"The reason you use widely published encryption algorithms is because they've been vetted for poor assumptions. They need to be open to be vetted, not to be secure, and we've found that's always been a good tradeoff."
True. Most people (including Schneier, Ferguson, Rivest, etc) agree that the NSA is secure. This is because they have a veritable army of cryptographers at their disposal. Peer review is the most important part of cryptographic development. The key part of this is that there is probably no other entity in the United States that can satisfy these requirements. AT&T certainly does not have an impressive cryptographic department and they shouldn't pretend like they do.
"The reason security through obscurity is usually bad is because it causes people to make poor assumptions - "He'll never guess I encrypted it with rot-15 instead of rot-13," but for a given secure system, adding obscurity will make it harder to break. But it's the poor assumptions that do you in, not an inherent flaw in adding obscurity."
I don't think anyone would argue that the obscurity in the algorithm is the weakness. However, obscurity can never make a secure algorithm more secure. If your algorithm and key space are sufficient to prevent decipherment before the heat death of the universe, the two months it takes to reverse engineer the protocol are as close to zero as makes no difference.
"However, obscurity can never make a secure algorithm more secure."
If you're talking about the security of the algorithm, fine. But you're talking about the security of the system, and the algorithm is seldom the problem. If it takes two months to find the problem with the key management, then your obscurity that added two months just doubled the time to break in.
I still say you should use publicly vetted systems - but the community is in denial over the value (second rate, but still value) of security through obscurity.
Case in point: when Slashdot first released their source code, they didn't escape quotes in passwords, so it was possible to log in as an admin using an appropriately modified SQL statement. Sure, you could have figured what the command needed to be via trial and error before the code was released, but I was lazy. Releasing the code meant that I could now break into something I wouldn't try to break into before. The obscurity protected them from a certain threat model. It was still much better when they fixed the bug, of course.
True. Most people (including Schneier, Ferguson, Rivest, etc) agree that the NSA is secure. This is because they have a veritable army of cryptographers at their disposal. Peer review is the most important part of cryptographic development. The key part of this is that there is probably no other entity in the United States that can satisfy these requirements. AT&T certainly does not have an impressive cryptographic department and they shouldn't pretend like they do.
"The reason security through obscurity is usually bad is because it causes people to make poor assumptions - "He'll never guess I encrypted it with rot-15 instead of rot-13," but for a given secure system, adding obscurity will make it harder to break. But it's the poor assumptions that do you in, not an inherent flaw in adding obscurity."
I don't think anyone would argue that the obscurity in the algorithm is the weakness. However, obscurity can never make a secure algorithm more secure. If your algorithm and key space are sufficient to prevent decipherment before the heat death of the universe, the two months it takes to reverse engineer the protocol are as close to zero as makes no difference.