From owner-freebsd-hackers  Tue Apr 23  8:50:30 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from rover.village.org (rover.bsdimp.com [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP id B067D37B41B
	for <hackers@FreeBSD.ORG>; Tue, 23 Apr 2002 08:50:23 -0700 (PDT)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.3/8.11.3) with ESMTP id g3NFoMH77963;
	Tue, 23 Apr 2002 09:50:22 -0600 (MDT)
	(envelope-from imp@village.org)
Received: from localhost (warner@rover2.village.org [10.0.0.1])
	by harmony.village.org (8.11.6/8.11.6) with ESMTP id g3NFoLb26345;
	Tue, 23 Apr 2002 09:50:21 -0600 (MDT)
	(envelope-from imp@village.org)
Date: Tue, 23 Apr 2002 09:49:53 -0600 (MDT)
Message-Id: <20020423.094953.13280392.imp@village.org>
To: frank@exit.com
Cc: hackers@FreeBSD.ORG
Subject: Re: Security through obscurity?
From: "M. Warner Losh" <imp@village.org>
In-Reply-To: <200204231523.g3NFNQnq029649@realtime.exit.com>
References: <Pine.NEB.3.96L.1020423110123.64976j-100000@fledge.watson.org>
	<200204231523.g3NFNQnq029649@realtime.exit.com>
X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

: When you change defaults on a running system, you piss off a lot of users.
: Including me. :-)

When we fail to take reasonable steps to preclude intruders from
gaining access to your system, we'd likely piss you off more if you
knew about it :-(.

I'll also point out that years ago core created the security-officer
to make FreeBSD more secure.  One of the charges of the office was to
make it more secure out of the box.  Now that manmy generations of
security officers have made FreeBSD more secure out of the box, you
can't go shooting them for doing their job for years :-).

The decision to go for a more secure system by default was made years
ago.  I for one think the Security Officers have done a good job at
doing this, but even as far as they have come, I suspect that
additional things will be locked down over time.  That's the nature of
the threats to systems on the internet today.  What was acceptible
years ago now no longer is acceptible.  The attackers are getting more
and more sophisticated.  The countermeasures for these attacks are
necessarily becoming more intrusive as the same sorts of bugs raise
their ugly head again and again.

BTW, none of this has anything to do with STO.  STO is keeping the
insecure software in place and relying on attackers to be too stupid
to know what to do.  That strategy has proven to be bad.

The ssh default that started this thread, btw, is stupid, but since
I've stepped aside from the SO role, I'll let the current SO deal with
it.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message