Hacker News new | ask | show | jobs
by lgsilver 1662 days ago
Funny that right after he explained how he keeps his family safe by keeping his face and name off the internet, he spent the rest of the video focusing on the ineffectiveness and "downright stupidity" of security by obscurity.
1 comments
GuB-42 1662 days ago
I think there is a misunderstanding about security by obscurity. What is bad is hiding defects instead of addressing the problem. It does not mean you should reveal everything! I find it well explained in the video.

For example, if you don't tell people what kind of lock you are using to secure your stuff, this is a form of security by obscurity, but it is not a bad thing. Even if your lock is one of the best, if an attacker knows what it is, he will be better prepared. I think no one who cares about security will tell you things that you don't need to know, it is called OPSEC, I believe.

What is bad is when you realize that your lock is weak, instead of trying to fix it, you try to hide the weakness. And that's the idea that LPL criticizes in his talk.

Hiding his identity is most likely not his only defense against the craziness of the internet. From his videos, we know that he has guns, and who knows what he secures his house with. He is most likely prepared to deal with the consequences of an identity leak, but that doesn't mean he wants it to happen. That's defense in depth, an other important part of security.

link
elcomet 1662 days ago
> From his videos, we know that he has guns

This is interesting because we know that's not a good security. In fact, it has been shown that having a gun in the house is associated with more firearm-related deaths and not less. So I suggest anyone that is thinking of buying guns to read this.

https://pubmed.ncbi.nlm.nih.gov/15522849/

link
HWR_14 1662 days ago
That study doesn't mean that guns are bad security. They obviously lead to more gun related suicides, and can turn domestic fights more violent. However, if you are at high risk of being attacked (if you are a criminal defense attorney or a minor YouTube celebrity), the risk of being assaulted is different from the general population's.
link
elcomet 1661 days ago
Yes you're right about the different risk profile. I just hope most people that do not have such a risk profile are aware of this.
link
lgsilver 1662 days ago
Yep. That's totally fair and you're right. Would be interesting for him to compare / analogize that with the lock companies' approach.
link