James Knott
On 09/18/2015 12:29 PM, Xen wrote:
But still I would take security by obscurity over no security any time.
Security by obscurity is no security.
That IS nonsense. Maybe your definition of security precludes such measures (but when you've defined it as strictly as to exclude that). Security by obscurity is EXTREMELY valuable. If that still doesn't make it "security" to you, then I don't care about security, I care about being protected. There are simply two types of attacks: - the broad spectrum, automated, known-vulnerability mass-exploit attack - anything that requires dedication to a single host. Security by obscurity gets wiped by the second type of attack, but the first can't really touch it. That is because security by obscurity relies on individual alteration or uniqueness to make it impossible for an automated attacker to know where to strike. Not exposing yourself in the first place is a good form of security. It's the same as running SSH on a non-default port. Many automated attempts will already be thwarted because you don't run it on 22. If you have a dedicated attacker then security by obscurity won't do much good for you. But it does nothing bad for you either. WHY THE HATE?. If you want to get rid of spam, user registrations, etc. on any public website (forum, blog) all you need to do is to change some of the parameters deviating from the default offering of that package, and the spam will be GONE. As long as the attackers don't catch up, but why advertise it (you want to be obscure!). It may not be the solution for all time but it is a rather painless and quick fix that no real spam protection plugin or addon can do for you. A spammer simply needs to know in advance if not the API calls to make submissions, then at least the layout of the interface elements that lead to that submission. Or it gets very advanced and they need to start using neural networks. But in general your typical today spammer on e.g. WordPress gets thwarted by changing two lines of code. Okay, maybe 5. But that's about it. If have a friend.... in warfare it is a pretty common proposition that if you know the terrain, you have an advantage. This is security by obscurity. There are things you adversary does not know which puts him at a disadvantage when it comes to a battle. It would be folly to disregard such things. It would also be folly to count on them for all time (your adversary may explore the terrain). The guy changed the ignition to his vehicle and caused the standard ignition to lock the doors and inject a sleeping gas into the chambre. It also notified him by text message that someone had broken into his car. He did the same to his house. A burglar was trapped in a flooded chambre and the police were automatically notified. I once escaped the police this way (knowing the terrain better than them) :P. You may think of it what you will. Insurgents in my home town used it to escape German soldiers in my home town during WW2. It can mean the difference between life and death, this security by obscurity. If that means nothing to you, then I don't care much for security (for what is the point?). If your system is all nice and secure but it is of no use because, for instance, you have no plausible deniability or you get blackmailed or a system you depend on gets compromised (such as a family member :p) I'm just saying that all the little bits count and you need to make use of all of them to stay safe. You can't throw away half of what you can do because you're snobbish and it doesn't live up to your standards. In the real world, you have no time for such crap. You use what you can and what you need to stay at the advantage, and to stay at the edge. The people who didn't want to use any obscurity measures can now relate it from the grave. So good luck with that. Oh, and learn from the Cameleon. Learn from the Giraffe. And while you're at it, learn from the military as well. Camo, yes, is a form of security by obscurity. So I don't know what world you live it, but it is obviously not the real one. You would happily go to war in pink carriages with neon lights because "it is bad to depend on not being seen" or "real skill is irrespective of whether anyone knows you're there; you should be able to prevail in any case". Any advantage is an an advantage and you need all of it (at least if you don't want to die/lose). Whereas camo would be security by obscurity, the other form of security would be the equivalent of having superior arms or systems that can better deal with a threat, or having impenetrable walls. All not unimportant -- armor is not unimportant. But armor is pretty much useless if you make yourself out to be a shooting target and you need both. By obscurity and by defensive wall are compliments and should not be disregarded in favour of the other. That security bigots everywhere are repeating that mantra that "security by obscurity is no obscurity" just means that a lot of them are not dealing with real world situations. They want some level of security or some concept of security that has no meaning in the real world. Because in the real world security (or safety) is determined by more factors than just the ones they want to adhere to, the ones that they consider "worth their attention". And no real world person with experience would be able to deny the benefits of knowing more about your system or environment than does the assailant. An access token is in fact also a measure of obscurity. Any wall needs a door and the door needs a key. The key depends on information not being known to the attacker. Sometimes the key is not tied to any individual person/account, and sometimes it is. Sometimes account-bound gates protect access to object-bound keys. That then give access to the object that is protected. But they remain secrets and secrets are "obscure". It is information. And the information that the attacker does not know, protects you. Address-scanning some hidden host in a network is pretty much the same thing as brute-forcing a key. Once you have found the address (or the key) you can immediately unlock the thing or gain access to it. Many systems penalize repeated attempts at "guessing" the key. If brute-forcing something becomes very expensive, the obscurity value of it increases and hence the obscurity of it is being strengthened. All real world systems depend on that. When they can. Having a strong key is one thing, not giving anyone access to the ciphertext is another. Any information leak can be used to compromise. So the idea that security by obscurity is useless is complete and utterly estranged of the real world. All password or token systems depend on it. It is the vital component that makes it work. It is complimentary and compliments need each other. So, whatever. I guess it is just a case of someone thinking his knowledge is superior or something. But it's just a dogma and it is not even understood. No one in his right mind would disregards the benefits of knowledge-based advantages. If you count only on some algorithm being "perfect" and put all your hopes and all your trust in that, stake everything with that, then I can guarantee you at some point you will be proven wrong about that. And you will regret not having done something else, or something extra. And all because of some ego position that you wished to defend.... Well, whatever. What does it matter to me. What another does. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org