<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d12969692\x26blogName\x3dLearning+Strategies\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://larrydavidson.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://larrydavidson.blogspot.com/\x26vt\x3d53093167121198245', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Monday, January 30, 2006

Security through obscurity

So how do you hide a password in plain sight when it doesn’t need to be particularly secret? For instance, imagine that you are using a hard-copy textbook for which the publisher also provides an online version. And the online version is, of course, password-protected. It’s not particularly a secret, since dozens of students can openly have access to it, but you’re not allowed to post it on your website if there’s any indication of what it’s a password to, since people could then use the online version for free without buying the textbook for the outrageous price that math textbook publishers charge. One thing you could do is say in your blog that the password starts with a number that’s 588 more than the course number and ends with Y4T_2DZV, with a hyphen between the two parts. Oh, you also have to replace the underscore with the letter that follows the block when the course meets. This becomes a good example of security by obscurity, since only those who have a right to know will have any idea what you’re talking about. But anyone who forgets the password will know where to find it.

Labels:


ARCHIVES

This page is powered by Blogger. Isn't yours? Made with Macintosh