[Info-vax] What to do with my VAX.....
Phillip Helbig undress to reply
helbig at asclothestro.multivax.de
Mon Nov 16 03:38:40 EST 2020
In article <rot4rj$onr$1 at dont-email.me>, Dave Froble
<davef at tsoft-inc.com> writes:
> I'm not saying that an attacker doesn't know the algorithm, I'm saying
> the attacker does not know the secret key. But, however unlikely, an
> attacker could "guess" the secret key on his first try. It is the fact
> that an attacker doesn't know the secret key is the "obscurity" aspect
> of the security. Since an attacker could get incredibly lucky and guess
> the secret key on his first attempt, then it is only the difficult of
> that guess that is the security.
Right. I think that folks here understand. However, the term "security
by obscurity" has a very specific meaning, and it is confusing to use it
to mean something else.
By your definition, all forms of access restriction are "security by
obscurity", since those who have access have it because they have
something which those who don't don't, though they could, theoretically,
bluff their way through and get lucky.
More information about the Info-vax
mailing list