Security Basics mailing list archives
Re: Concepts: Security and Obscurity
From: Pranay Kanwar <warl0ck () metaeye org>
Date: Thu, 05 Apr 2007 01:25:29 +0530
Hi Daniel, Nice write up,but you are missing the crux of the matter obscurity is mostly about secrecy and according to kerchoff's princliple and Mr. Bruce Schneier. secrecy or obscurity induces brittleness in the system. I'll replay the kerchoff's principle here from the wikipedia "Kerckhoffs' principle applies beyond codes and ciphers to security systems in general: every secret creates a potential failure point. Secrecy, in other words, is a prime cause of brittleness—and therefore something likely to make a system prone to catastrophic collapse. Conversely, openness provides ductility." http://en.wikipedia.org/wiki/Kerchoffs_law Regards warl0ck // MSG http://www.metaeye.org
Current thread:
- Concepts: Security and Obscurity Daniel Miessler (Apr 04)
- Re: Concepts: Security and Obscurity Pranay Kanwar (Apr 04)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 09)
- Re: Concepts: Security and Obscurity ericfurman (Apr 10)
- RE: Concepts: Security and Obscurity David Gillett (Apr 11)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 09)
- RE: Concepts: Security and Obscurity security (Apr 05)
- <Possible follow-ups>
- Re: Concepts: Security and Obscurity work (Apr 04)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 05)
- RE: Concepts: Security and Obscurity Mark Sutton (Apr 09)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 05)
- RE: Concepts: Security and Obscurity Craig Wright (Apr 05)
- RE: Concepts: Security and Obscurity Mandelcorn, Seymour (Apr 09)
- RE: Concepts: Security and Obscurity Daniel Miessler (Apr 05)
(Thread continues...)
- Re: Concepts: Security and Obscurity Pranay Kanwar (Apr 04)