lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3E30342E.7090805@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: Lock business practices "security-by-obscurity"
 for 150 years

Richard M. Smith wrote:
> http://www.nytimes.com/2003/01/23/business/23LOCK.html?pagewanted=print&
> The technique is not news to locksmiths, said Lloyd Seliber, the head
> instructor of master-key classes for Schlage, a lock company that is
> part of Ingersoll-Rand. He said he even taught the technique, which he
> calls decoding, in his training program for locksmiths.
> 
> "This has been true for 150 years," Mr. Seliber said.
> 
> Variations on the decoding technique have also been mentioned in passing
> in locksmith trade journals, but usually as a way for locksmiths to
> replace a lost master key and not as a security risk.
> 

Richard, you seem to be smoking something bad today.
If you look at your trollish analogy, from the quote above you will see that 
such problems are disclosed "in locksmith trade journals" at least.
And who cares if micro$osft relies on obscurity?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ