7 Oct
2004
7 Oct
'04
12:39 a.m.
This is what Tyler Durden <camera_lumina@hotmail.com> said about ""ID Rules Exist, But Can't Be Seen"" on 30 Sep 2004 at 17:06
For instance, is it indeed possible that revealing this rule would pose an additional security risk? If such a rule exists (and it does) then hijackers obviously already know about it. Could this rule also reveal some deeper secrets about how hijackers can be detected? I seriously doubt it.
There's some wonderful Sicilian Reasoning in that: We can't reveal the rule because the Bad Guys would figure out what we're looking for. But the Bad Guys already know what we're looking for, but we'll keep the rule secret anyway because we know they know what we're looking for. The thing is, the Bad Guys know that too...