Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> This is one of those false voyeur OS internet tennets designed to get people to publish their stuff.

No it isn’t, it’s a push to get people to login protect whatever they want to keep to themselves.

It’s silly to say informing people that security through obscurity is a weak concept is trying to convince them to publish their stuff.



If security through obscurity didn't provide any benefit then governments wouldn't have built entire frameworks for protecting classified information.


So the only thing protecting classified docs is the public not knowing where they are? That's what security through obscurity is.


No, it's not the only thing, but it is one layer of defense in depth.

No one is saying that obfuscation should be the only layer. Your defense should never hinge on any single protection layer.


So we're all agreeing here. It's ok to hide stuff from sight, but hiding stuff from sight isn't actually security and can't replace at the very least, having password protection.


But it is security. It's one layer of it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: