Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

ironically I would double down even harder then;

If something was temporary then it’s likely that it wouldn’t have been found in a meaningful amount of time to be exploited.

As an only line of defence it’s not good, but its also not good to hand-deliver your entire personal information to fraudsters and then claim that the systems should be more robust.



If you have a target on your own back thanks to cert transparency logs, it's a bit like closing the barn door late for you to find fault in your own being in Texas when sharpshooters are about. If your only defense was obscurity, your ass is hanging out, and it's no one's fault but your own when you find fault with others for simply saying so.

https://en.wikipedia.org/wiki/Texas_sharpshooter_fallacy


In my original comment I said (I thought) quite clearly that obscurity as your only defence is a terrible idea.

But painting a target on your back is not exactly justified just because hiding yourself isn’t a good defence in of itself.


Obscurity couldn't be anyone's last/best defense, unless it was their only defense, was my point.

In any case, I think we agree.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: