Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.unofficial.patches : UVPov alpha 6 (based on POV 3.1g) : Re: UVPov alpha 6 (based on POV 3.1g) Server Time
3 Sep 2024 00:20:56 EDT (-0400)
  Re: UVPov alpha 6 (based on POV 3.1g)  
From: Jon A  Cruz
Date: 30 Oct 1999 01:51:24
Message: <381A879A.E07D0DD0@geocities.com>
 
Gilles Tran wrote:

> "Jon A. Cruz" wrote:
>
> > Security through obscurity is usually not a good tactic to adopt.
>
> OK, let's formulate it as follows : if you have a house and discover a special
> fun way to go in  without using the key, will you put a big sign on the door
> saying "Hey, it's terrible, my door has to be fixed, everybody can go in, and I'm
> going to tell you exactly how to do it because it's soooo cool !". If you really
> think it 's OK to do so, you'd better discuss it with your insurance company...
> You'll just tell your family and other people you trust and report the matter to
> a locksmith. When a security flaw is discovered, the logical tactic is to keep
> quiet and report them discreetly to the people who can fix it, and NOT to educate
> potential intruders. The only time when it may be mandatory to go public in such
> a detailed way is when the people in charge don't care about the problem or don't
> want to know about it, and as far as I know this has not been the case here.
> G.

Well... not quite on target.

Maybe a better analogy would be if you had a garage door opener and trusted its
'secret code' dip switch setting to keep your house safe. Then one day you hear that
if a person throws a simple decade count IC on their remote, they can cycle through
all possible combinations in just a matter of seconds. Then you might realize that
you maybe should take the time to lock the door from your garage to your house when
leaving. Or you could even check with the door opener manufacture to see what
they've done to address the problem.

If you never heard of how to 'get in', you'd never know to take the precaution. But
on the other hand, you can probably be sure that the local gangs would be quite well
aware of this fact once the first person figured it out.


Or for your example, instead of a sign on the door, it would be an article in your
local paper pointing out that if you had brand X windows with a latch by brand Y for
the bay windows, then that can be opened with a simple ball-point pen. You could
then be informed and go look at your windows and if you had the vulnerable
combinations you could either change the latch, or just plant a very spiky plant
under the window. Or get iron security bars welded on.


--
"My new computer's got the clocks, it rocks
But it was obsolete before I opened the box" - W.A.Y.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.