Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Gonna get myself in trouble, but boy I don't really want to debate or collaborate with folks that want to argue this point. Or use things they're working on. Defense in depth, obscurity is not. It's not even interesting to consider beyond dismissing.


Why would camouflage be used by military, or even animals in nature if obscurity is not a useful tool?


If animals in nature had a defense against predators as effective as “PasswordAuthentication no”, they wouldn’t need camouflage.


I really wish people would stop conflating reducing the attack surface with safe software default configurations. They are not the same. There is value in hiding your listening sockets/ports from the world. Anyone who does not believe so frankly has never been responsible for security beyond their laptop and maybe some random VM in AWS they SSH into.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: