To whoever hacked into my Database

[Steven D'Aprano]

On Sat, 09 Nov 2013 09:05:51 +0200, Νίκος Αλεξόπουλος wrote:

> Its probably unwise to post the following snippet of code that validates
> user input so an attacker wouldn't pass arbitrary values to my script
> but what the heck.....

On the contrary, it is wise to publicise your security code. It is a very 
strong principle of security that you should not put your trust in 
obscurity. To give an analogy, your doors should be secure even if people 
know where the door is, what brand of lock you use, and even the type of 
key used.

Nikos, you have annoyed and alienated enough people here that the 
following may not apply to you, but in general I would expect that 
publishing your code in a friendly forum would lead to "many eyes make 
shallow bugs" -- people who spotted a bug in your security code, a 
weakness or a flaw, would speak up and tell you. Your security should 
depend on the strength of the security mechanism, and not rely on others 
being ignorant of what security you have in place.

On the other hand, it is possible to be *too* open. Secrets should not be 
publicised. Secrets include passwords. Occasionally they may include 
other things. For example, in port-knocking, the precise sequence of 
ports used is a secret.

There is, sometimes, value in obfuscating parts of your security. E.g. 
rather than allowing ssh on the usual port 22, some people prefer to use 
some other port number for that extra bit of security. But they don't 
rely on that -- if the attacker manages to discover that they use port 
45081 instead of 22, they still have to defeat the normal ssh security 
before gaining access.


-- 
Steven