Consumer Rights Wiki

Security through obscurity: Difference between revisions

← Older edit
VisualWikitext
Drakeula (talk | contribs)
confirmed
480 edits
sometimes just means not documenting/reviewing the security features
Drakeula (talk | contribs)
confirmed
480 edits
main security. Retitle section
 
Line 1: Line 1:
{{Main|Security}}
'''Security through obscurity''' is a practice where companies obfuscate or hide the logic behind their product to supposedly enhance their security.  It also includes practices like not revealing details of a system, in the hopes that this will make it more secure.  Robust review by a number of experts typically enhances security, since more flaws are found and either fixed, or more secure alternative products are sought.  Security is often an afterthought, or not a priority, in products.  Trying to keep people from knowing the details of security sometimes obscures known deficiencies.
'''Security through obscurity''' is a practice where companies obfuscate or hide the logic behind their product to supposedly enhance their security.  It also includes practices like not revealing details of a system, in the hopes that this will make it more secure.  Robust review by a number of experts typically enhances security, since more flaws are found and either fixed, or more secure alternative products are sought.  Security is often an afterthought, or not a priority, in products.  Trying to keep people from knowing the details of security sometimes obscures known deficiencies.


==Obscurity cannot improve security==
==Obscurity techniques==
Obscurity in practice involves intentionally altering the appearance of something to make it difficult to understand, while keeping its end function unchanged. In software development, obscurity is often used because it can be implemented automatically, however it is also possible to apply obscurity in hardware. Companies use various methods to achieve this, such as:
Obscurity in practice involves intentionally altering the appearance of something to make it difficult to understand, while keeping its end function unchanged. In software development, obscurity is often used because it can be implemented automatically, however it is also possible to apply obscurity in hardware. Companies use various methods to achieve this, such as:


Retrieved from "https://consumerrights.wiki/w/Security_through_obscurity"