Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!elroy.jpl.nasa.gov!ncar!gatech!hubcap!rbrink From: rbrink@hubcap.clemson.edu (Rick Brink) Newsgroups: sci.electronics Subject: Re: Library anti-theft walk-thru device...???? Message-ID: <1991May14.181148.15821@hubcap.clemson.edu> Date: 14 May 91 18:11:48 GMT References: <1991May14.155250.25003@cunixf.cc.columbia.edu> Distribution: usa Organization: Clemson University Lines: 60 From article <1991May14.155250.25003@cunixf.cc.columbia.edu>, by cy5@cunixa.cc.columbia.edu (Conway Yee): > In article rbrink@hubcap.clemson.edu (Rick Brink) writes: >> >>There are 2 distinctly different types of systems. One has active components >>in the books, the other has a passive component in the book. It depends on > shit deleted > Ah, yet another advocate of security by obscurity! This has shown not to > be incredibly effective. You should always assume that "the enemy" has > general knowledge of your security or crypto system. If a system can be > broken, it will be broken. One of the effects of security by obscurity > is to promote complacency. Bug fixes do not get installed (because nobody > knows about the bug), propagation of bug fixes is hindered, and discoveries > of bugs are hindered. Remember, "the enemy" is not hindered by such policies. > Frequently, when a bug is uncovered, word of mouth spreads rather rapidly. > > Conway Yee, N2JWQ > yee@ming.mipg.upenn.edu (preferred) 231 S. Melville St. > cy5@cunixa.cc.columbia.edu (forwarded to above) Philadelphia, Pa 19139 > yee@bnlx26.nsls.bnl.gov (rarely checked) (215) 386-1312 I get so tired of this ying/yang squabling. Which came first, the thief or the stolen property. In the real world, things cost money. Public libraries don't have Billion dollar budgets to spend on security systems. All they are there for is to discourage people from thinking it's ok to steal. In some alternate universe, libraries require NMR's of patron coming in and out. All items have specific atomic stuctures that go critical when removed from the security bubble, ad nasum. We're not talking about the library at Oak Ridge or SRC, we're talking about public libraries and Video stores. Yep, Conway, you are correct in your observation that we have our heads burried in the sand if we think we can keep Electrical Engineers from figuring out our little secret. But was it too much to expect that Electrical Engineers who figure it out, keep their professional mouths shut about it. (Sorry guys/gals I don't mean to malign you or your professions, you're just people who might know how...). Suppose I decided I liked the idea of people swallowing capsules full of cynanide, and wanted more people to be able to create perfect counterfitpackaging to distribute it. Gee, I guess you'd point a finger (if asked) at Bristol Myers and say "gee guys, you should have designed a package that was homicidal maniac proof. I'd suggest one that required Retinal Scanns to open, and had at least 10 megabites of ROM instructions, limiting who is allowed to us it. It all boils down to a long lost concept of "Public Trust." The general public was supposed to trust business, government, etc. to do the right things. Well, they broke the trust. Now, far to many average citizens feel like "they broke it first, so now I get to screw everyone I can, before they get it going again." If you don't think it's important to control your self, or to encourage your neighors to be in control, government will catch up with it and control it for you. The "save us from the bad guns" Brady Bill is a current example. Weather it works to stop gun crimes or not is irrelevant. We are all, by our complacency, molding a new society, where it is OK for some Asshole in charge, to decide just how we will live tomorrow. His opinion will most likely differ from our own. Gee, I think we need to have all news feeds censored, and people who talk about the wrong things on them, will be arested. Or better yet, we'll shot them and ask questions later. This type of nonsense (my own diatribe included) just serves to endanger the freedom of the nets. If we police ourselves, we don't have to worry about someone else doing it for us.