Re: sync root passwords?

To: debian <debian-user@lists.debian.org>
Subject: Re: sync root passwords?
From: Cameron Hutchison <camh+dl@xdna.net>
Date: Thu, 5 Dec 2002 12:10:14 +1100
Message-id: <[🔎] 20021205011014.GB18377@orthanc>
Mail-followup-to: debian <debian-user@lists.debian.org>
In-reply-to: <[🔎] Pine.LNX.4.21.0212041951420.2566-100000@perrin.socsci.unc.edu>
References: <[🔎] 20021204175911.A4079@sccs.swarthmore.edu> <[🔎] Pine.LNX.4.21.0212041951420.2566-100000@perrin.socsci.unc.edu>

Once upon a time Andrew Perrin said...
> No, it's not more insecure; you're assuming the hypothetical hacker knows
> that there is an algorithm, and which character(s) are filled in by it.  

...and you're assuming that security through obscurity is just as secure
as a secure encryption algorithm.

In practice, it will make little difference. But it is less secure. You
are relying in keeping your algorithm secret. If it is found out, you've
reduced the keyspace to be searched to break the keys.

Reply to:

Follow-Ups:
- Re: sync root passwords?
  - From: Andrew Perrin <clists@perrin.socsci.unc.edu>

References:
- Re: sync root passwords?
  - From: sean finney <seanius@seanius.net>
- Re: sync root passwords?
  - From: Andrew Perrin <clists@perrin.socsci.unc.edu>

Prev by Date: rebuilding available
Next by Date: Kernel panic: VFS: Unable to mount root fs
Previous by thread: Re: sync root passwords?
Next by thread: Re: sync root passwords?
Index(es):
- Date
- Thread