On Mon, Jan 18, 2010 at 11:58 PM, Blue Boar <[email protected]> wrote: > Dan Kaminsky wrote: >> I am saying operating systems are not like passwords. I don't think >> this exactly controversial. > > Who was talking about operating systems? That smells like at attempt to > redefine the argument. We were talking about secret URLs, keys passwords > and the like. I think that makes a much better playing fields for the > moment.
Larry was _specifically_ stating "maybe security through obscurity works after all". That is _specifically_ an argument regarding operating systems and other designed systems. I was saying that, no, the fact that secrecy works pretty well with passcodes (including the passcode in Facebook's URL) doesn't mean at all that obscurity works well in the rest of secure design. Since it seems you dropped this context, we can end the argument here. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
