[akerl_]

The point being made is that unless "what you want to achieve" is "run a tool that isn't improving your security posture", port knocking isn't providing value to the security model.

Hence the cargo cult.

[dugite-code]

I can't agree that it's "a tool that isn't improving your security posture", if it's a layer on top of other tools, you might argue it's effectiveness isn't great but to say it's effectively nothing is a reach.

[akerl_]

It’s not nothing: it’s one more thing that can break or eat resources or have a vuln. And it’s not improving the thread model. It’s net negative.

[DaSHacka]

How is it not improving the threat model to not have a service directly connected to the internet, but instead put behind a layer of protection?