1994-09-15 - Re: [CyberCash Media hype]

Header Data

From: Chael Hall <nowhere@chaos.bsu.edu>
To: jamiel@sybase.com (Jamie Lawrence)
Message Hash: 8a07f4a27ec743b8885c53b8243efc64198185343310883f35d45bda7b45860d
Message ID: <199409152145.QAA07648@chaos.bsu.edu>
Reply To: <aa9d3c6d08021003fce5@[130.214.233.15]>
UTC Datetime: 1994-09-15 21:41:28 UTC
Raw Date: Thu, 15 Sep 94 14:41:28 PDT

Raw message

From: Chael Hall <nowhere@chaos.bsu.edu>
Date: Thu, 15 Sep 94 14:41:28 PDT
To: jamiel@sybase.com (Jamie Lawrence)
Subject: Re: [CyberCash Media hype]
In-Reply-To: <aa9d3c6d08021003fce5@[130.214.233.15]>
Message-ID: <199409152145.QAA07648@chaos.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


>
>These are my favorite paragraphs.
>
>1) Proprietary == secure
>
>2) Understanding how it works == insecure
>
>
>-j
>--
>"Blah Blah Blah"
>___________________________________________________________________
>Jamie Lawrence                                  <jamiel@sybase.com>
>

     I disagree.  Proprietary is MORE secure, but security through 
obscurity is no security at all.  The only thing that does is separate 
the proverbial men from the boys.  It keeps the idiots who think they 
can crack a system from touching it, but the people who know what they 
are doing will learn it rather quickly.

     Understanding how it works is also not necessarily insecure either.  
What about PGP?  Would you rather use some proprietary methond that may 
or may not have a backdoor or may not be as secure as it is touted to 
be?  I prefer to use something that has been proven and tested.

Chael

-- 
Chael Hall, nowhere@chaos.bsu.edu




Thread