Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I agree. I think this comes down to the Mickens Security Threat Model. Your adversaries come in basically two forms: Mossad and Not-Mossad. If your adversary is Mossad, you've already lost; if a governmental actor wants your data badly enough, they'll get it. If your adversary is not-Mossad, they almost certainly don't have access to any secret zero-day exploits; stay up to date on patches and use good passwords and you'll be fine. Port knocking will almost certainly protect you from not-Mossad, assuming your adversary doesn't know that you're using it.

Sure, a small percentage of adversaries are in neither category, and a random hacker dedicated to hitting your specific server may suspect port knocking and could try to circumvent it, but most companies don't have an adversary like that, and even if they do, you've made it harder for them for a small cost.



I love that article, but this comment beautifully illustrates the problem with it, because unless you believe "19 year old with better-than-normal tooling" counts as "Mossad", it has totally screwed up your perception of the threat model.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: