Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Concepts: Security and Obscurity

From: <security () calculateddecision com>
Date: Wed, 4 Apr 2007 20:55:06 -0500
This is an interesting piece for sure.

It however doesn't address one of my primary concerns regarding obscurement
as a means of providing even "additional" security.  My concern is that
these exotic measures might provide some false sense of security outside of
the immediate business unit.  What these measures actually provide could
easily be distorted or misrepresented.

Does obscurity really have a place in an enterprise IT shop?  I think
probably not.

Does it have a place for a one man army with a pc server at home?  Maybe.

Great write-up Daniel, thanks for sharing.

# Anthony Towry



-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]On Behalf Of Daniel Miessler
Sent: Tuesday, April 03, 2007 11:35 PM
To: security-basics () securityfocus com
Subject: Concepts: Security and Obscurity


Greetings,

I recently put up on the concept of security and obscurity and was
wondering what this group thought of the arguments presented.

http://dmiessler.com/study/security_and_obscurity/

Regards,

--
Daniel Miessler
E: daniel () dmiessler com
W: http://dmiessler.com
G: 0xDA6D50EAC
Previous By Date Next
Previous By Thread Next

Current thread: