| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: hellnbak at nmrc.org (hellNbak) Subject: Lock business practices "security-by-obscurity" for 150 years On Thu, 23 Jan 2003, Georgi Guninski wrote: > Richard, you seem to be smoking something bad today. > If you look at your trollish analogy, from the quote above you will see that > such problems are disclosed "in locksmith trade journals" at least. > And who cares if micro$osft relies on obscurity? > Georgi, you are letting your immature hatred for Microsoft cloud your vision, but what else is new. Yes, this issue has been known for 150 years by locksmiths and they didn't understand the security risks or they did and didn't care because they didn't think that anyone else would know about it. But, as with most things this wasn't the case. Others, outside of the locksmithing industry no doubt knew about this as well. With no one in the locksmithing industry running out and telling anyone this would have made a nice little secret to hang on to. So yes, this was security through obscurity. Without public disclosure there would be little motivation for lock companies to retool and create better locks. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbak@...c.org http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Powered by blists - more mailing lists