Tag: defense in depth rss

Posts

28 October 2012 /
In a previous post, I discussed “Security through Obscurity” and briefly touched on the concept of SNOW.Here we’ll look a little deeper at SNOW and showcase some of the work I have done with it.Some technical back-story on SNOW:I think the original author’s website says it best…Whitespace SteganographyThe encoding scheme used by snow relies on the fact that spaces and tabs (known as whitespace), when appearing at the end of lines, are invisible when displayed in pretty well all text viewing programs.
26 September 2012 /
It’s been well established that something which is hidden is rarely secure. This is the basis for the phrase in the title of this post. It has become a dirty word in the world of cryptography and software development where it is generally accepted that the only secure mechanisms are those which are fully known to all parties (both good and bad) and yet still maintain their integrity when attacked.Although as a software engineer I agree with and follow this logic, I have always felt that obscurity can also be a tool to be leveraged and “obscurity” can mean more than just hiding the source code from outside perview.