Hacker News new | past | comments | ask | show | jobs | submit login

I agree with your numbered points, but not the conclusion that its always a bad idea.

Its common sense that I can't pick a lock if I cant find the lock.

This says nothing about the quality of the lock or what is behind the lock.




Almost never. I know where the bank is, I know where the door to the bank is, but that should not make it easy to break into the bank. However, a gold storage might want to keep the location hidden, as they should have already implemented all the security procedures of a bank plus extra.

Spending time on security by obscurity should be a job for the small minority of people who already done everything else, and then only if there is a cost-benefit analyze that show cost of the obscurity to be less than the calculated gains.


Order-of-implementation is entirely a project management issue. This does not affect quality of the final design

These types of products are entirely designed up front and analysed before any code is written so the implementation order is irrelevant.


If I make a lock for myself, then it makes sense to keep it hidden. If I'm buying a lock from someone else, I'd like to know where it is, so it makes less sense to keep it hidden, at least from me and my agents.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: