<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Basics: Re: Concepts: Security and Obscurity

Re: Concepts: Security and Obscurity

From: Pranay Kanwar <warl0ck_at_metaeye.org>
Date: Thu, 05 Apr 2007 01:25:29 +0530

Hi Daniel,

Nice write up,but you are missing the crux of the matter obscurity is
mostly about secrecy and according to kerchoff's princliple and Mr.
Bruce Schneier. secrecy or obscurity induces brittleness in the system.
I'll replay the kerchoff's principle here from the wikipedia

"Kerckhoffs' principle applies beyond codes and ciphers to security
systems in general: every secret creates a potential failure point.
Secrecy, in other words, is a prime cause of brittleness—and therefore
something likely to make a system prone to catastrophic collapse.
Conversely, openness provides ductility."

http://en.wikipedia.org/wiki/Kerchoffs_law

Regards

warl0ck // MSG
http://www.metaeye.org
Received on Apr 04 2007

This message: [ Message body ]
Next message: Craig Wright: "RE: Concepts: Security and Obscurity"
Previous message: Noaman Khan: "Re: Audit Windows files/folders"
In reply to: Daniel Miessler: "Concepts: Security and Obscurity"
Next in thread: Daniel Miessler: "Re: Concepts: Security and Obscurity"
Reply: Daniel Miessler: "Re: Concepts: Security and Obscurity"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]