How delightfully deranged.
|
| Author | Content |
|---|---|
| cr Nov 25, 2011 8:59 AM EDT |
Security through obfuscurity again? System error messages tend to be cryptic enough even when they're in plain text. Here's help in ignoring even the ones we watch out for. Fortunately, as Ubuntu is proving as its sturdy undercarriage shows up in Mint condition, the Internet interprets brain-damage as brain-damage and routes around it, albeit with a lot of pointing and snickering. |
| jdixon Nov 25, 2011 10:39 AM EDT |
> Security through obfuscurity again? Pretty much, yeah. I really thought the Red Hat folks had more sense than to repeat old mistakes. Apparently not. It's not like the binary format won't be hacked within weeks and tools developed to rewrite it. And it's not like no one foresaw this problem. That's why you can redirect your logs to another system. |
| gus3 Nov 25, 2011 9:26 PM EDT |
It isn't a matter of obscurity, but rather verifiability / authenticity. |
| BernardSwiss Nov 25, 2011 9:44 PM EDT |
But aren't there better ways (some even already RFC'd) to "fix" these supposed problems? And does this proposal even actually enhance verifiability / authenticity -- even leaving aside the downsides? |
| gus3 Nov 25, 2011 11:48 PM EDT |
The same technique (progressive signatures) is what revealed the tampering in the kernel.org git repos. So I'd say yes. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!