Menu
▾
▴
Re: [Visualpython-users] High School Network Security [OT]
|
From: Gary <pa...@in...> - 2005-05-15 22:44:40
|
Anton Sherwood wrote: > Bruce Sherwood wrote: > >> The comment that they might confuse "open source" with "freeware" >> seems a highly likely explanation. In principle, open source software >> could be MORE secure than commercial software, because it is >> inspectable. > > > More precisely or at least more explicitly, with a well publicized > open-source tool you can have more confidence that the algorithm is > sound and that there are no backdoors. > > Bruce Schneier's security newsletter frequently pillories products > that use secret encryption techniques, on the grounds that to do > cryptography well is a lot harder than amateurs think, and you can't > know a defense's strength until the professionals have attacked it. > (see also http://en.wikipedia.org/wiki/Kerckhoffs%27_law) When one of > the standard techniques is cracked, it's big news; when someone's > secret proprietary technique is cracked, you won't know it until a > company that relied on it goes under. ;) The principle applies more > generally than to encryption, of course. > In Steven Strogatz' book "Sync" he relates a story about how he (or was it a colleague) discovered a way to use chaos to encrypt data during transmission. He couldn't imagine breaking the code. He got very excited and began to dream about fame and fortune. Encryption experts were not as excited. Of course, the experts cracked it fairly easily. |
