[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS access control

From: Jesus Manuel NAVARRO LOPEZ
Subject: Re: CVS access control
Date: Wed, 03 Oct 2001 10:50:42 +0200

Hi, Tobias:

Tobias Brox wrote:
> [Jesus Manuel NAVARRO LOPEZ - Tue at 06:00:47PM +0200]
> >   Obscurity only works to have a life a bit more comfortable (giving
> > away most script kiddies, or crazy VietNam veterans)
> As I say, security by obscurity is a bit better than no security at all,

No. Absolutely it isn't.  It's preferably by far no security at all than
*only* security by obscurity.
What I was saying is that provided proper security is in place, *then*
adding obscurity can make your life more comfortable (but not more

> because it stops the less determinate enemies, and eventually diverts them
> to easier prey.

...which either:
A/ Poses a false sensation of security.
B/ Points to you real dangers (something valuable must be there, since
he's trying to hide it).

> Anyone administrating some box attached to the 'net should be a bit
> paranoid, and for the paranoid, security by obscurity is never good enough.

Should? The one that connects to the net even a bread toaster *must* be
paranoid.  Regarding *security*, obscurity is no good at all.

> Anyone really determinated to invade exactly _your_ box can evade any
> obscurity.

So can do *by chance* anyone else.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]