Hacker News new | ask | show | jobs
by Bender 54 days ago
Security through obscurity is NOT bad.

Security ONLY through obscurity is bad (Kerckhoffs's Principle).

Security through obscurity, as an additional layer, is good!

I've been saying this ever since that phrase was coined. A layer or two of obscurity keeps a lot of noise out of logs, reduces alert fatigue and cuts down on storage costs especially if one is using Splunk as their SIEM and makes targeted attacks much easier to detect. I will keep it.
4 comments
mobeigi 54 days ago
Couldn't agree more, I have personally benefited from the additional layer and it irks me when people outright claim it has no value.
link
ithkuil 53 days ago
The informed claim is not that the obscurity layer has no value. Quite the contrary, it has such a great value that it basically reduces the incentives to have great proper security and thus once the obscurity layer is breached the second line of defense is weaker.

The argument is that it's much easier to secure proper key material rather than design and config information that can often be leaked accidentally because it's actually directly manipulated by humans (employee onboarding, employee churn etc)

link
kstrauser 53 days ago
That's an interesting way to describe it. It's kind of like the turn away from requiring regular password updates. On paper, password rotation is good. But when you consider its interaction with human psychology, the policy makes security worse by causing people to make bad decisions.
link
rcleveng 53 days ago
This sounds just like my thoughts on PostgreSQL's row level security. As a additional layer it's good, as the only thing, watch out!
link
bee_rider 53 days ago
It would be nice if there was no overlap between terms for the operational things that help improve security (log reduction and other non-cryptographic methods of reducing admin fatigue), and the mathematical cryptographic characteristics of the system.

If the focus is on the latter, obscurity buys you nothing and adds complexity/distraction, which is bad. The former can be important though.

link
tokai 53 days ago
>I've been saying this ever since that phrase was coined

You have been alive since the 1880s?

link
Bender 53 days ago
1492 was the first time I experienced the quickening.
link
Barbing 53 days ago
Smart talking your elders!
link