So-called "security by obscurity" is critically important.
I must disagree emphatically with open-source enthusiasts who believe that "security by obscurity is bad" advice applies to everything. In my opinion, it only applies to a small subset of certain types of software - packages that are meant to be used on extremely large scale, such as web servers, encryption algorithms, and the like. Attempts to apply it to other areas are foolish.
Obscurity is the only possible mechanism for keeping a highly popular link-aggregating site's story ranking reflective of what the community of genuine readers wants to see when under attack by "content promoter" types.
Sure, valid opinion, but I sure ain’t staking my security reputation on the quality of this forum, doubly so since it operates on many hidden and user-hostile rules to get to this debatable quality that I can’t audit.
Frankly I just don’t think they give a damn about the value of open source, at least relative to immediate things, and I respect that.
I must disagree emphatically with open-source enthusiasts who believe that "security by obscurity is bad" advice applies to everything. In my opinion, it only applies to a small subset of certain types of software - packages that are meant to be used on extremely large scale, such as web servers, encryption algorithms, and the like. Attempts to apply it to other areas are foolish.
Obscurity is the only possible mechanism for keeping a highly popular link-aggregating site's story ranking reflective of what the community of genuine readers wants to see when under attack by "content promoter" types.