>I cringe every time someone says "it will never happen" or "it is too hard to exploit".
I think you misunderstand me. I'm not saying "it's too hard to exploit"; I'm saying "this helps me keep a low-profile and makes me a less appealing target". It's primarily a social-engineering hack in the sense that for all but the most targeted attacks, attackers chose easy targets.
By analogy, I'm suggesting you not walk alone in a shady alley at night.
>But will you still detect the problems on your security make-up if you mostly rely on the fact that the vulnerability is not seen?
This is a valid and interesting question, imho. I would reply with the following questions, in trying to determine whether the cost of obfuscation outweighs it's benefits:
1. do you really have the means to continuously audit your attack surface?
2. what is to prevent you from rolling back your obfuscation mechanisms for a periodic audit?
3. can you configure things such that your obfuscation layer only points to external traffic (thus allowing for continuous auditing via some private port)?
4. more to your point: you seem to be implying that you'll never have a configuration error on your system. Isn't it true that obfuscation can potentially guard against the occasional glitch?
There is a definite trade-off involved in obfuscation, but unless you're one of those (admirable!) people who use the best cryptography to privately discuss the best cryptography, I think the judicious use of "camouflage" generally improves security.
I think you misunderstand me. I'm not saying "it's too hard to exploit"; I'm saying "this helps me keep a low-profile and makes me a less appealing target". It's primarily a social-engineering hack in the sense that for all but the most targeted attacks, attackers chose easy targets.
By analogy, I'm suggesting you not walk alone in a shady alley at night.
>But will you still detect the problems on your security make-up if you mostly rely on the fact that the vulnerability is not seen?
This is a valid and interesting question, imho. I would reply with the following questions, in trying to determine whether the cost of obfuscation outweighs it's benefits:
1. do you really have the means to continuously audit your attack surface?
2. what is to prevent you from rolling back your obfuscation mechanisms for a periodic audit?
3. can you configure things such that your obfuscation layer only points to external traffic (thus allowing for continuous auditing via some private port)?
4. more to your point: you seem to be implying that you'll never have a configuration error on your system. Isn't it true that obfuscation can potentially guard against the occasional glitch?
There is a definite trade-off involved in obfuscation, but unless you're one of those (admirable!) people who use the best cryptography to privately discuss the best cryptography, I think the judicious use of "camouflage" generally improves security.