Adam DePrince wrote:
No amount of obfuscation is going to help you.

Theorically, that's true. Anything obfuscated can be broken, just like the non obfuscated version. However it takes more skills and time to break it. And that's the point. By raising the barrier for breaking a product, you just eliminate a lot of potential crackers.


The worst case if you depend on obscurity:  The bad guys are rounding
off your pennies as you read this.

That's the worst case, we all know that. A good case is to rely on open spec and standard. However, obscurity can help if added on top of that.


I remember an article of Fyodor explaining that if you run your internal apache server on port 1234 (for an enterprise) with all the normal security turned on, you avoid 80% of the common cracker. You should not rely on the port number for security but changing it improves it.

        Philippe
--
http://mail.python.org/mailman/listinfo/python-list

Reply via email to