Security through obscurity

The magic smoke.

Moderators: phlip, Moderators General, Prelates

0x0ece
Posts: 1
Joined: Sat Sep 29, 2018 6:02 pm UTC

Security through obscurity

Postby 0x0ece » Sat Sep 29, 2018 6:05 pm UTC

Question to instigate a new security comic: how comes that everybody in software rejects security through obscurity, but not in hardware?

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6231
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: Security through obscurity

Postby Thesh » Sun Sep 30, 2018 2:00 am UTC

What makes you say that they don't? The math behind cryptography doesn't care if it's hardware or software.
Summum ius, summa iniuria.

User avatar
hotaru
Posts: 1041
Joined: Fri Apr 13, 2007 6:54 pm UTC

Re: Security through obscurity

Postby hotaru » Sun Sep 30, 2018 6:14 pm UTC

Thesh wrote:What makes you say that they don't? The math behind cryptography doesn't care if it's hardware or software.

a lot of hardware relies on obscurity instead of cryptography (unsigned firmware updates, relying on not labeling pins to keep people out of powerful debugging interfaces, etc.). the math behind cryptography doesn't do anything for you if you don't use it.

Code: Select all

factorial product enumFromTo 1
isPrime n 
factorial (1) `mod== 1

User avatar
Thesh
Made to Fuck Dinosaurs
Posts: 6231
Joined: Tue Jan 12, 2010 1:55 am UTC
Location: Colorado

Re: Security through obscurity

Postby Thesh » Sun Sep 30, 2018 7:06 pm UTC

The same is true of software. Developers in general do not really study security, and it's common for them to rely on their software being closed source for security.
Summum ius, summa iniuria.


Return to “Hardware”

Who is online

Users browsing this forum: No registered users and 5 guests