Full Disclosure mailing list archives
Re: Response to comments on Security and Obscurity
From: gadgeteer () elegantinnovations org
Date: Wed, 1 Sep 2004 13:46:59 -0600
On Wed, Sep 01, 2004 at 11:27:17AM -0400, Peter Swire (peter () peterswire net) wrote:
Some responses to the first morning worth of comments. A big reason for posting the paper to Full Disclosure was to make the paper less stupid -- to learn from the list. I've been working on this topic since I left the White House in early 2001, where I worked on privacy and computer security issues including the Federal Intrusion Detection Network, etc. A 2001 version of the paper needed a lot of work, and is still on the publications page of my web site as a work in progress ("What Should be Hidden or Open in Computer Security?"). I've presented this stuff quite a few times in front of technical audiences since, and continue to seek to improve it. I continue to think that this is an important topic -- for computer security and Homeland Security and physical security (especially after all the pro-secrecy actions since 9/11), when is secrecy at all justifiable, and when instead does it lead to bad security in addition to bad accountability?
Ah... Well, we all have day jobs. :-) If your opinions have as wide an impact as the paragraph above would indicate. A more practical and serious critique is called for. I'm on my way out the door to a meeting in another town so I will have to get back to you later on this. cheers, -- Chief Gadgeteer Elegant Innovations _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Security & Obscurity: First-time attacks and lawyer jokes, (continued)
- Re: Security & Obscurity: First-time attacks and lawyer jokes Mr. Rufus Faloofus (Sep 02)
- Re[2]: Response to comments on Security and Obscurity 3APA3A (Sep 01)
- Re: Re[2]: Response to comments on Security and Obscurity James Tucker (Sep 01)
- Re: Response to comments on Security and Obscurity Barry Fitzgerald (Sep 01)
- Re: Response to comments on Security and Obscurity James Tucker (Sep 02)
- Re[4]: Response to comments on Security and Obscurity 3APA3A (Sep 02)
- Re: Re[4]: Response to comments on Security and Obscurity James Tucker (Sep 02)
- Re[6]: Response to comments on Security and Obscurity 3APA3A (Sep 02)
- Re: Re[6]: Response to comments on Security and Obscurity James Tucker (Sep 02)
- Re[8]: Response to comments on Security and Obscurity 3APA3A (Sep 02)
- Re: Response to comments on Security and Obscurity gadgeteer (Sep 01)
- [OT] Re: Re: New paper on Security and Obscurity Barry Fitzgerald (Sep 02)
- Re: [OT] Re: Re: New paper on Security and Obscurity Stormwalker (Sep 02)
- Re: [OT] Re: Re: New paper on Security and Obscurity Barry Fitzgerald (Sep 03)