this "security" recommendation.

In that context I was placing the idea that switching from the market leader (Adobe) to lesser used software is 
obscuring you, a little, from hackers.  But like any dependence on obscurity it is not really secure, it just thins out 
the number of potential hackers trying to get at you. For example obscurity filters out "script kiddies" who only run 
attacks that they download, who do not have the skills to create their own new attacks.  It still leaves you open to 
"serious" hackers who may "specialize" in attacking less known software on the theory that their attacks will take 
longer to be noticed and exposed, and creating anti-malware (ie AV Signatures) will be lower priority thus take longer 
to release.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: