|
|
|
|
|
|
by GTP
1 hour ago
|
|
|
Security through obscurity can make something a bit more secure in practice by annoying an attacker IF AND ONLY IF you're not relying on the hidden information remaining secret in order to the system remaining secure. E.g., if you're using a broken cipher and assume this is ok because no one knows which cipher you're using, you're gonna have a bad time. In the case of FOSS software, it is generally recognized that the small advantage of keeping the source secret is far outweighted by the contributions and vuln reports you get if you publish the source. |
|
|