| gen. |
в безымянности-в безопасности (security, computing) Relying on a potential attacker's lack of knowledge as a means of security. 1990, W Cattey, The Evolution of turnin A Classroom Oriented File Exchange Service, USENIX Summer Conference: This security through obscurity proved adequate for our prototype, but it was unacceptable for a turnin service in wide use. 2006, Harold F. Tipton, Micki Krause, Information Security Management Handbook: According to security-through-obscurity advocates, if we carefully hide our gaping vulnerabilities from our enemies, the bad guys will give up in frustration when they cannot easily find holes. 2008, Shon Harris, CISSP All-in-One Exam Guide: Things such as security through obscurity become common practices that usually have damaging results. WT Alexander Demidov); не знаемый-не угрожаемый (In security engineering, security through obscurity (or security by obscurity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack. Security experts have rejected this view as far back as 1851, and advise that obscurity should never be the only security mechanism. WK Alexander Demidov); неведение значит ненападение (Or "security by obscurity". A term applied by hackers to most operating system vendors' favourite way of coping with security holes – namely, ignoring them, documenting neither any known holes nor the underlying security algorithms, trusting that nobody will find out about them and that people who do find out about them won't exploit them. This never works for long and occasionally sets the world up for debacles like the RTM worm of 1988 (see Great Worm), but once the brief moments of panic created by such events subside most vendors are all too willing to turn over and go back to sleep. After all, actually fixing the bugs would siphon off the resources needed to implement the next user-interface frill on marketing's wish list – and besides, if they started fixing security bugs customers might begin to *expect* it and imagine that their warranties of merchantability gave them some sort of rights.  thefreedictionary.com Alexander Demidov) |
