RSSATOM
show threads
| Security through Obscurity | 2. March 2004 |
| The first rule you need to deeply understand, before you start to rule anything yourself: Security Through Obscurity Doesn't Work. | |
Maybe we should have always put that the positive way around: Only security through obviousness works. Always. Nevertheless I'm surpirsed to read, that some people believe it would be worth to waste the money on the doomed attempt to raise a weak weapon. Now there's http://www.rulesforuse.org/ . But why? Since it's known beforehand, that broken software doesn't help to prevent counterfeiting, it's questionable whether the finacial costs and "margial damage" on software and civil freedom are worth the gain. Since the gain is zero the ratio is really bad. Let's see how hard it is to get this answer from google: http://www.google.de/search?hl=de&ie=UTF-8&oe=UTF-8&q=%22Security+through+obscurity+doesn%27t+work%22&spell=1 First hit: http://www.albion.com/security/intro-9.html | |
| EU-Commisionar of justice Franco Frattini doesn't get it. | 28. September 2007 | |||||||
After decades "obvious public knowledge" doesn't make it in their heads. | ||||||||
| RFID broken | 1. March 2007 | |||||||
Identification of RFID chips from HID is weak. Documentation of the vulnerabilities denied under patent infringement claims. | ||||||||
| How often did we tell 'em? | 13. February 2007 | |||||||
Security by obscurity just does not work. | ||||||||
| Debating full disclosure | 24. January 2007 | |||||||
Bruce Schneier debates why public scrunity is essential to public security. | ||||||||
| MPAA against anti-fraud law | 4. December 2006 | |||||||
Do they need to lie to people to do their business? | ||||||||
| US-Behörde will Wahlcomputer ohne externe Kontrollfunktionen verbannen | 4. December 2006 | |||||||
Das National Institute of Standards and Technology (NIST) empfiehlt der US-Regierung, künftig nur noch Wahlmaschinen zertifizieren zu lassen, die Kontrollfunktionen enthalten, die unabhängig von der G | ||||||||
| Hacker Tools | 19. October 2006 | |||||||
Gesetzentwurf gefährdet IT-Sicherheit in Deutschland. | ||||||||
| privacy debacle hall of fame | 22. August 2006 | |||||||
scored by wired | ||||||||
| Urheberrecht im Konflikt mit der digitalen Zukunft | 16. May 2006 | |||||||
1. Korb der Urbeherrechtsnovelle verbietet essentielle Werkzeuge zur Softwareentwicklung. | ||||||||
| Compaq sued for false advertisement. | 4. May 2006 | |||||||
Looks like there must have been a backdoor in the software. | ||||||||
| Phone home | 18. April 2006 | |||||||
Wer will denn sowas? Internetexplorer telefoniert nach Hause, beim Surfen! | ||||||||
| math declared criminal | 27. January 2006 | |||||||
...possession of software which can be used to... declared criminal | ||||||||
| Best defense: obscure you failure using the DMCA? | 16. June 2005 | |||||||
Again Bruce Schneider, who's pointing towards yet another failed copy protection scheme. Those call now for protection by the infamous DMCA. | ||||||||
| Eric Schmidt on security - reported by Bruce Schneider | 1. June 2005 | |||||||
Eric Schmidt is plainly wrong here at informationweek. | ||||||||
| See also: Schneider | 4. April 2005 | |||||||
| Unknown backdoors | 9. April 2004 | |||||||
| Cisco is supposed to be a trustworthy company. Probably yes, but that doesn't save them from makeing mistakes. | ||||||||