Re: OVCML Tek: A Good Solution to XML Tek Insecurity

From: Scott Brown <r_dot_scott_dot_brown_at_gmail_dot_com>
Date: Mon May 02 2005 - 10:53:16 CDT

JamBoi, I'm afraid you're digging a hole for yourself here. You may as well
stop now and bury your argument. What you suggested earlier was the very
definition of security through obscurity. You said:

"if a cracker wants to crack our system they'll at least have to work harder
to understand our system"

Ron's point (and I second this) is that this fact adds zero security to the
system. The notion that it does has a label: "security through obscurity".

-- Scott

On 5/2/05, JamBoi <jamboi@yahoo.com> wrote:
>
> No its not, since there's nothing obscured here. Obscured = hidden and
> there's nothing hidden here. As you remind us we are open source so
> its not obscurity. If we WERE trying to do that in addition to making
> it unique we'd obfuscate the code, proprietize and secretify the tek
> and make it closed source. Of course in many ways that WOULD be MORE
> SECURE, but it would run directly contrary to our free software
> principles, so we reject security through obscurity.
>
> JamBoi
>

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue May 31 23:17:01 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT