Wednesday, September 18, 2019

Security through Obscurity

The idea of not informing a subject about an object being present and hoping that the subject will not discover the object. This is the overall idea of Security through Obscurity. There is no actual implementation of protection measure in Security through Obscurity. That is to say, the object is not protected instead hoped that something important is not discovered by hiding its information. Keeping knowledge of the information a secret (Obscured).

Example:
Developer is aware of a known issue/bug in their code but still releases the product hoping that no one will discover the issue and exploits it.

No comments:

Post a Comment