Full Disclosure mailing list archives

"security by obscurity"

From: "Berend-Jan Wever" <SkyLined () edup tudelft nl>
Date: Sun, 8 Dec 2002 05:37:19 +0100

Hmmmm...
... isn't hiding your root password security through obscurity ?
... isn't hiding your private PGP key security through obscurity ?
... isn't 90% of security based on these kinds of obscurity ?

FYI: Obscurity, according to the dictionary:
1. Deficiency or absence of light; darkness. (...I'm assuming nobody is
talking about this one)
2a. The quality or condition of being unknown
2b. One that is unknown
3a. The quality or condition of being imperfectly known or difficult to
understand
3b. An instance of being imperfectly known or difficult to understand.

Just my €0.02...

SkyLined
http://spoor12.edup.tudelft.nl

"Don't you just love flares ?"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

UN support for "security by obscurity" Richard M. Smith (Dec 06)
- Re: UN support for "security by obscurity" Brian Hatch (Dec 06)
  - Re: UN support for "security by obscurity" Rick Updegrove (Dec 07)
    - *Including* Security through obscurity measures is good. Brian Hatch (Dec 08)
- Re: UN support for "security by obscurity" Georgi Guninski (Dec 07)
  - Re: UN support for "security by obscurity" Michal Zalewski (Dec 07)
- Re: UN support for "security by obscurity" Brian McWilliams (Dec 07)
  - "security by obscurity" Berend-Jan Wever (Dec 07)
    - Re: "security by obscurity" Niels Bakker (Dec 08)
    - Re: "security by obscurity" Georgi Guninski (Dec 09)
    - Re: "security by obscurity" Roland Postle (Dec 09)
- <Possible follow-ups>
- RE: UN support for "security by obscurity" Schmehl, Paul L (Dec 07)