mailing list archives
Re: Security By Obscurity = Ignorance Is Strength
From: David Farber <dave () farber net>
Date: Wed, 3 Sep 2008 18:57:13 -0400
Begin forwarded message:
From: Peter John Hill <peterjhill () mac com>
Date: September 3, 2008 6:13:50 PM EDT
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] Re: Security By Obscurity = Ignorance Is Strength
From: Peter Swire <peter () peterswire net>
I tend to agree that the gag orders are wrong-headed. But it's
wrong to think that secrecy never helps.
Openness often improves security. Sometimes it doesn't. I've tried
to explain how this works in "A Model for When Disclosure Helps
Security: What is Different About Computer and Network Security?"
It's recently been included in at least one computer security
"This Article asks the question: When does disclosure actually help
security? The discussion begins with a paradox. Most experts in
computer and network security are familiar with the slogan that
there is no security through obscurity. The Open Source and
encryption view is that revealing the details of a system will
actually tend to improve security, notably due to peer review. In
sharp contrast, a famous World War II slogan says loose lips sink
ships. Most experts in the military and intelligence areas believe
that secrecy is a critical tool for maintaining security. Both
cannot be right - disclosure cannot both help and hurt security."
Then, the paper gives an analytic way to figure out when obscurity
either does or does not help.
As a Navy veteran and a Network Engineer I think that both statements
can be correct. Loose lips sink ships because knowing in advance when
a ship is moving into or out of port allows an enemy to get their
submarine or whatever in place. The intelligence community, despite
what some current officials think, relies on the secrecy of who is a
spy and who is not to conduct covert operations.
When it comes to things like encryption or computer/network security
protocols, an open protocol allows it to be analyzed for weaknesses by
the greatest number of people as possible. There is a risk that "bad
people" will find a vulnerability before a "good person" does. Thus is
born the zero-day attack. On the other hand, there are many many many
research groups who are working to find the bugs before the "bad
Without the source code, the good and bad guys both need to rely on
finding bugs by interacting with the software and seeing what breaks
it.. This is probably the only "research" method a "script kiddie" can
use to find bugs. With the source code, you have a somewhat smaller
set of bad people compared to the good people that can actually
analyze the source code for problems.
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com