Posted by Jerry Stuckle on 10/22/07 01:58

Gary L. Burnore wrote:
> On Mon, 22 Oct 2007 01:49:44 +0100, The Natural Philosopher <a@b.c>
> wrote:
>
>> Jerry Stuckle wrote:
>>> The Natural Philosopher wrote:
>>>> Jerry Stuckle wrote:
>>>>> The Natural Philosopher wrote:
>>>>>> Jerry Stuckle wrote:
>>>>>>
>>>>>>> Security is not about prevention, just like there is no way to
>>>>>>> prevent someone from breaking into your home. There is no such
>>>>>>> thing. What it is is about identifying undesired ways of accessing
>>>>>>> your files and limiting the effect of exposure. It's just like
>>>>>>> locking your valuables in a bank vault to limit your exposure if
>>>>>>> someone breaks into your house.
>>>>>>>
>>>>>> It may go no further than simply living quietly, so that no one
>>>>>> knows or cares where you live, and never looking like you have
>>>>>> anything worth stealing.
>>>>>>
>>>>>>
>>>>> Nope. Security by obscurity is no security at all.
>>>>>
>>>> Oh, indeed it is.
>>>>
>>> Not at all. It is false security.
>>>
>> It works.
>> Call it what you like, it works.
>>
>> That's why passwords should not be on a dictionary search. Be obscure.
>
> That's prevention. Obscurity is hiding and hoping no one notices you
> don't have a password.

That's deterrence, not prevention.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]