security-by-obscurity

Masking an external URL

I need to be able to open up an external URL in my website with out revealing it to my users (both in the browser and in the source). I do not want them to be able to copy the URL and edit the query string to their liking. Is there a way to open the URL in an iframe, or something of the like, and hide/mask its source? This is an asp.n...

Why is security through obscurity a bad idea?

I recently came across a system where all of the DB connections were managed by routines obscured in various ways, including base 64 encoding, md5sums and various other techniques. Is it just me, or is this overkill? What are the alternatives? ...

The best approach to scramble CSS definitions to a human-unreadable state throughout an ASP.NET application

I'm not sure if it will bring anything beyond saving on traffic through the removal of long-worded names, but I would definitely want to hide my system of namings, declarations and their organization. The thing is that manual Find&Replace is going to take a very long time, and each slight modification could probably require the process ...

Is it possible to have an open source implementation of DRM software?

I am curious to know if anyone has figured out a way to create the server portion of DRM in an open source manner while allowing for DRM clients to be closed. I understand that if the client were open source, it would be easy to remove the DRM checks, but I believe the server doesn't suffer from the same challenge. ...

Security by obscurity: what about URLs?

first of all, the question from a naive point of view: I've got a WebApplication with a URL to a product like Products?id=123. Let's say I've got an administration page reachable from Products?id=123&editable=true. If I consider that no one will ever try to enable the editable parameter, and thus don't need any further security mechani...