

Is security through obscurity a security measure - jebblue


======
amalmurali47
It is not a security measure, per se. Security by obscurity is where you rely
upon some fact which you think is not known to an attacker. The problem with
this type of "security" is that, once the fact is disclosed, the security
scheme is rendered entirely useless.

~~~
jebblue
Relying on just SBO is useless, agreed. I think using it in addition so solid
security reduces the attack surface which aids reduced attempts and ups the
level of difficulty required to complete a successful attack.

[http://www.thefreedictionary.com/security+measures](http://www.thefreedictionary.com/security+measures)

"a precautionary measure warding off impending danger or damage or injury
etc."

------
mooism2
It is not security in its own right, but it can add to other security
measures. Think camouflage.

~~~
jebblue
Thanks, agreed, I just responded to another guy and used that term before I
saw your comment. :-)

------
tsukikage
No, it is a derogatory term.

~~~
jebblue
Which is better then, making your systems an obvious target or making them a
harder to identify target?

~~~
tsukikage
Which is better, leaving your front door open or leaving your back door open?

It is better to spend your time finding and fixing problems than to fool
yourself into thinking that trying to hide them will make some kind of
difference.

~~~
jebblue
My theory is lock the front and the back and camouflage the house.

