Security through obscurity: Difference between revisions
m Mingyee moved page Security Through Obscurity to Security through obscurity without leaving a redirect |
m clean-up |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
'''Security through obscurity''' is a practice where companies obfuscate or hide the logic behind their product to supposedly enhance their security. | |||
Security through | |||
== Obscurity | ==Obscurity cannot improve security== | ||
Obscurity in practice involves intentionally altering the appearance of something to make it difficult to understand, while keeping its end function unchanged. In software development, obscurity is often used because it can be implemented automatically, however it is also possible to apply obscurity in hardware. Companies use various methods to achieve this, such as: | Obscurity in practice involves intentionally altering the appearance of something to make it difficult to understand, while keeping its end function unchanged. In software development, obscurity is often used because it can be implemented automatically, however it is also possible to apply obscurity in hardware. Companies use various methods to achieve this, such as: | ||
* '''Software refactoring:''' Companies may refactor computer code in production by renaming values from human intelligible to machine intelligible. As an example the function "sendKey()" may be renamed to "f_019278()" throughout the entire codebase. This does not truly promote security because any person can reverse-engineer what the code does and come up with their own naming schemes for the renamed values. A prime example of this is the video game Minecraft, whose source code is refactored in production. Minecraft's code refactoring has been bypassed years ago and projects such as the [https://docs.spongepowered.org/5.1.0/en/plugin/internals/mcp.html Minecraft Coder Pack] provide environments where intelligible code is viewable. | |||
* '''Software obfuscation:''' Companies may obfuscate computer code by changing the instructions. This may include adding instructions that do meaningless actions or replacing actual instructions with more complicated ones. The end result of this obfuscation is always that the end functionality of the program is unchanged even though the steps are different and possibly unintelligible. This can also involve adding decoy code that has no purpose at all and merely exists to slow reverse-engineering. | |||
* '''Software encryption:''' Companies may provide software in an encrypted format that must be decrypted before running. A problem to this form of obscurity is that the consumer will need a key to decrypt the program and run it, so a reverse-engineer could obtain this key and read the program. | |||
* '''Physical refactoring:''' Companies may remove identifying information from physical components or change component appearance. Notably in the [[Tom Evans Audio copyright strike]], identifying numbers were scraped from nearly all components to make repair more difficult. [https://www.youtube.com/@MendItMark Mend it Mark] was able to reverse engineer the entire product regardless. | |||
* '''Confidential schematics:''' Companies, like [[Apple]], may keep schematics confidential, however this will not deter someone with enough time and resources from reverse-engineering a product and creating schematics of their own. | |||
* '''Physical obfuscation:''' Companies can design physical products so that they have the same functionality but are unintelligible. As an example, consider a set of scissors that can only be moved by a giant {{Wplink|Rube Goldberg machine}}. The scissors still cut paper but the steps taken to cut the paper is ridiculously over-complicated. | |||
Ultimately, vulnerabilities will exist in functionality regardless of how a product's appearance is changed. Obscuring product information merely increases the amount of time it will take to reverse-engineer a product and does not actually provide any benefit to security. | Ultimately, vulnerabilities will exist in functionality regardless of how a product's appearance is changed. Obscuring product information merely increases the amount of time it will take to reverse-engineer a product and does not actually provide any benefit to security. | ||
== | ==Consumer impact== | ||
Sometimes, companies choose to withhold details about their products in the name of "security," and in the process, consumer rights are often taken away. These decisions make diagnosing problems and repair more difficult, making consumers lose the ability to confirm that their product functions exactly as expected rather than unexpectedly and in potentially malicious ways. These decisions can take away consumer control over the product they bought after security through obscurity is implemented. Moreover, since this practice only obfuscates or attempts to conceal instead of actually implementing proper security, the workings of the device are often reverse-engineered in a short amount time | Sometimes, companies choose to withhold details about their products in the name of "security," and in the process, consumer rights are often taken away. These decisions make diagnosing problems and repair more difficult, making consumers lose the ability to confirm that their product functions exactly as expected rather than unexpectedly and in potentially malicious ways. These decisions can take away consumer control over the product they bought after security through obscurity is implemented. Moreover, since this practice only obfuscates or attempts to conceal instead of actually implementing proper security, the workings of the device are often reverse-engineered in a short amount of time (see [[Reverse engineering Bambu Connect]]). Due to the IP protections afforded by laws such as the [[DMCA]], which make sharing of reverse engineered solutions unlawful, the only real benefit to the company is removal of consumer rights.<ref>{{Cite web |author1=Michał Kowalczyk |author2=q3k |author3=Jakub Stepniewicz |title=We've not been trained for this: life after the Newag DRM disclosure |url=https://media.ccc.de/v/38c3-we-ve-not-been-trained-for-this-life-after-the-newag-drm-disclosure |website=Media.cc.de |date=27 Dec 2024 |access-date=14 Jul 2025 |url-status=live |archive-url=https://web.archive.org/web/20241229050551/https://media.ccc.de/v/38c3-we-ve-not-been-trained-for-this-life-after-the-newag-drm-disclosure |archive-date=29 Dec 2024}}</ref> | ||
== List of | ==List of security through obscurity instances== | ||
*[[Bambu Lab Authorization Control System]] (encryption and patching through [https://github.com/sleeyax/asarmor asarmor]) | |||
*[[Tom Evans Audio copyright strike]] (physical refactoring, confidential schematics) | |||
==References== | |||
{{Reflist}} | |||
[[Category:Common terms]] | |||