[
Lists Home |
Date Index |
Thread Index
]
On Wednesday 20 February 2002 04:38 pm, Michael Brennan wrote:
> > Visibility/discovery. Knowing about something is a priviledge. Not
> > even providing a means for discovery is better protection
> > than fending off people trying to break down the door.
>
> Security through obscurity is the worst kind of security there is.
I'm not talking about security via obscurity.... but rather not having
*any* path to a resource unless explictly granted it. One is roughly
akin to ACL's, the other, capabilities.
> Given enough time, someone will always figure out what you are
> trying to hide. There are plenty of well-known case studies of
> security breaches proving that. Just look through the back issues of
> Bruce Schneier's newsletter [1] and you can find plenty of those;
> it's one of his favorite subjects.
Whatever. A resource that is hidden but accessible is different from
one that is both invisibile (literally not visible) and not
accessible...
|