Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.eng.convex.com!newshost.convex.com!bcm.tmc.edu!news.msfc.nasa.gov!newsfeed.internetmci.com!in2.uu.net!bloom-beacon.mit.edu!senator-bedfellow.mit.edu!glacier.MIT.EDU!ghudson From: ghudson@mit.edu (Greg Hudson) Newsgroups: comp.os.linux.misc,comp.os.linux.development.system,comp.os.linux.networking,comp.unix.bsd.bsdi.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.freebsd.misc Subject: Re: need secure OS to entrust millions to Followup-To: comp.os.linux.misc,comp.os.linux.development.system,comp.os.linux.networking,comp.unix.bsd.bsdi.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.freebsd.misc Date: 27 Feb 1996 16:46:35 GMT Organization: Massachvsetts Institvte of Technology Lines: 17 Message-ID: <4gvchb$ln5@senator-bedfellow.MIT.EDU> References: <4gi6t6$3h9@lace.colorado.edu> <nc0453Dn96w6.93F@netcom.com> <y5ad974s4v4.fsf@graphics.cs.nyu.edu> <4gqf17$1lr@cynic.portal.ca> <1996Feb25.152559.8977@jarvis.cs.toronto.edu> NNTP-Posting-Host: glacier.mit.edu X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.os.linux.misc:90835 comp.os.linux.development.system:19042 comp.os.linux.networking:31210 comp.unix.bsd.bsdi.misc:2603 comp.unix.bsd.netbsd.misc:2430 comp.unix.bsd.freebsd.misc:15213 Chris Colohan (colohan@eecg.toronto.edu) wrote: : 1. Security through obscurity. More people have access to the source : code for your OS, so there is a greater chance of someone finding a : security flaw and exploiting it before you can fix it. It's disappointing that some people still think that security through obscurity is a net gain. An open system is less likely to contain security holes because it is more likely to have been reviewed by third parties. You're advocating buying a system which is more likely to have security holes because you think it will be harder for an intruder to find them. That's a very dangerous practice. (There are other reasons you probably don't want to use Linux or *BSD for a high-security application, though.)