|
|
|
|
|
|
by ButlerianJihad
62 days ago
|
|
|
> security by obscurity doesn't work. That is not true. https://en.wikipedia.org/wiki/Security_through_obscurity Security through obscurity doesn't work in isolation. It doesn't work as the only solution. It is discouraged, because it can be a panacea. But it also doesn't hurt in many instances. Holding back your source code can be a strategic advantage. It does mean that adversaries can't directly read it (nor can your friends or allies!) Having a proprietary protocol or file format, this is also "security through obscurity" and it may slow down or hinder an attacker. Obscurity may be part of a "defense in depth" strategy that includes robust and valid methods as well. But it is harmful to baldly claim that "it doesn't work". |
|
|