[REBOL] Re: Morpheus - the bitter thruth?
From: chris:starforge at: 6-Mar-2002 18:29
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
#
> The easiest way to have *secure* P2P is to develop some [obscure]
> proprietary, non-published set of matching tools. End of story.
Please, not that old oneagain. Security through obscurity never has and
never will work. The world is full of people far more intelligent than people
who write "secure" protocols - give them a disassembler, packet sniffer and a
few weeks and the secure protocol will be plastered over pirate and
cracker BSS, IRC and newsgroups. In Europe people would even be legally
*allowed* to do this so that they could write tools to interoperate with your
network. Then you're stuck in the cycle of trying to second-guess people,
update everything and hope it doesn't break and spending far more man hours
trying to stay half a step ahead of everyone else than actually putting
effort into making the system good.
Pointless, counter productive and self-defeating as closed protocols are an
open invitation to crackers: which carries more cracker karma, cracking a
closed protocol or exploting an old, documented, probably well patched
exploit in an open protocol?
Chris
- --
.------{ http://www.starforge.co.uk }-----. .---------------------------.
=[ Explorer2260, Designer and Coder \=\ P: TexMaker, Draktar \
=[_[ You will obey the corporate masters. ]_]==[ Stack: EEOeOeOeTmTmDD---- ]
- --
HOW TO ANNOY OTHER PEOPLE
19. Specify that your drive-through order is "to go."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8hl/vtwxr0HXns0wRAob+AJ0f4X8ptm15gqQGRML4P0vKR3hnNwCgp+Fy
O4xVtmyoeKZJFbdPd35NOzA=BfAn
-----END PGP SIGNATURE-----