| Subject | RE: [IBDI] What will hapen with IB security on Open Source Model ? |
|---|---|
| Author | Adam Clarke |
| Post date | 2000-03-20T12:13:41Z |
I am not sure if you mean that by releasing the source that IB security will
be weakened? If you do then my reply is that a system which relies on
obfuscation (essentially hiding weaknesses) to achieve security is always
going to be insecure since someone will find the hole you were trying to
hide.
In an OSS system there are more eyes to find the potential holes and more
hands to fix them. Many cryptography experts believe this is the only way to
provide adequately secure algorithms.
So in essence. Hiding the key under the doormat may be convenient, it is far
from secure however.
Adam Clarke
Principal
Strategic Data Pty Ltd
Ph : +61 (3) 9348-2013
Fax: +61 (3) 9348-2015
Mob: 0419 304-590
Email: Adam.Clarke@StrategicData.com.au
Web: http://www.StrategicData.com.au/
Post: P.O. Box 4262
Melbourne University, VIC 3052
Australia
be weakened? If you do then my reply is that a system which relies on
obfuscation (essentially hiding weaknesses) to achieve security is always
going to be insecure since someone will find the hole you were trying to
hide.
In an OSS system there are more eyes to find the potential holes and more
hands to fix them. Many cryptography experts believe this is the only way to
provide adequately secure algorithms.
So in essence. Hiding the key under the doormat may be convenient, it is far
from secure however.
> -----Original Message-----Cheers
> From: Marcos.Nobre@stj.gov.br [mailto:Marcos.Nobre@stj.gov.br]
> Some people say that in general the security sub-system
>
> becomes weak when there is east initiative type.
>
> Comment !
Adam Clarke
Principal
Strategic Data Pty Ltd
Ph : +61 (3) 9348-2013
Fax: +61 (3) 9348-2015
Mob: 0419 304-590
Email: Adam.Clarke@StrategicData.com.au
Web: http://www.StrategicData.com.au/
Post: P.O. Box 4262
Melbourne University, VIC 3052
Australia