>>>>4. "Security through obscurity" works reasonably UNTIL someone does get their hands on the code (even just parts of it) and makes it 'available". Suddenly you've gone from pretty good security to NONE!
>>>
>>>So you're supporting my argument? When they have your source code, you have no security.
>>>
>>>
>>>I never claimed obscurity was a sufficient defense by itself. But it sounds like a good addition to.
>>
>>No, I don't think so. Maybe it was unclear but it's never a question of "if" someone will get their hands on the code, rather only "when".
>
>If the code is safe only 'Until someone does get their hands on' it, then open source code is inherently unsafe, because the code is available to anybody.
>
>
>>And did you stop there in reading my reply?... I thought I was quite convincing that open beats hidden any time.
>
>I read it, I just didn't have any comment on it. I lean more towards open source than closed, just playing devils advocate, as I said.
Good.
What I meant by "until someone gets their hands on it..." is that it offers a false sense of security because you can never know if/when someone got their hands on it and is keeping mum. When source is "open" you know it is open right from the git-go.
cheers
Précédent
Suivant
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement