Hi Arno,I agree that security by obscurity is not really security at all, but it does prevent the more inept in the hacker environment from doing malicious damage. Those with the MOM to write sophisticated code to circumvent tools like little snitch are few and far between. But those who take the published exploits and throw them into a batch of zombie PCs and distribute them to unsuspecting users are many.
I also am off the opinion that there is no "iron clad" security app. If the system or even low-level kernel operations can shut down a program as they must then this process can be mimicked in code.
I agree I look forward to obdev's response, and I do not question you or smurfs intentions but as stated I wish that you would have given obdev a chance to respond privately in the first instance. If you were not happy then you cold have gone public.
Anyway, we shall see what eventuates. cheers Tim On 07/10/2005, at 10:48 AM, Arno Hautala wrote:
On 06 Oct 2005, at 20:14, Tim Cavanagh wrote:If you do all of those things then you will have pretty good protection. I am concerned that smurf seems to trolling for ways to circumvent LittleSnitch as much as trying to harden the app. Why did you not send your concerns directly to the developer instead of publishing it one the net? I am sure that if you did not get a satisfactory response from obdev you could have aired your concerns publicly.Without putting words in his mouth, I have this to say. When we discovered the mentioned issues, we felt it was important that everyone know about the vulnerabilities. I certainly understand the view that the developers might deserve the first crack at an issue. However, the internet post that led to the discovery that the daemon could easily be brought down occurred on a public forum where any might see it. Opener and previous LS mailing list posts prove that this is not the first time the idea has been brought up.Additionally, as I've thought has been apparent from some recent posts the mailing list audience is very interested in these issues. Several posts have indicated that an iron clad LS is of key importance. If iron clad status is a false image, I think everyone deserves to know.I eagerly look forward to the ObDev developer responses, but I don't know that the proper vein for discussion is a private forum. This very issue is often heatedly debated and far from settled. My view is that security by obscurity isn't security at all and that private discussion with developers is obscurity. It's clear that this view is not the runaway majority, but I think it's far from a minority.-- -- arno s. hautala /-\ [EMAIL PROTECTED] -- -- _______________________________________________ Littlesnitch-talk mailing list Littlesnitch-talk@obdev.at http://at.obdev.at/mailman/listinfo/littlesnitch-talk
-- Regards Tim Cavanagh Analyst/Programmer Web Applications Level 4 100 Waymouth St Adelaide 8226 1661 DFEEST - VLE - ICT Applications
smime.p7s
Description: S/MIME cryptographic signature
