ICANN: The TRUTH about that hacker attack on our DNS zone file database The internet's critical IANA body – which allocate IP addresses and manage global DNS – was not compromised by hackers who broke into domain-name overseer ICANN's systems, the organization has stressed. In a brief update published Friday morning, ICANN noted: "We have confirmed that the attack has not impacted any IANA-related …
"The seeming unwillingness to share even basic information on its operational security raises the question over whether they are in place at all"
You can't possibly serious.
This sounds like those people who say there's aliens at Roswell because the US govt doesn't release all it's data and that proves that Jesus killed Kennedy.
The most basic security measure of them all is to not go around telling people about your security measures in the same way as you don't let a team of bank robbers inspect your vault if you can possibly avoid it.
Obscurity isn't security it's true but it's a start, anything you can do to slow people down.
Take the article as a whole, rather than reading too much into a single sentence :-) Later we note: "any information provided publicly could be used by miscreants to shape an attack."
What we're saying is: more detail of procedures/policy would be welcome. It's tricky. Some will say you should be able to disclose everything about your security implementation to prove you're confident it's built right. Others will say there's no need to just hand over the blueprints to enemies.
It's tricky.
C.
I took the article as a whole - it reads like you're saying that because they're not splashing around info about security measures it's entirely possible they don't really exist; which is a pretty big leap. They've given as much information as I'd be happy for them to give if I was personally involved.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
