How to Properly Implement Security by Obscurity

Scripted’s talented community of freelance writers have a variety of expertise and specialties. While many of our customers hire writers to execute their content marketing strategy, our writers deliver high-quality content in many formats. You can find content writers, blog writers, ghostwriters, and SEO writers all with experience in your niche.

The following is a an example of a Computer Security blog post:


In the physical world, secrecy is an asset to security. In the never-sleeping online universe these same methods won't carry over too perfectly. 

Despite the term security by obscurity's pejorative origin, it has a place in computer security. For the uninitiated, the term is a security strategy that emphasizes secrecy over protections. It was put to test in the real world in 2008, when the American Numismatic Society transported a collection of rare coins worth hundreds of millions of dollars by using ordinary moving trucks and movers unaware of the precious cargo. This particular transaction was successful because it didn't raise the suspicion of thieves. Some computer security experts say this concept can be applied to protecting vital data, but, due to fundamental vulnerability, it should never be the sole Publish approach for computer security.

Not Reliable

What can work well in a brief window of the physical world, however, is less safe in the never-sleeping online universe. If the safety of an application relies on its source code remaining unknown, that provides little protection.TechNet Magazine gives an example in which a vulnerable web server that could be attacked through Port 80 simply switches to Port 81. While this would stop some attacks, a knowledgeable intruder would simply run a port scanner until he or she finds a server using a non-standard port and would then have access to the server.

IT Security Should Follows this Historic Principle

Interestingly enough, the principles of 21st century computer security are based on a nineteenth century axiom created by cryptographer Auguste Kerckhoff. He stated that a system's security should lie wholly in its key, and that as long as the key remains unknown the system should remain secure. This principle centers on the expectation that enemies will acquire access to the full architecture of a system, and so safety lies in an explicit cryptographic key rather than in the hope of keeping the system's structure secret. Kerckhoff's principle, which directly contradicts "security through obscurity," still remains a best practice in today's information age. The Open Web Application Security Project gives a good example of Kerckhoff's principle at work: Linux source code is available through countless open doors, and yet when secured with proper keys it makes a robustly impenetrable operating system.

An Extra Layer of Protection

However, as TechNet Magazine points out, obscurity can be a useful tool when added to existing layers of high-quality encryption. For example, many security professionals advocate hiding the administrator account. This simple measure will slow down any hacker trying to log in as an administrator. While further digging can locate the administrator's numerical security identifier, at the very least the intruder has been slowed down. Perhaps the best conclusion is that, as one user commented on Information Security Stack Exchange, "Security ONLY through obscurity is terrible." Referring to the previous example, changing to a non-standard port in addition to using strong SSH password and key protection is probably an excellent idea.   Photo Credit: Mr. Cacahuate via Flickr.  


Betsy S.

Betsy S.

Washington, United States

I’m a professional content writer working exclusively through Scripted, and I have experience researching and writing on a broad range of topics. My employment background includes market consulting, real estate, non-profit organizing, healthcare-related social work and communi...

Jobs Completed 1542 Customer Ratings 250 Job Success 1525/1542 (98%)

Other content marketing examples from Betsy S.

Why Instagram is the Social Media Platform of 2014

Instagram's success shines through above the other social media monoliths of the year by capitali... Read More

4 Most Gorgeous Perennials for Plant Pairing

Gardeners discovered that some plants grow better when grown in close proximity with another plan... Read More

Plus-size Models Positively Influencing Fashion Industry

The fashion world's ideal of feminine beauty is currently in a state of transition, as its main a... Read More

Affordable Green Materials for Building Your Home

Saving energy isn't always the best way to save on your utility bills. Integrating green material... Read More

Make Money From Your Forgotten Wardrobe

Whether you've outgrown your wardrobe or just don't have space for it all, that doesn't mean you ... Read More

6 Tips for Moving to a Cash-Only Lifestyle

Credit cards have become essential in the online world we live in, but data breaches in the news ... Read More

Similar content marketing examples from other writers

Mezzobit: Working in a World of Big Data

Information wants to be free, the saying goes, and sharing online happens automatically many time... Read More

The Zendesk Solutions

Businesses have always been faced with using multiple databases to maintain the customer service.... Read More

Healthcare Mobile Apps: Saving Lives?

Tech experts have noticed an explosion in mobile healthcare apps over the past few years. At firs... Read More

Documentary Sheds Light on Secretive World of Bulletproof Hosting

“Bulletproof” hosting is a unique service that some consider controversial. It is said to be more... Read More

Tips on How to Improve Retention Post App Download

With app downloads at an all-time high, users are settling into their favorites. Learn how to sta... Read More