问题描述

我最近遇到了一个系统，其中所有数据库连接都由以各种方式隐藏的例程管理，包括 base 64 编码、md5sums 和各种其他技术.

I recently came across a system where all of the DB connections were managed by routines obscured in various ways, including base 64 encoding, md5sums and various other techniques.

为什么通过默默无闻来保证安全是个坏主意?

Why is security through obscurity a bad idea?

推荐答案

默默无闻的安全就是把钱埋在树下.唯一使它安全的事情是没有人知道它在那里.真正的安全是把它放在锁或密码后面，比如放在保险箱里.你可以把保险箱放在街角，因为它的安全在于除了你，没有人可以进去.

Security through obscurity would be burying your money under a tree. The only thing that makes it safe is no one knows it's there. Real security is putting it behind a lock or combination, say in a safe. You can put the safe on the street corner because what makes it secure is that no one can get inside it but you.

正如@ThomasPadron-McCarty 在下面的评论中提到的:

As mentioned by @ThomasPadron-McCarty below in a comment below:

如果有人发现了密码，您只需更改密码即可，这很简单.如果有人找到了位置，您需要挖出钱并将其转移到其他地方，这是更多的工作.如果您在程序中通过隐晦的方式使用安全性，您将不得不重写该程序.

这篇关于为什么通过默默无闻来确保安全是个坏主意?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！