Tuesday, September 06, 2005

what is wrong with security by obscurity? Aren't all security methods are security by obscurity (e.g. increase the time to crack something) one way or the other?

1 Comments:

At Thursday, September 08, 2005 2:57:00 PM, Blogger Nonesuch said...

what is wrong with security by obscurity is that "obscurity" tends be be very low entropy, but when the obscurity is designed by one individual, he is unlikely to see the flaws in his own private plan.

Read Schneier on "Kerckhoffs' Principle".

 

Post a Comment

<< Home