On Thu, Jul 26, 2012 at 9:07 AM, Ken Schaefer <k...@adopenstatic.com> wrote: > Hmm - this isn't "security through obscurity" per se ... > This seems to be a code path that bypasses (or is designed to bypass) > the rest of the security options. The article does note that it doesn't > work on all locks - so maybe it's a bug.
You made a good point about it possibly being a bug or common misconfiguration. But assuming it's just a mechanism designed to bypass all the other security features -- e.g., for service by the manufacturer -- it very much is a case of security-through-obscurity. STO is information which, if disclosed, compromises the security design. A proper security design can have all the design details known to everyone and still remain secure. > [These locks are] not designed to keep an intelligence agency out of your > room. Sure, but it'd be nice if they were designed to keep someone with $50 worth of commodity hardware out of my room. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
