Quote:
Originally posted by Silvy
Hmm, sounds like "security through obscurity"
|
Well, actually, it's not, really. Security through obscurity refers to closed-source methods, not by using tried-and-tested techniques to secure something.
Quote:
which by itself is a Bad Thing (tm).
|
Arguably not. The NSA Tier 1 algorithms are apparently pretty good. All that we know about them is an estimate of key and block size, as well as a name.
So, it's a question of resources, if you have a larger budger than the CIA and more computing power than 20 earth simulators, then you're likely safe to stick to closed source
Quote:
What security concerns do you have?
|
Well, he doesn't want people poking around his directories, which is fair, particularly if he has stored passwords for php or something.
anyway, my solution would be to remember to use dud index.html in all sub directories as well, because image urls and things reveal part of the directory structure.
It all depends what level you're aiming for. If you really want to go for it, you could use a keyed method for generating urls (the key in php, with the links opened in js).