nanog mailing list archives

Re: Fiber cut in SF area

From: Stephen Sprunk <stephen () sprunk org>
Date: Mon, 13 Apr 2009 09:18:04 -0500

Mike Lewinski wrote:

Joe Greco wrote:
Which brings me to a new point: if we accept that "security byobscurity is not security," then, what (practical thing) IS security?
Obscurity as a principle works just fine provided the given token isobscure enough. Ideally there are layers of "security by obscurity" socompromise of any one token isn't enough by itself: my strong sshpassword (1 layer of obscurity) is protected by the ssh server key(2nd layer) that is only accessible via vpn which has it's ownencryption key (3rd layer). The loss of my password alone doesn't getanyone anything. The compromise of either the VPN or server ssh key(without already having direct access to those systems) doesn't getthem my password either.
I think the problem is that the notion of "security by obscurity isn'tsecurity" was originally meant to convey to software vendors "don'trely on closed source to hide your bugs" and has since been mistakenlyapplied beyond that narrow context. In most of our applications, someform of obscurity is all we really have.

The accepted standard is that a system is secure iff you can disclose_all_ of the details of how the system works to an attacker _except_ theprivate key and they still cannot get in -- and that is true of mostopen-standard or open-source encryption/security products due toextensive peer review and iterative improvements. What "security byobscurity" refers to are systems so weak that their workings cannot beexposed because then the keys will not be needed, which is true of mostclosed-source systems. It does _not_ refer to keeping your private keyssecret.

Key management is considered to be an entirely different problem. Ifyou do not keep your private keys secure, no security system will beable to help you.


S

--
Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

RE: Fiber cut in SF area, (continued)
- - - RE: Fiber cut in SF area Murphy, Jay, DOH (Apr 14)
    - Re: Fiber cut in SF area Jorge Amodio (Apr 14)
    - RE: Fiber cut in SF area Murphy, Jay, DOH (Apr 14)
    - RE: Fiber cut in SF area Peter Beckman (Apr 13)
    - RE: Fiber cut in SF area chris.ranch (Apr 13)
    - RE: Fiber cut in SF area Peter Beckman (Apr 13)
    - RE: Fiber cut in SF area chris.ranch (Apr 13)
    - RE: Fiber cut in SF area Peter Beckman (Apr 13)
    - Re: Fiber cut in SF area Shane Ronan (Apr 13)
    - Message not available
    - Re: Fiber cut in SF area Shane Ronan (Apr 13)
    - Re: Fiber cut in SF area Stephen Sprunk (Apr 13)
    - Re: Fiber cut in SF area Steven M. Bellovin (Apr 13)
    - Cart and Horse Roy (Apr 13)
    - Re: Cart and Horse Lamar Owen (Apr 13)
    - RE: Cart and Horse Church, Charles (Apr 13)
    - Re: Cart and Horse James Pleger (Apr 13)
    - Re: Cart and Horse JC Dill (Apr 13)
    - Re: Cart and Horse Matthew Petach (Apr 13)
    - Re: Cart and Horse Robert Glover (Apr 13)
    - Re: Cart and Horse Joel Esler (Apr 13)
    - Re: Cart and Horse Shane Ronan (Apr 13)

(Thread continues...)