|
|
|
|
|
|
by polmolea
3161 days ago
|
|
|
That's not what it means. No one disputes you should keep passwords, private keys, certificates, etc. safe. It's about obscuring the architecture of a system in order to protect it. And I agree this shouldn't be a tactic. It can be a byproduct of your disclosure strategy (i.e. AWS don't disclose how their products are built) but not a security mechanism (i.e. AWS don't meet all the certification standards BECAUSE they're not disclosing how their products are built). Just my 2 cents. |
|
|