[ipv6hackers] Pros and Cons of Address Randomization

Owen DeLong owend at he.net
Sun Dec 2 22:49:17 CET 2012


> The mantra "there's no security in obscurity" is actually derived from Kerckhoff's principle, which was specifically talking about crypto systems, not information or network security in general. If obscurity wasn't a useful security mechanism, natural selection would have killed it off 10 000s of years ago in nature. Since it has been robust enough in nature to survive, it's quite reasonable to use in computer networking.
> 

I can't agree with that premise. Nature does not kill off that which is to useful. Nature kills off that which is harmful or disadvantageous. For example, the human appendix is not useful, yet we still haven't evolved to not have appendixes. Nature is replete with examples of things which are not useful but persist for whatever reason or even no reason.

Owen




More information about the Ipv6hackers mailing list