with a total knowledge of all weaknesses by the attacker you still should
have strong security. You have to assume that robber knows as much about the
system as the person who created it because they might be the same person.
As for your analogy, it is not that hard to find house plans, also real life
robbers find house plans and study them, if they feel the need to.
A true cracker is frequently attacking the system on the inside. They may
have some legitimate access, they may even work for your company.
In short, do you want your system security to be independent of any
information that can be found about it, or do you want it to depend on
something that when found out about will kill your system?
TK
> If I installed a security system in my house I wouldn't want to be the
one
> to test it. I know where the weak and strong points would exist. That
would
> nullify the test altogether. I would rather have somebody come in (like a
> robber would do) and try to get in. They may be able to research the
system
> I used but may not be aware of the details of the house layout and what
> other traps might exist.
> A true hacker is going to work like a robber and not an insider. They
have
> to piece the puzzle together and seldom have all the pieces (hence the
word
> hacking).
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
