This brings the old arguments regarding "Security by Obscurity" The term "security by obscurity" is often met with derision from security people, particularly those who like to consider themselves experts. Nearly akin to a four-letter word in some circles, security by obscurity, as noted on Wikipedia ( en.wikipedia.org/wiki/Security_through_obscurity), represents one of the truly controversial aspects of security. You will often see mocking references to people whose efforts are dismissed as "just security by obscurity." Security by obscurity is, in a nutshell, a violation of Kerckhoffs' Principle, which holds that a system should be secure because of its design, not because the design is unknown to an adversary. The basic premise of Kerckhoffs' Principle is that secrets don't remain secret for very long.
Sincerely, -E http://vCardCloud.com EdPimentl: Skype On Sun, Aug 15, 2010 at 11:09 AM, Lauren Weinstein <[email protected]>wrote: > > Use of steganography to evade censorship > > http://bit.ly/aoXgbn (New Scientist) > > --Lauren-- > NNSquad Moderator >
